Implementação de ambiente de confiança zero para redes industriais : desafios e soluções em aplicações de sistemas de controle industrial
| Ano de defesa: | 2024 |
|---|---|
| Autor(a) principal: | |
| Orientador(a): | |
| Banca de defesa: | |
| Tipo de documento: | Dissertação |
| Tipo de acesso: | Acesso aberto |
| Idioma: | por |
| Instituição de defesa: |
Universidade Federal da Paraíba
Brasil Informática Programa de Pós-Graduação em Informática UFPB |
| Programa de Pós-Graduação: |
Não Informado pela instituição
|
| Departamento: |
Não Informado pela instituição
|
| País: |
Não Informado pela instituição
|
| Palavras-chave em Português: | |
| Link de acesso: | https://repositorio.ufpb.br/jspui/handle/123456789/32109 |
Resumo: | Integrating Information Technology (IT) and Operational Technology (OT) in Industry 4.0 raises pertinent concerns about cybersecurity. Faced with expanding networks, comprehensive coverage against malicious events becomes necessary. This dissertation analyzes Zero Trust in Industrial Control Systems. Comparative tests were conducted in a simulated environment between environments with and without the implementation of Zero Trust, followed by simulations of classical cyber-attacks. The results enhance understanding of the benefits of Zero Trust architecture in industrial networks susceptible to cyber-attacks. They indicate that while Zero Trust allows for stringent control, it does not entail negative impacts. This conclusion gains support from the implemented structure, where policies were established through open-source tools, and a specific communication medium, using the Modbus TCP/IP protocol, demonstrated identity validation with minimal impact on the network. The studies enabled the simulation of an industrial scenario on a smaller scale using a particular routine deemed critical by the research. This routine is specific, collecting relevant data for future investigations on larger scales and inquiries into research for new access control models. In addition, the experiments indicate that implementing the Zero Trust model may result in a slight increase in response time and, in some instances, spikes in latency. These results highlight the importance of carefully considering implementation, especially in critical real-time infrastructures where delay can be crucial. The tests underscore the need to evaluate other factors when implementing security solutions like Zero Trust in industrial environments. They also emphasize the importance of conducting tests in more complex scenarios with multiple protocols and a significant number of legitimate and illegitimate users for a comprehensive understanding of the impact of Zero Trust implementation on network security and performance. |