Raven Sims

Date of Award

Spring 3-2024

Document Type

Dissertation

Degree Name

Doctor of Philosophy in Cyber Operations (PhDCO)

First Advisor

Yong Wang

Second Advisor

Bhaskar Rimal

Third Advisor

Edward M. Dennis

Fourth Advisor

Edward P. Yakabovicz

Abstract

The American people depend significantly on Industrial Control Systems (ICS), which help enable critical infrastructures worldwide. These systems can deliver vital infrastructure services to provide essential capabilities worldwide. These Industrial Control Systems also contain many associated vulnerabilities that go unmitigated due to the complex nature of the systems. To strengthen and improve that cyber posture, a more proactive cyber approach utilizing a Zero Trust Architecture was analyzed as a solution to mitigate the risk. The ICS Purdue Model was interpreted as a potential framework for ICS architecture during the analysis. The ICS Purdue Model was then enhanced with Zero Trust controls as a possible cyber solution to mitigate the associated risks. Many of these systems are complex and have to maintain 24/7/365 operations. Because of the unique nature of these systems, they cannot be upgraded, or patched with modern-day cyber controls. This design science research study will investigate an Enhanced ICS Purdue Model with Zero Trust controls as an alternative approach to mitigate ICS cyber risks, rather than traditional cyber defense enterprise IT approaches.

Download

Share

COinS