|
|
Impact Of Active Scanning On The Industrial Control Networks
Pospíšil, Ondřej
This article deals with the impact of active scanning on industrial networks. The impacton industrial networks is commented from the perspective of the penetration tester methodology.This topic is important because active scan tools are affordable and easy to use, and their intrusiveimpact on industrial devices can be critical. The article’s main goal was to evaluate the impact on theindustrial network from the penetration tester point of view using the most popular tools for activenetwork scanning. In order to demonstrate and evaluate the results, an industrial testbed based on realindustrial hardware was built for the article. The article also demonstrated how to use the informationobtained by scanning for a Denial of Service attack.
|
|
|
An Appropriate Strategy For Detecting Security Incidents In Industrial Networks
Kuchař, Karel ; Holasová, Eva
This paper is focused on environment of critical infrastructure and inadequate security problem. Industrial network typically works with old devices and a potential update may cause delay in the production and costs a lot of money. That is the reason why additional devices improving security of all system must be introduced. Tools like IDS/IPS (Intrusion Detection System/Intrusion Prevention System) are great for detecting anomalies and defining signatures in the network traffic. For such types of the network it is critical proper handling of security issues and generated alerts.
|
|
|
Content Gap Analysis Of Current Cyber-Security Challenges Of Industrial Control Systems
Pospíšil, Ondřej
This paper deals with the analysis of current research papers dealing with cybersecurity in industrial control systems. The analysis is focused on terminology and deals with possible directions to follow in future research. The article also describes current literature on this issue and recommends some sources to obtain information. The summary provides possible directions to follow in cybersecurity research in ICS.
|
|
|
Cyber security testing in an environment of operational technology
Kuna, Erik ; Pospíšil, Ondřej (referee) ; Paučo, Daniel (advisor)
The topic of this work is security testing in connection with operational technology networks. The theoretical part covers description of operational technology, analysis of the current state of security in such networks and the methodology for penetration testing in this context. A section is devoted to protocols relating to said networks, comprising their characteristics, comparison of the same and related advantages and disadvantages. The theoretical part aids comprehension of the practical section, which details design and implementation of a suitable environment for testing and performing security in ICS/SCADA. Therein, emphasis is placed on security issues that pertain to the ModBus protocol.
|
|
|
Appropriate strategy for security incident detection in industrial networks
Kuchař, Karel ; Blažek, Petr (referee) ; Fujdiak, Radek (advisor)
This diploma thesis is focused on problematics of the industrial networks and offered security by the industrial protocols. The goal of this thesis is to create specific methods for detection of security incidents. This thesis is mainly focused on protocols Modbus/TCP and DNP3. In the theoretical part, the industrial protocols are described, there are defined vectors of attacks and is described security of each protocol. The practical part is focused on the description and simulation of security incidents. Based on the data gathered from the simulations, there are identified threats by the introduced detection methods. These methods are using for detecting the security incident an abnormality in the network traffic by created formulas or machine learning. Designed methods are implemented to IDS (Intrusion Detection System) of the system Zeek. With the designed methods, it is possible to detect selected security incidents in the destination workstation.
|
|
|
Cyber-environment for systems of ICS/SCADA type
Váňa, Martin ; Blažek, Petr (referee) ; Fujdiak, Radek (advisor)
The thesis explores the problematics of cyber environment for the ICS/SCADA systems. First, shorter section is mainly focused on general introduction into the ICS/SCADA systems and their inner workings. Communication model of a general SCADA system and its foundational elements are explained. It is mainly theoretical passage and it serves as an introduction. It is necessary for understanding the second part which is mainly practical. The appropriate system is chosen as a first thing in the practical part of the thesis for the implementation of the whole project. There are defined criteria on which the system itself is implemented. Following that the system itself is implemented under a framework called openMUC and it is tested with help of the simulators according to the objective of the thesis.
|
|
| |
|
| |
|
|
Transatlantic Trade and Investment Partnership (TTIP)
Rott, Michael ; Balaš, Vladimír (advisor) ; Šturma, Pavel (referee)
(English) In the field of international law, the negotiated agreement between the EU and the US - TTIP - is a major source of law. In addition, its intended scope should encompass the provisions on investment protection. However, during the course of the bilateral negotiations, there was a leak of information which revealed that the agreement should include provisions of the dispute settlement mechanism that do not differ in its substantial aspects from those which are and have been incorporated into bilateral investment agreements between States. Therefore, in the process of investment disputes initiated under the TTIP agreement, the major influence would have had the provisions of international conventions which set out the rules for the functioning of the International Investment Tribunals - the Convention of the International Centre for the Settlement of Investment Disputes and the Arbitration Rules of the United Nations Commission on International Trade Law. However, given that both the general public and professional circles have long expressed concerns that question the very legitimacy of the international investment arbitration, this fact have been accepted with great disrespect. This was particularly, because of the previous practice of decision-making in the investment disputes, which...
|
|
|
Design of ICS Infrastructure for Industrial Compan
Sidor, Peter ; Křepelka, Václav (referee) ; Škorpil, Vladislav (advisor)
This thesis deals with the issues of industrial communication, that is necessary to take account before making a final draft of industrial infrastructure and the overall design of a network infrastructure for a particular object. The first part of this thesis describes ICS system, parts of ICS and principle of operation. The thesis also focuses on the current trends in industrial networks, systems communication, security requirements of physical layer and the main differences from commercial infrastructures. The second part of the thesis describes the design of infrastructure for the foundry object. The final draft resolves the location of the switchboards, the specification of the used elements, the security, the cost of the solution and the final solution in practice.
|
guest ::
