Tesi etd-03132026-125534 |
Link copiato negli appunti
Tipo di tesi
Tesi di laurea magistrale
Autore
GIRALDI, COSIMO
URN
etd-03132026-125534
Titolo
A Tool for Orchestrating Security Analysis of Industrial Control Systems
Dipartimento
INGEGNERIA DELL'INFORMAZIONE
Corso di studi
CYBERSECURITY
Relatori
relatore Prof. Ferrari, Gian Luigi
correlatore Prof. Galletta, Letterio
tutor Dott.ssa Gini, Agnese
correlatore Prof. Galletta, Letterio
tutor Dott.ssa Gini, Agnese
Parole chiave
- EtherCAT
- IoT
- MQTT
- Orchestration
- OT
- RTSP
- Security Assessment
Data inizio appello
15/04/2026
Consultabilità
Non consultabile
Data di rilascio
15/04/2066
Riassunto (Inglese)
Industrial control systems face growing exposure as IT connectivity
reaches operational technology environments. Existing security tools
address parts of this problem: network scanners discover assets,
vulnerability scanners check known signatures, and passive monitoring
platforms provide visibility. However, each tool operates in
isolation, their defaults can disrupt safety-critical equipment, and
connecting individual findings to adversarial objectives remains a
manual effort repeated for every assessment.
This thesis proposes an architecture for threat-model-driven security
assessment of industrial control systems and presents Kraken, a
proof-of-concept implementation in Go. Kraken is an orchestrator:
it coordinates pluggable security checks,
called modules, within a single workflow that enforces safety
constraints appropriate to industrial environments. Modules can wrap
existing tools, load protocol-specific libraries, or implement custom
checks written by the operator. An operator defines a campaign that
specifies which modules to run, against which targets, and under what
safety policies. The framework schedules execution, collects
structured results, and automatically evaluates them against a
threat model provided by the operator, determining which adversarial
objectives are supported by the evidence gathered.
We evaluate the framework across three scenarios, each pairing a
protocol with a distinct evaluation goal. Scenario A uses MQTT to
validate end-to-end orchestration and attack-tree evaluation across
three hardening levels. Scenario B uses EtherCAT to test
architectural extensibility, adding a Layer 2 protocol without modifying
the orchestrator core. Scenario C uses RTSP to compare Kraken's structured
output against standalone tools. The evaluation confirms that the
architecture meets its three design goals:
- it coordinates modules without requiring changes to the orchestrator;
- it enforces safety constraints; and
- it produces traceable, threat-model-linked output that eliminates the
manual interpretation required by individual tools.
reaches operational technology environments. Existing security tools
address parts of this problem: network scanners discover assets,
vulnerability scanners check known signatures, and passive monitoring
platforms provide visibility. However, each tool operates in
isolation, their defaults can disrupt safety-critical equipment, and
connecting individual findings to adversarial objectives remains a
manual effort repeated for every assessment.
This thesis proposes an architecture for threat-model-driven security
assessment of industrial control systems and presents Kraken, a
proof-of-concept implementation in Go. Kraken is an orchestrator:
it coordinates pluggable security checks,
called modules, within a single workflow that enforces safety
constraints appropriate to industrial environments. Modules can wrap
existing tools, load protocol-specific libraries, or implement custom
checks written by the operator. An operator defines a campaign that
specifies which modules to run, against which targets, and under what
safety policies. The framework schedules execution, collects
structured results, and automatically evaluates them against a
threat model provided by the operator, determining which adversarial
objectives are supported by the evidence gathered.
We evaluate the framework across three scenarios, each pairing a
protocol with a distinct evaluation goal. Scenario A uses MQTT to
validate end-to-end orchestration and attack-tree evaluation across
three hardening levels. Scenario B uses EtherCAT to test
architectural extensibility, adding a Layer 2 protocol without modifying
the orchestrator core. Scenario C uses RTSP to compare Kraken's structured
output against standalone tools. The evaluation confirms that the
architecture meets its three design goals:
- it coordinates modules without requiring changes to the orchestrator;
- it enforces safety constraints; and
- it produces traceable, threat-model-linked output that eliminates the
manual interpretation required by individual tools.
Riassunto (Italiano)
File
| Nome file | Dimensione |
|---|---|
La tesi non è consultabile. |
|