EPSRC Reference: |
EP/L021013/1 |
Title: |
RITICS: Trustworthy Industrial Control Systems |
Principal Investigator: |
Hankin, Professor C |
Other Investigators: |
|
Researcher Co-Investigators: |
|
Project Partners: |
|
Department: |
Institute for Security Science and Tech |
Organisation: |
Imperial College London |
Scheme: |
Standard Research - NR1 |
Starts: |
07 January 2014 |
Ends: |
31 December 2017 |
Value (£): |
756,016
|
EPSRC Research Topic Classifications: |
Complexity Science |
Control Engineering |
Networks & Distributed Systems |
|
|
EPSRC Industrial Sector Classifications: |
Manufacturing |
Communications |
Energy |
Information Technologies |
Transport Systems and Vehicles |
Water |
|
Related Grants: |
|
Panel History: |
Panel Date | Panel Name | Outcome |
05 Nov 2013
|
Research Institute in TICS Phase 1
|
Announced
|
|
Summary on Grant Application Form |
Industrial control systems (ICSs) can take on a range of configurations, involving diverse mixtures of hardware, software, human inputs, network topologies and communication protocols. Generally, an ICS instance may be described as a set of supervisory devices -- including a single device in some cases -- which, through the acquisition of data and the ability to issue instructions, controls the actions and reactions of field devices responsible for the execution of an industrial process or processes. In large utility scale industrial processes, ICSs are manifest as Supervisory Control and Data Acquisition (SCADA) systems; characterised by geographically dispersed control targets requiring centralised management over disparate communication networks, often using diverse protocols and modalities, with varying reliability and latency. At more local scales, such as may be found in manufacturing plants, access to high reliability networks enables ICS specification to be freed of SCADA type constraints, giving rise to ICS manifestations referred to as Distributed Control Systems (DCSs). Examined on even smaller scales, specialised computers known as Programmable Logic Controllers (PLCs) provide control of small numbers of devices and in some cases may represent the entire ICS for a small organisation -- where the scale of a DCS may well be inappropriate. It follows that SCADA systems are often comprised of numerous DCS and PLC subsystems and components.
Typically, data input in ICSs is provided by a series of sensors and semi-automated input procedures and control output is issued to field devices such as actuators, switches and other components. Often, general definitions of ICSs stop here, neglecting to include the complex human behavioural and wider organisational policy aspects that are integral to the real-world use and integrity of such systems. Therefore, whenever referring to ICS of any form, this bid will implicitly include such factors, as to neglect doing so would significantly limit the mission of developing trustworthy ICSs, from the outset.
Some of the key trends in the development and implementation of ICS of relevance to this bid may be summarised as: the evolution of organisations towards adopting IT solutions to support ICS functions, despite the lack of organisational cultures/structures where the utility and security of both are planned and managed in joint technical committees; increased availability and uptake of ICS solutions in industry of varying scales due to factors such as the drive towards the use of COTS protocols/code modules/middleware for ICS design and delivery (eg: http://openscada.org/); increased interconnectivity of organisations' cyber infrastructures motivated by economic and efficiency drivers; the move toward decentralised control, exploiting edge computing advances; and the loss of expertise in legacy ICS components (configurations, dependencies and failure modes).
From both the perspectives of attack success probability and consequence, any one of the above suggest an increase of threat risk to ICSs that would be worth considering. Viewed in combination, however, the argument for increased risk becomes far more explicit and the complexity of the vulnerabilities that need to be addressed begins to become apparent. ICSs are integral to utility, manufacturing and processing industries of all scales and, as a result, the socio-economic impact of their compromise or failure has the potential to be very significant.
This research project will address Challenge 3 of the call document: ``What could be novel, effective and efficient interventions?''. In particular, we expect to produce models and tools in support of effective interventions.
|
Key Findings |
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
|
Potential use in non-academic contexts |
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
|
Impacts |
Description |
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk |
Summary |
|
Date Materialised |
|
|
Sectors submitted by the Researcher |
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
|
Project URL: |
|
Further Information: |
|
Organisation Website: |
http://www.imperial.ac.uk |