Vision: Security-Usability Threat Modeling for Industrial Control Systems

Vision: Security-Usability Threat Modeling for Industrial Control Systems

연구 분야: Infrastructure

학회: EuroUSEC '21: Proceedings of the 2021 European Symposium on Usable Security

Industrial Control System (ICS) that run large-scale systems such as water, power and manufacturing are increasingly in focus given high profile attacks against such infrastructures. These systems are connected to IT systems and the Internet, the intersections of their users – typically control systems engineers and operators – with security requirements and systems add to the complexity of the threats faced by these environments. The challenges of usable security in IT systems have been studied extensively, including work on security-usability threat modeling (i.e. lack of usability exacerbating security issues). However, no work has examined similar challenges within ICS settings where, in addition to the regular requirements of information confidentiality, information integrity and information availability, requirements such as processsafety, processintegrity and processreliability are paramount for the users. Using the case of a Programmable Logic Controller (PLC), we detail the workflow that the user undertake for a security task. We analyze this workflow using STRIDE, an established threat modeling approach. We then map the threats against an existing security-usability threat model for IT systems whilst also taking into account the specific process-related requirements critical to ICS users. We then derive an initial security-usability threat model for ICS as a first step towards further work in this regard.