Loughborough University
Leicestershire, UK
LE11 3TU
+44 (0)1509 263171
Loughborough University

Loughborough University Institutional Repository

Please use this identifier to cite or link to this item: https://dspace.lboro.ac.uk/2134/25527

Title: A general real-time control approach of intrusion response for industrial automation systems
Authors: Huang, Shuang
Zhou, Chunjie
Xiong, Naixue
Yang, Shuang-Hua
Qin, Yuanqing
Zhang, Qi
Keywords: Industrial automation
Intrusion response
Security
Protection
Task scheduling
Issue Date: 2016
Publisher: © IEEE
Citation: HUANG, S. ... et al., 2016. A general real-time control approach of intrusion response for industrial automation systems. IEEE Transactions on Systems, Man, and Cybernetics: Systems, 46 (8), pp. 1021 - 1035.
Abstract: Intrusion response is a critical part of security protection. Compared with IT systems, industrial automation systems (IASs) have greater timeliness and availability demands. Real-time security policy enforcement of intrusion response is a challenge facing intrusion response for IASs. Inappropriate enforcement of the security policy can influence normal operation of the control system, and the loss caused by this security policy may even exceed that caused by cyberattacks. However, existing research about intrusion response focuses on security policy decisions and ignores security policy execution. This paper proposes a general, real-time control approach based on table-driven scheduling of intrusion response in IASs to address the problem of security policy execution. Security policy consists of a security service group, with each type of security service supported by a realization task set. Realization tasks from several task sets can be combined to form a response task set. In the proposed approach, first, a response task set is generated by a nondominated sorting genetic algorithm (GA) II with joint consideration of security performance and cost. Then, the system is reconfigured through an integrated scheduling scheme where system tasks and response tasks are mapped and scheduled together based on a GA. Furthermore, results from both numerical simulations and a real-application simulation show that the proposed method can implement the security policy in time with little effect on the system.
Description: © IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
Sponsor: This work was supported by the National Natural Science Foundation of China under Grant 61272204 and Grant 61433006.
Version: Accepted for publication
DOI: 10.1109/TSMC.2015.2469688
URI: https://dspace.lboro.ac.uk/2134/25527
Publisher Link: http://dx.doi.org/10.1109/TSMC.2015.2469688
ISSN: 1083-4427
Appears in Collections:Published Articles (Computer Science)

Files associated with this item:

File Description SizeFormat
tsmc-zhou-2469688-proof.pdfAccepted version5.53 MBAdobe PDFView/Open

 

SFX Query

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.