Cyber Threat Intelligence for Industrial Control Systems Security

The new industrial revolution, better known as Industry 4.0, aims at comprising multiple technologies, spanning from mobile computing to distributed cloud computing. It has undergone vast development in the past decade, and currently, Industry 4.0 is used as commercially available, interconnected systems within the manufacturing domain. However, the concept of Industry 4.0 is not simple and covers many technologies used in a variety of different areas. Those technologies generate, exchange, and analyze a vast amount of data treated as sensitive, still relying on simplistic access control models without taking into account the fast-growing threat landscape. Furthermore, existing approaches for managing and sharing information about emerging threats, better known as Cyber Threat Intelligence (CTI), are limited in automation procedures, especially while executing countermeasure strategies. Therefore, in this thesis, we propose a novel framework that implements advanced data access and usage control models supported with the enforceable countermeasure strategies specified in collaborative knowledge in existing and emerging threats. The framework provides fine-grained continuous control over data usage according to security policies automatically updated according to CTI produced and shared by stakeholders.