new: [ics] FIRST.ORG CTI SIG - MISP Proposal for ICS/OT Threat Attribution (IOC) Project (WiP)

pull/160/head
Alexandre Dulaunoy 2019-08-26 14:50:09 +02:00
parent 30204266a0
commit b722672554
No known key found for this signature in database
GPG Key ID: 09E2CD4944E6CBCD
2 changed files with 64 additions and 1 deletions

View File

@ -494,11 +494,16 @@
"version": 4, "version": 4,
"name": "phishing", "name": "phishing",
"description": "Taxonomy to classify phishing attacks including techniques, collection mechanisms and analysis status." "description": "Taxonomy to classify phishing attacks including techniques, collection mechanisms and analysis status."
},
{
"description": "FIRST.ORG CTI SIG - MISP Proposal for ICS/OT Threat Attribution (IOC) Project",
"version": 1,
"name": "ics"
} }
], ],
"path": "machinetag.json", "path": "machinetag.json",
"url": "https://raw.githubusercontent.com/MISP/misp-taxonomies/master/", "url": "https://raw.githubusercontent.com/MISP/misp-taxonomies/master/",
"description": "Manifest file of MISP taxonomies available.", "description": "Manifest file of MISP taxonomies available.",
"license": "CC-0", "license": "CC-0",
"version": "20190822" "version": "20190826"
} }

58
ics/machinetag.json Normal file
View File

@ -0,0 +1,58 @@
{
"predicates": [
{
"colour": "#d208f4",
"expanded": "OT Components Category",
"value": "ot-components-category"
}
],
"values": [
{
"predicate": "ot-components-category",
"entry": [
{
"value": "programmable-logic-controller",
"expanded": "Programmable Logic Controller (PLC)",
"description": "1. Computing device with user-programmable memory to storing instructions to operate a physical process.\\n\\n 2.Various PLC types for different processses"
},
{
"value": "remote-terminal-unit",
"expanded": "Remote Terminal Unit (RTU)",
"description": "1. Data aquisitionand control unit designedto support field sites and remote stations.\\n\\n2. Wired and wireless communication capabilities.\\n\\n3. No stored program logic."
},
{
"value": "human-machine-interface",
"expanded": "Human-Machine Interface (HMI)",
"description": "1. Hardware/software that operators used to interact with control system.\\n\\n2. From physical control panels to a complete computer systems"
},
{
"value": "sensors",
"expanded": "Sensors",
"description": "Pressure, Temperature, Flow, Voltage, Optical, Proximity"
},
{
"value": "actuators",
"expanded": "Actuators",
"description": "Variable Frequency Drive, Servo Drive, Valve, Circuit Breaker"
},
{
"value": "communications",
"expanded": "Communications",
"description": "Modems, Routers, Serial - Ethernet Converters, Swtiches"
},
{
"value": "supervisory-level-devices",
"expanded": "Supervisory Level Devices",
"description": "1. Control Server (Supervisory systems that hosts control software to manage lower level control devices like PLC).\\n\\n2. Data Historian (Centralized database for information about process, control activity and status record).\\n\\n3. Engineering workstations (Creating and revising control systems anbd programs, incl. project files)."
}
]
}
],
"refs": [
"https://www.first.org/global/sigs/cti/"
],
"version": 1,
"description": "FIRST.ORG CTI SIG - MISP Proposal for ICS/OT Threat Attribution (IOC) Project",
"expanded": "Industrial Control System (ICS)",
"namespace": "ics"
}