Challenges and opportunities in using IPS/IDS systems in ICS/SCADA environments

OData support
Dr. Buttyán Levente
Department of Networked Systems and Services

Cores of critical infrastructures are based on industrial automation and process control systems (ICS/SCADA). Nowadays, these systems have external network connections, in some special or unintentional cases they have internet access, too. Due to the external connections these systems are exposed to attacks from the internet. We can see that the security of ICS/SCADA systems is very important. Unfortunately, the best practice solutions of the regular network security area do not fully fit the ICS requirements. The integration of security solutions into an industrial environment can be very difficult or impossible, especially in legacy systems. In my thesis, I introduce the latest ICS security recommendations (essence of these documents) which are written by international IT security organizations. I describe a right testbed to test IDS/IPS systems in industrial environment. Finally, I describe the test cases, test setups and results. The results contain usability, compatibility and efficiency (latency, number of known protocols) values of IDS/IPS systems in ICS.


Please sign in to download the files of this thesis.