Culminating Project Title
Date of Award
Culminating Project Type
Information Assurance: M.S.
Information Assurance and Information Systems
Herberger School of Business
Dr. Changsoon Sohn
Professor Erich Rice
Dr. Balasubramanian Kasi
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 4.0 License.
Keywords and Subject Headings
Industrial Control Systems, Vulnerabilities, SCADA, PLC, Taxonomy, Critical Infrastructure
Most critical infrastructure depends on industrial control and automation systems to manage their processes. However, industrial control and automation systems were found to have many vulnerabilities owing to their design. They were initially designed to operate as air-gapped systems. However, with the evolution and the expansion of the industry, they are increasingly being targeted by attackers. Thus, preventative methods must be implemented to minimize/ prevent ICSs from being compromised by patching the vulnerabilities and addressing possible attack vectors. In order to prepare to defend against forthcoming attacks on critical infrastructure, it is vital to understand how past attacks have been carried out. This study analyzed and cataloged cases of attacks against ICSs to form a taxonomy that can be used as a tool to analyze the nature of ICS attacks. The taxonomy developed by this study can aide interested parties to determine potential attack vectors an attacker may choose, based on the attributes discussed in the study. Moreover, this paper also serves as a resource for the interested parties to understand ICSs.
Lankatilake, Kahawalage Kanchana Tikirikumari, "A Taxonomy-based Analysis of Attacks on Industrial Control Systems" (2019). Culminating Projects in Information Assurance. 103.