Process slicing: a new mitigation tool for cyber-attacks against softwarised industrial environments

With the evolution of softwarised industrial infrastructures, there is an increasing need for more sophisticated cyber security solutions that can protect industrial processes from a rapidly evolving landscape of cyber threats. In this context, we present an agent-based approach that provides process monitoring, predictive process behaviour, and process control to give the organisations appropriate situational awareness in relation to cyber security threats, enabling them to re-actively or pro-actively detect attacks and respond to advanced persistent threats and multi-vector attacks. Our architectural solution is based on four agents: Process Inventory Agent (PIA), Process Monitoring Agent (PMA), Process Forecasting Agent (PFA), and the Process Slicing Control Agent (PSCA), which work together to deliver a novel mitigation tool to secure softwarised industrial environments. The architecture has been designed, prototyped, and validated in order to demonstrate the effectiveness of our solution. Experimental results show that the proposed solution can successfully mitigate different attacks in the concerned context.