Search papers, labs, and topics across Lattice.
This paper explores the challenges in creating a holistic intrusion detection system (IDS) for Industrial Control Systems (ICS) that covers both network and physical process aspects. The authors highlight the difficulty in integrating disparate detection mechanisms, which typically focus on isolated ICS characteristics, into a unified system. By outlining these challenges, the paper aims to stimulate further research into more comprehensive and practical ICS intrusion detection approaches.
Current ICS intrusion detection systems are too fragmented to effectively protect against sophisticated attacks targeting both cyber and physical components.
Past attacks against industrial control systems (ICS) show that adversaries often target both the ICS network and the physical process to achieve potential catastrophic impact. To secure ICS, intrusion detection systems promise timely uncovering of such adversaries. However, as these detection mechanisms typically focus on isolated characteristics of ICS (e.g., packet timings), multiple detection systems have to be deployed in parallel, complicating their operation in practice. In this work, to spur discussion and further research, we present challenges encountered during our research towards a holistic intrusion detection system aiming to cover all dimensions of an ICS.
