Passive Analysis of Process Control Networks
In recent years there has been an increased push to secure critical ICS infrastructures by introducing information security management systems. One of the first steps in the ISMS lifecycle is to identify which assets are present in the infrastructure and to determine which ones are critical for operations. This is a challenge because, for various reasons, the documentation of the current state of ICS networks is often not up-to-date. Classic inventorying techniques such as active network scanning cannot be used to remedy this because ICS devices tend to be sensitive to unexpected network traffic. Active scanning of these systems can lead to physical damage and even injury. This paper introduces a passive network analysis approach to starting, verifying and/or supplementing an ICS asset inventory. Additionally, this type of analysis can also provide some insight into the ICS network's current security posture.
38450 (PDF, 4.75MB)
1 Jun 2018Related Content
Cyber Guardian Exercise: A Case Study in Brazil to Address Challenges in Cybersecurity and Protect Critical Infrastructure
Research PaperDiscussions of cybersecurity, in particular those associated with critical infrastructure (CI),...
- 22 Feb 2022
Manage Open-Source Components via Secure Product Development Lifecycle in Industrial Control System
Research PaperNowadays, open-source components are becoming the essential components in industrial control systems...
- 14 Feb 2022
ICS within the NIS Directive should be ATT&CK®ed
Research PaperIn August 2016, the European Parliament and the Council of the European Union implemented the first...
- 25 Aug 2021
ICS OT Systems Security Engineering Is Not Dead
Research PaperICS OT Systems Security Engineering Is Not Dead
- 23 Mar 2020
ICS Layered Threat Modeling
Research PaperThe ultimate goal of building cybersecurity architecture is to protect systems from potential...
- 22 Jan 2019
Incentivizing Cyber Security: A Case for Cyber Insurance
Research PaperIn the wake of recent events-Ukraine, Shamoon v2, WannaCry--providing cyber security continues to be...
- 27 Jun 2017
The Industrial Control System Cyber Kill Chain
Research PaperRead this paper to gain an understanding of an adversary's campaign against ICS. The first two parts...
- 5 Oct 2015
Tactical Data Diodes in Industrial Automation and Control Systems
Research PaperIn recent years, there has been an increased interest in the use of Data Diodes (also known as...
- 30 Jun 2015
The Perfect ICS Storm
Research PaperAs manufacturing Industrial Control System (ICS) architectural designs have evolved from isolated...
- 8 Jun 2015
An Abbreviated History of Automation and Industrial Controls System and Cybersecurity
Research PaperAn Abbreviated History of Automation and Industrial Controls System and Cybersecurity
- 23 Jan 2015
Automated Defense - Using Threat Intelligence to Augment
Research PaperAutomation and industrial controls systems - often referred to as ICS - have an interesting and...
- 19 Jan 2015
Rate my nuke: Bringing the nuclear power plant control room to iPad
Research PaperShibboleth is a free, open-source web single sign-on solution (SSO) for complex federated...
- 14 Nov 2014
Protect Critical Infrastructure Systems With Whitelisting
Research PaperSecurity professionals in federal, state and local agencies face many unique challenges in...
- 5 Aug 2014
Case Study in Developing Fault Tolerant and Highly Available Systems with Secure Zones of Protection
Research PaperProcess Control is the part of a company that controls the critical processes that company...
- 8 Aug 2003