Conceptualising a Risk Model for Networked Systems

Type of Thesis: Master Thesis (Bachelor thesis with reduced scope)

 

Technical Background:

The presence of Networked systems these days is no longer limited to industries and commercial buildings. These systems, just like the devices used in it are becoming ubiquitous. Many networked systems like Fieldbus systems enable a variety of networked applications. But with increasing number of such domesticated networked systems, the risk of these systems getting attacked for data and/or control access also increases.

We are taking a deeper look at fieldbus systems to try and understand the causality of these attacks, and the presence of any kind of tell-tale signs for these attacks, so that we can focus more on those features of the system that might help us in strengthening our system security. In order to reinforce system security, we have to try to find security gaps in our system, and in order to do that we have to take a look at past attack events to develop an understanding of what could potentially be a security gap (or a vulnerability).

 

Thesis Topic:

The fieldbus systems are currently described by a general data model. The data model is made of different topologies that describes different aspects of a system. The motivation for this thesis is to gauge the criticality of different features, or combination of features from our data model, in terms of security of the system. In order to do this, we need to take a closer look at past attacks, observe and study those attacks and strongly focus upon the features that could help us anticipate those types of attack. Depending on how important certain features are in anticipating attacks, we can redesign/restructure our data model.

Possible Steps:

  • Understanding what fieldbus systems are, how they work and how are they modelled.
  • Taking a look at the security considerations for fieldbus systems.
  • Upon understanding the basics, the candidate can further take a deeper look at the past attacks on fieldbus systems and try to find the system configuration/s that lead to those attacks.
  • It is important to express these vulnerable configurations in terms of features and then to alleviate its criticality in our data model.

Literature and Resources:

  1. H. Eren,Fieldbus Systems, 03 2005, pp. 1147–1153    https://doi.org/10.1002/0471497398.mm933
  2. Urbina, David & Giraldo, Jairo & Tippenhauer, Nils Ole & Cardenas, Alvaro. (2016). Attacking Fieldbus Communications in ICS: Applications to the SWaT Testbed. 10.3233/978-1-61499-617-0-75.
  3. Joseph M. Weiss. (02.2020). “Control System cyber security is different than IT and requires an understanding of issues unique to control sytems.” https://www.controlglobal.com/blogs/unfettered/an-open-letter-to-cyber-security-policy-makers-control-system-cyber-security-is-different-than-it-and-requires-an-understanding-of-issues-unique-to-control-systems/

 

Supervisor:  Darshit Pandya (darshit.pandya@uni-rostock.de)

Requirements:  No special requirements