Threat-based Security Controls to Protect Industrial Control Systems
Haritha Srinivasan, Maryam Karimi
TL;DR
This paper analyzes threats to Industrial Control Systems, maps common attack techniques using the MITRE ATT&CK framework, and discusses security controls and future research directions for ICS protection.
Contribution
It provides a comprehensive mapping of ICS threat tactics to security controls using the MITRE ATT&CK framework, aiding in defense strategy development.
Findings
Identification of common TTPs used by threat actors
Mapping of TTPs to security controls using MITRE ATT&CK
Recommendations for ICS security improvements
Abstract
This paper analyzes the reported threats to Industrial Control Systems (ICS)/Operational Technology (OT) and identifies common tactics, techniques, and procedures (TTP) used by threat actors. The paper then uses the MITRE ATT&CK framework to map the common TTPs and provide an understanding of the security controls needed to defend against the reported ICS threats. The paper also includes a review of ICS testbeds and ideas for future research using the identified controls.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsSmart Grid Security and Resilience · Advanced Malware Detection Techniques · Physical Unclonable Functions (PUFs) and Hardware Security