A secure industrial control system is disclosed herein. The industrial control system includes a plurality of industrial elements (e.g., modules, cables) which are provisioned during manufacture with their own unique security credentials. A key management entity of the secure industrial control system monitors and manages the security credentials of the industrial elements starting from the time they are manufactured up to and during their implementation within the industrial control system for promoting security of the industrial control system. An authentication process, based upon the security credentials, for authenticating the industrial elements being implemented in the industrial control system is performed for promoting security of the industrial control system. In one or more implementations, all industrial elements of the secure industrial control system are provisioned with the security credentials for providing security at multiple (e.g., all) levels of the system.

Various embodiments of the teachings herein include an industrial network behavior analysis method. The method may include: defining a first time window for a target industrial control system, for the target industrial control system to perform a control behavior; respectively determining an execution probability deviation for each control instruction within the first time window and using the execution probability to characterize the ratio of the number of times the corresponding control instruction is executed within a time period to the total number of times the control instruction within the time period; defining a second time window according to the control instruction characterizing a time period when the system performs the corresponding control behavior, and the control behavior is the same as that performed in the first time window. The method may include performing for each second time window: for each control instruction, calculating an execution probability; for each control instruction, determining whether the execution probability meets a target deviation, wherein the target execution probability deviation is the execution probability deviation of the control instruction in the first time window corresponding to the same in the second; determining that the control instruction is legal if the execution probability meets the target deviation; and determining that the instruction is suspicious if the execution probability of the control instruction does not.

A secure industrial control system is disclosed herein. The industrial control system includes a plurality of industrial elements (e.g., modules, cables) which are provisioned during manufacture with their own unique security credentials. A key management entity of the secure industrial control system monitors and manages the security credentials of the industrial elements starting from the time they are manufactured up to and during their implementation within the industrial control system for promoting security of the industrial control system. An authentication process, based upon the security credentials, for authenticating the industrial elements being implemented in the industrial control system is performed for promoting security of the industrial control system. In one or more implementations, all industrial elements of the secure industrial control system are provisioned with the security credentials for providing security at multiple (e.g., all) levels of the system.

A secure industrial control system is disclosed herein. The industrial control system includes a plurality of industrial elements (e.g., modules, cables) which are provisioned during manufacture with their own unique security credentials. A key management entity of the secure industrial control system monitors and manages the security credentials of the industrial elements starting from the time they are manufactured up to and during their implementation within the industrial control system for promoting security of the industrial control system. An authentication process, based upon the security credentials, for authenticating the industrial elements being implemented in the industrial control system is performed for promoting security of the industrial control system. In one or more implementations, all industrial elements of the secure industrial control system are provisioned with the security credentials for providing security at multiple (e.g., levels of the system.

Operator actions and/or other commands or requests are secured via an authentication path from an action originator to a communications/control module or any other industrial element/controller. In implementations, an industrial control system includes an action authenticator configured to sign an action request generated by the action originator. The destination communications/control module or any other industrial element/controller is configured to receive the signed action request, verify the authenticity of the signed action request, and perform a requested action when the authenticity of the signed action request is verified.

A zero trust industrial control system is disclosed herein. The industrial control system includes a plurality of industrial elements (e.g., modules, cables) which are provisioned during manufacture with their own unique security credentials. A key management entity of the zero trust industrial control system monitors and manages the security credentials of the industrial elements starting from the time they are manufactured up to and during their implementation within the industrial control system for promoting security of the industrial control system. An authentication process, based upon the security credentials, for authenticating the industrial elements being implemented in the industrial control system is performed for promoting security of the industrial control system. In one or more implementations, all industrial elements of the zero trust industrial control system are provisioned with the security credentials for providing security at multiple (e.g., all) levels of the system.

A system (100) for security assessment of a plurality of IoT devices (210, 220, 230, 240) includes a programmed processing unit (110) adapted to carry out a vulnerability and/or “penetration test” method; according to this method, at least wireless communication medium and at least one communication protocol are determined to be used for the assessment, then at least one scan tool is selected based on the communication medium and communication protocol, then the scan tool is executed on the IoT devices (210, 220, 230, 240), and then data from the scan tool are collected, the data being obtained from reaction of the IoT devices to the scan tool; the computerized system performs a scan of a predetermined frequency bandwidth in order to identify the IoT devices to be assessed and the communication protocol to be used for the assessment.

A system (100) for security assessment of a plurality of IoT devices (210, 220, 230, 240) includes a programmed processing unit (110) adapted to carry out a vulnerability and/or “penetration test” method; according to this method, at least wireless communication medium and at least one communication protocol are determined to be used for the assessment, then at least one scan tool is selected based on the communication medium and communication protocol, then the scan tool is executed on the IoT devices (210, 220, 230, 240), and then data from the scan tool are collected, the data being obtained from reaction of the IoT devices to the scan tool; the computerized system performs a scan of a predetermined frequency bandwidth in order to identify the IoT devices to be assessed and the communication protocol to be used for the assessment.

A set of redundant industrial control system communications/control modules includes at least a first communications/control module and a second communications/control module. The first and second communications/control modules are configured to perform an authentication sequence including: transmitting a request datagram from the first communications/control module to the second communications/control module, the request datagram including a first nonce, a first device authentication key certificate, and a first identity attribute certificate; transmitting a response datagram from the second communications/control module to the first communications/control module, the response datagram including a second nonce, a first signature associated with the first and second nonces, a second device authentication key certificate, and a second identity attribute certificate; and transmitting an authentication datagram from the first communications/control module to the second communications/control module when the response datagram is valid, the authentication datagram including a second signature associated with the first and second nonces.

A secure industrial control system is disclosed herein. The industrial control system includes a plurality of industrial elements (e.g., modules, cables) which are provisioned during manufacture with their own unique security credentials. A key management entity of the secure industrial control system monitors and manages the security credentials of the industrial elements starting from the time they are manufactured up to and during their implementation within the industrial control system for promoting security of the industrial control system. An authentication process, based upon the security credentials, for authenticating the industrial elements being implemented in the industrial control system is performed for promoting security of the industrial control system. In one or more implementations, all industrial elements of the secure industrial control system are provisioned with the security credentials for providing security at multiple (e.g., levels of the system.