ABSTRACT
Development of digital and network technology has led to a big change in the industry, especially in ICS (Industrial Control System) and SCADA (Supervisory Control And Data Acquisition) system. The components of analogue in facilities are changed into digital components and new facilities of ICS and SCADA systems are composed of various digital instrumentation and control systems. Because of these changes, the security of ICS and SCADA system became an important factor in the industry. Nevertheless, there are few researches on cyber-attack taxonomy for ICS and SCADA systems. Even though some papers and researches suggested a cyber-attack taxonomy, it was not enough or comprehensive for industrial oriented ICS and SCADA systems. Therefore, in this paper, the classification scheme is proposed to classify the cyber-attack taxonomy of PLC (Programmable Logic Controller), DCS (Distributed Control System), and network equipment, which are core components of ICS and SCADA systems. In this paper, cyber-attack is subdivided into foot printing/scanning, password cracking, spoofing, sniffing, hijacking, MITM (Man In The Middle), virus, DoS (Denial of Service), backdoor installation, and hiding files. These ten cyber-attack categories are related with cyber-attack scenario, which is composed of prior preparation, gaining access, maintaining access, and clearing tracks. The grouped categories mentioned above were subdivided according to the characteristics and principles of cyberattack. The subdivided cyber-attack access path is classified into physical/network, internal/external, and accidental/intentional access. After that, the detailed method of access is investigated. The consequences that can be caused by cyber-attacks are defined as disclosure, modification, destruction, and interruption. Finally, the prevention and mitigation of cyber-attack suggested the specific ways to reduce or escape the damage of cyber-attack consequence.
