A Survey on SCADA Systems: Secure Protocols, Incidents, Threats and Tactics

Supervisory Control and Data Acquisition (SCADA) systems are the underlying monitoring and control components of critical infrastructures, such as power, telecommunication, transportation, pipelines, chemicals and manufacturing plants. Legacy SCADA systems operated on isolated networks, that made them less exposed to Internet threats. However, the increasing connection of SCADA systems to the Internet, as well as corporate networks, introduces severe security issues. Security considerations for SCADA systems are gaining higher attention, as the number of security incidents against these critical infrastructures is increasing. In this survey, we provide an overview of the general SCADA architecture, along with a detailed description of the SCADA communication protocols. Additionally, we discuss certain high-impact security incidents, objectives, and threats. Furthermore, we carry out an extensive review of the security proposals and tactics that aim to secure SCADA systems. We also discuss the state of SCADA system security. Finally, we present the current research trends and future advancements of SCADA security.

[1]  Stefan Savage,et al.  Inside the Slammer Worm , 2003, IEEE Secur. Priv..

[2]  Daogang Peng,et al.  Research on abnormal detection of ModbusTCP/IP protocol based on one-class SVM , 2018, 2018 33rd Youth Academic Annual Conference of Chinese Association of Automation (YAC).

[3]  Tomomi Aoyama,et al.  Dynamic zoning based on situational activitie for ICS security , 2015, 2015 10th Asian Control Conference (ASCC).

[4]  Jagath Samarabandu,et al.  An Intrusion Detection System for IEC61850 Automated Substations , 2010, IEEE Transactions on Power Delivery.

[5]  Panagiotis G. Sarigiannidis,et al.  Towards an anonymous incident communication channel for electric smart grids , 2018, PCI.

[6]  Béla Genge,et al.  Cyber attack detection and mitigation: Software Defined Survivable Industrial Control Systems , 2019, Int. J. Crit. Infrastructure Prot..

[7]  Steffen Pfrang,et al.  Detecting and preventing replay attacks in industrial automation networks operated with profinet IO , 2018, Journal of Computer Virology and Hacking Techniques.

[8]  Sujeet Shenoi,et al.  Attack taxonomies for the Modbus protocols , 2008, Int. J. Crit. Infrastructure Prot..

[9]  Ravishankar K. Iyer,et al.  Runtime Semantic Security Analysis to Detect and Mitigate Control-Related Attacks in Power Grids , 2018, IEEE Transactions on Smart Grid.

[10]  Yennun Huang,et al.  Using Data Mining Methods to Detect Simulated Intrusions on a Modbus Network , 2017, 2017 IEEE 7th International Symposium on Cloud and Service Computing (SC2).

[11]  Hao Yu,et al.  Improved Computation for Levenberg–Marquardt Training , 2010, IEEE Transactions on Neural Networks.

[12]  Ulf Lindqvist,et al.  Using Model-based Intrusion Detection for SCADA Networks , 2006 .

[13]  Dong Wei,et al.  Survivable SCADA Via Intrusion-Tolerant Replication , 2014, IEEE Transactions on Smart Grid.

[14]  Syed Ali Khayam,et al.  Revisiting Traffic Anomaly Detection Using Software Defined Networking , 2011, RAID.

[15]  Boris Otto,et al.  Design Principles for Industrie 4.0 Scenarios , 2016, 2016 49th Hawaii International Conference on System Sciences (HICSS).

[16]  K. McLaughlin,et al.  Multiattribute SCADA-Specific Intrusion Detection System for Power Networks , 2014, IEEE Transactions on Power Delivery.

[17]  G. Manimaran,et al.  Vulnerability Assessment of Cybersecurity for SCADA Systems , 2008, IEEE Transactions on Power Systems.

[18]  Basil S. Maglaris,et al.  Combining OpenFlow and sFlow for an effective and scalable anomaly detection and mitigation mechanism on SDN environments , 2014, Comput. Networks.

[19]  Avishai Wool,et al.  Accurate modeling of Modbus/TCP for intrusion detection in SCADA systems , 2013, Int. J. Crit. Infrastructure Prot..

[20]  Stuart E. Schechter,et al.  Fast Detection of Scanning Worm Infections , 2004, RAID.

[21]  Tao Feng,et al.  Research on trusted DNP3-BAE protocol based on hash chain , 2018, EURASIP Journal on Wireless Communications and Networking.

[22]  Thomas Morris,et al.  A testbed for SCADA control system cybersecurity research and pedagogy , 2011, CSIIRW '11.

[23]  Sujeet Shenoi,et al.  A Taxonomy of Attacks on the DNP3 Protocol , 2009, Critical Infrastructure Protection.

[24]  Chen Shu-yu Research on Linux firewall based on Netfilter/Iptables , 2007 .

[25]  Marko Schuba,et al.  Intrusion Detection of the ICS Protocol EtherCAT , 2017 .

[26]  Xin-She Yang,et al.  Multiobjective cuckoo search for design optimization , 2013, Comput. Oper. Res..

[27]  Dale C. Rowe,et al.  A survey SCADA of and critical infrastructure incidents , 2012, RIIT '12.

[28]  Levente Buttyán,et al.  Duqu: A Stuxnet-like malware found in the wild , 2011 .

[29]  András Varga,et al.  An overview of the OMNeT++ simulation environment , 2008, SimuTools.

[30]  Thomas Lagkas,et al.  Network Protocols, Schemes, and Mechanisms for Internet of Things (IoT): Features, Open Challenges, and Trends , 2018, Wirel. Commun. Mob. Comput..

[31]  Erdal Irmak,et al.  An overview of cyber-attack vectors on SCADA systems , 2018, 2018 6th International Symposium on Digital Forensic and Security (ISDFS).

[32]  Sotirios K. Goudos,et al.  Communication Protocols for the IoT-Based Smart Grid , 2019 .

[33]  Mohamed Amine Ferrag,et al.  Vulnerability Assessment of Cyber Security for SCADA Systems , 2018, Guide to Vulnerability Analysis for Computer Networks and Systems.

[34]  Michail Maniatakos,et al.  Security and Privacy in Cyber-Physical Systems: A Survey of Surveys , 2017, IEEE Design & Test.

[35]  J. Giesbrecht,et al.  RTDS-a fully digital power system simulator operating in real time , 1995, Proceedings 1995 International Conference on Energy Management and Power Delivery EMPD '95.

[36]  Salim Hariri,et al.  A Network Protection Framework for DNP3 over TCP/IP protocol , 2014, 2014 IEEE/ACS 11th International Conference on Computer Systems and Applications (AICCSA).

[37]  Mohammad Marufuzzaman,et al.  A framework for modeling and assessing system resilience using a Bayesian network: A case study of an interdependent electrical infrastructure system , 2019, Int. J. Crit. Infrastructure Prot..

[38]  Salim Hariri,et al.  Design and evaluation of resilient infrastructures systems for smart cities , 2016, 2016 IEEE International Smart Cities Conference (ISC2).

[39]  Yair Amir,et al.  Network-Attack-Resilient Intrusion-Tolerant SCADA for the Power Grid , 2018, 2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN).

[40]  Stanislav Ponomarev,et al.  Industrial Control System Network Intrusion Detection by Telemetry Analysis , 2016, IEEE Transactions on Dependable and Secure Computing.

[41]  David M. Nicol,et al.  RINSE: the real-time immersive network simulation environment for network security exercises , 2005, Workshop on Principles of Advanced and Distributed Simulation (PADS'05).

[42]  Naixue Xiong,et al.  Real Time MODBUS Transmissions and Cryptography Security Designs and Enhancements of Protocol Sensitive Information , 2015, Symmetry.

[43]  Vincent Rijmen,et al.  The Design of Rijndael: AES - The Advanced Encryption Standard , 2002 .

[44]  Edmundo Monteiro,et al.  A Comprehensive Security Analysis of a SCADA Protocol: From OSINT to Mitigation , 2019, IEEE Access.

[45]  Gunjan Tank,et al.  Software-Defined Networking-The New Norm for Networks , 2012 .

[46]  L. Hubert Approximate Evaluation Techniques for the Single-Link and Complete-Link Hierarchical Clustering Procedures , 1974 .

[47]  Dechang Pi,et al.  HML-IDS: A Hybrid-Multilevel Anomaly Prediction Approach for Intrusion Detection in SCADA Systems , 2019, IEEE Access.

[48]  Elias Levy The Making of a Spam Zombie Army: Dissecting the Sobig Worms , 2003, IEEE Secur. Priv..

[49]  Paolo Ferrari,et al.  A Method for Anomalies Detection in Real-Time Ethernet Data Traffic Applied to PROFINET , 2018, IEEE Transactions on Industrial Informatics.

[50]  Lida Xu,et al.  The internet of things: a survey , 2014, Information Systems Frontiers.

[51]  Yeop Chang,et al.  Security Validation for Data Diode with Reverse Channel , 2016, CRITIS.

[52]  Igor Nai Fovino,et al.  Design and Implementation of a Secure Modbus Protocol , 2009, Critical Infrastructure Protection.

[53]  Marwan Bikdash,et al.  Interdependency modeling for survivability of Smart Grid and SCADA network under severe emergencies, vulnerability and WMD attacks , 2013, 2013 Proceedings of IEEE Southeastcon.

[54]  Jelena Mirkovic,et al.  DETERLab and the DETER Project , 2016, The GENI Book.

[55]  Sahibzada Ali Mahmud,et al.  A Novel Secure SDN/LTE Based Architecture for Smart Grid Security , 2015, 2015 IEEE International Conference on Computer and Information Technology; Ubiquitous Computing and Communications; Dependable, Autonomic and Secure Computing; Pervasive Intelligence and Computing.

[56]  Alberto Schaeffer-Filho,et al.  Capitalizing on SDN-based SCADA systems: An anti-eavesdropping case-study , 2015, 2015 IFIP/IEEE International Symposium on Integrated Network Management (IM).

[57]  Neeraj Bhargava,et al.  Decision Tree Analysis on J48 Algorithm for Data Mining , 2013 .

[58]  Li Deng,et al.  Intrusion Detection Method Based on Support Vector Machine Access of Modbus TCP Protocol , 2016, 2016 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData).

[59]  Li Lin,et al.  Intrusion Detection of Industrial Control System Based on Modbus TCP Protocol , 2017, 2017 IEEE 13th International Symposium on Autonomous Decentralized System (ISADS).

[60]  Ralph Langner,et al.  Stuxnet: Dissecting a Cyberwarfare Weapon , 2011, IEEE Security & Privacy.

[61]  Xin Li,et al.  Distributed and collaborative traffic monitoring in software defined networks , 2014, HotSDN.

[62]  Imran A. Zualkernan,et al.  Internet of things (IoT) security: Current status, challenges and prospective measures , 2015, 2015 10th International Conference for Internet Technology and Secured Transactions (ICITST).

[63]  Briam Johnson,et al.  National SCADA Test Bed Substation Automation Evaluation Report , 2009 .

[64]  Dijiang Huang,et al.  SnortFlow: A OpenFlow-Based Intrusion Prevention System in Cloud Environment , 2013, 2013 Second GENI Research and Educational Experiment Workshop.

[65]  Nan Li,et al.  Systemic vulnerability assessment of urban water distribution networks considering failure scenario uncertainty , 2019, Int. J. Crit. Infrastructure Prot..

[66]  Xinghuo Yu,et al.  An unsupervised anomaly-based detection approach for integrity attacks on SCADA systems , 2014, Comput. Secur..

[67]  Taeshik Shon,et al.  Novel Approach for Detecting Network Anomalies for Substation Automation based on IEC 61850 , 2014, Multimedia Tools and Applications.

[68]  Filip De Turck,et al.  Network Function Virtualization: State-of-the-Art and Research Challenges , 2015, IEEE Communications Surveys & Tutorials.

[69]  Mauricio Papa,et al.  Using Bro with a Simulation Model to Detect Cyber-Physical Attacks in a Nuclear Reactor , 2019, 2019 2nd International Conference on Data Intelligence and Security (ICDIS).

[70]  Xinghuo Yu,et al.  Building a SCADA Security Testbed , 2009, 2009 Third International Conference on Network and System Security.

[71]  Miroslaw Wlas,et al.  The Ethernet POWERLINK Protocol for smart grids elements integration , 2011, 2011 IEEE International Symposium on Industrial Electronics.

[72]  Sushilkumar Kalmegh,et al.  Analysis of WEKA Data Mining Algorithm REPTree, Simple Cart and RandomTree for Classification of Indian News , 2015 .

[73]  Lin Wang,et al.  Data Object Based Security for DNP3 Over TCP/IP for Increased Utility Commercial Aspects Security , 2007, 2007 IEEE Power Engineering Society General Meeting.

[74]  Yuewei Dai,et al.  Designing snort rules to detect abnormal DNP3 network data , 2015, 2015 International Conference on Control, Automation and Information Sciences (ICCAIS).

[75]  Mounir Ghogho,et al.  Deep learning approach for Network Intrusion Detection in Software Defined Networking , 2016, 2016 International Conference on Wireless Networks and Mobile Communications (WINCOM).

[76]  Yong Wang,et al.  SRID: State Relation Based Intrusion Detection for False Data Injection Attacks in SCADA , 2014, ESORICS.

[77]  Eric Keller,et al.  Software-defined energy communication networks: From substation automation to future smart grids , 2013, 2013 IEEE International Conference on Smart Grid Communications (SmartGridComm).

[78]  Yoonsoo Kim,et al.  Control systems lab using a LEGO Mindstorms NXT motor system , 2011, 18th Mediterranean Conference on Control and Automation, MED'10.

[79]  Zhuo Lu,et al.  Cyber security in the Smart Grid: Survey and challenges , 2013, Comput. Networks.

[80]  Jelena Mirkovic,et al.  Teaching Cybersecurity with DeterLab , 2012, IEEE Security & Privacy.

[81]  Joe Cunningham,et al.  The industrial internet of things (IIoT): An analysis framework , 2018, Comput. Ind..

[82]  Rafal Leszczyna,et al.  A review of standards with cybersecurity requirements for smart grid , 2018, Comput. Secur..

[83]  Sakir Sezer,et al.  Intrusion detection system for IEC 61850 based smart substations , 2016, 2016 IEEE Power and Energy Society General Meeting (PESGM).

[84]  LevyElias The Making of a Spam Zombie Army , 2003, S&P 2003.

[85]  Igor Nai Fovino,et al.  A Multidimensional Critical State Analysis for Detecting Intrusions in SCADA Systems , 2011, IEEE Transactions on Industrial Informatics.

[86]  Alison J. C. Bell,et al.  The insider threat: Behavioral indicators and factors influencing likelihood of intervention , 2019, Int. J. Crit. Infrastructure Prot..

[87]  Vinay M. Igure,et al.  Security issues in SCADA networks , 2006, Comput. Secur..

[88]  Zhao Yan,et al.  The Study of Security Issues for the Industrial Control Systems Communication Protocols , 2015 .

[89]  Arjen van Ooyen,et al.  Improving the convergence of the back-propagation algorithm , 1992, Neural Networks.

[90]  Zahir Tari,et al.  SCADAVT-A framework for SCADA security testbed based on virtualization technology , 2013, 38th Annual IEEE Conference on Local Computer Networks.

[91]  Rafal Leszczyna,et al.  ENISA Study: Challenges in Securing Industrial Control Systems , 2013 .

[92]  Milos Manic,et al.  Neural Network based Intrusion Detection System for critical infrastructures , 2009, 2009 International Joint Conference on Neural Networks.

[93]  Matthew V. Mahoney,et al.  Network traffic anomaly detection based on packet bytes , 2003, SAC '03.

[94]  Francesco Parisi-Presicce,et al.  DNPSec: Distributed Network Protocol Version 3 (DNP3) Security Framework , 2007 .

[95]  Thomas J. Watson,et al.  An empirical study of the naive Bayes classifier , 2001 .

[96]  Liu Jin-gang Network protocol parser and verification method based on Wireshark , 2011 .

[97]  D. Prince Winston,et al.  An enhanced optimization based algorithm for intrusion detection in SCADA network , 2017, Comput. Secur..

[98]  M. Anusha,et al.  Big Data-Survey , 2016 .

[99]  Donald F. Towsley,et al.  Detecting anomalies in network traffic using maximum entropy estimation , 2005, IMC '05.

[100]  Yair Amir,et al.  Towards a Practical Survivable Intrusion Tolerant Replication System , 2014, 2014 IEEE 33rd International Symposium on Reliable Distributed Systems.

[101]  Salim Hariri,et al.  A testbed for analyzing security of SCADA control systems (TASSCS) , 2011, ISGT 2011.

[102]  Bo Fu,et al.  SCADA communication and security issues , 2014, Secur. Commun. Networks.

[103]  Eric Gossett,et al.  Big Data: A Revolution That Will Transform How We Live, Work, and Think , 2015 .

[104]  Anastasios A. Economides,et al.  Modeling the Internet of Things Under Attack: A G-network Approach , 2017, IEEE Internet of Things Journal.

[105]  Kevin Wong,et al.  Enhancing Suricata intrusion detection system for cyber security in SCADA networks , 2017, 2017 IEEE 30th Canadian Conference on Electrical and Computer Engineering (CCECE).

[106]  N. Radhika,et al.  A big data framework for intrusion detection in smart grids using apache spark , 2017, 2017 International Conference on Advances in Computing, Communications and Informatics (ICACCI).

[107]  M. Bikdash,et al.  Modeling for survivability of Smart Power Grid when subject to severe emergencies and vulnerability , 2012, 2012 Proceedings of IEEE Southeastcon.

[108]  Hartmut König,et al.  Towards the Protection of Industrial Control Systems - Conclusions of a Vulnerability Analysis of Profinet IO , 2013, DIMVA.

[109]  C. Y. Peng,et al.  An Introduction to Logistic Regression Analysis and Reporting , 2002 .

[110]  Srinivas Sampalli,et al.  A Survey of Security in SCADA Networks: Current Issues and Future Challenges , 2019, IEEE Access.

[111]  K. McLaughlin,et al.  Intrusion Detection System for IEC 60870-5-104 based SCADA networks , 2013, 2013 IEEE Power & Energy Society General Meeting.

[112]  Matthew M. Williamson,et al.  Implementing and Testing a Virus Throttle , 2003, USENIX Security Symposium.

[113]  Ahmed Serhrouchni,et al.  Taxonomy of attacks on industrial control protocols , 2015, 2015 International Conference on Protocol Engineering (ICPE) and International Conference on New Technologies of Distributed Systems (NTDS).

[114]  I-En Liao,et al.  An intrusion detection method based on log sequence clustering of honeypot for Modbus TCP protocol , 2018, 2018 IEEE International Conference on Applied System Invention (ICASI).

[115]  Jun Bi,et al.  Source address validation solution with OpenFlow/NOX architecture , 2011, 2011 19th IEEE International Conference on Network Protocols.

[116]  Brian R. Gaines,et al.  Induction of ripple-down rules applied to modeling large databases , 1995, Journal of Intelligent Information Systems.

[117]  Karen A. Scarfone,et al.  Guide to Industrial Control Systems (ICS) Security , 2015 .

[118]  Ming Wan,et al.  Design and Implementation of Industrial Firewall for Modbus/TCP , 2016, J. Comput..

[119]  Nick McKeown,et al.  OpenFlow: enabling innovation in campus networks , 2008, CCRV.

[120]  Ernest Foo,et al.  Securing DNP3 Broadcast Communications in SCADA Systems , 2016, IEEE Transactions on Industrial Informatics.

[121]  Michail Maniatakos,et al.  The Cybersecurity Landscape in Industrial Control Systems , 2016, Proceedings of the IEEE.

[122]  Marina Aguado,et al.  SCADA Systems in the Railway Domain: Enhancing Reliability through Redundant MultipathTCP , 2015, 2015 IEEE 18th International Conference on Intelligent Transportation Systems.

[123]  T.J. Overbye,et al.  SCADA Cyber Security Testbed Development , 2006, 2006 38th North American Power Symposium.

[124]  Klaus Bender,et al.  Profibus: The Fieldbus for Industrial Automation , 1993 .

[125]  William Stafford Noble,et al.  Support vector machine , 2013 .

[126]  Hamid Sharif,et al.  A Survey on Smart Grid Communication Infrastructures: Motivations, Requirements and Challenges , 2013, IEEE Communications Surveys & Tutorials.

[127]  Helge Janicke,et al.  SCADA security in the light of Cyber-Warfare , 2012, Comput. Secur..

[128]  Aditya Ashok,et al.  Cyber-Physical Security Testbeds: Architecture, Application, and Evaluation for Smart Grid , 2013, IEEE Transactions on Smart Grid.

[129]  P. Balasubramanie,et al.  Hadoop Based Parallel Binary Bat Algorithm for Network Intrusion Detection , 2017, International Journal of Parallel Programming.

[130]  Zahir Tari,et al.  A Probabilistic Model to Predict the Survivability of SCADA Systems , 2013, IEEE Transactions on Industrial Informatics.

[131]  Ahmed Patel,et al.  A review of security assessment methodologies in industrial control systems , 2019, Inf. Comput. Secur..

[132]  Paulo Simões,et al.  SDN-Enabled Virtual Data Diode , 2018, CyberICPS/SECPRE@ESORICS.

[133]  Awais Ahmad,et al.  Real time intrusion detection system for ultra-high-speed big data environments , 2016, The Journal of Supercomputing.

[134]  Richard T. Watson,et al.  Analyzing the Past to Prepare for the Future: Writing a Literature Review , 2002, MIS Q..

[135]  Thomas P. von Hoff,et al.  Security for Industrial Communication Systems , 2005, Proceedings of the IEEE.

[136]  Ece Guran Schmidt,et al.  Distributed Real-Time Protocols for Industrial Control Systems: Framework and Examples , 2012, IEEE Transactions on Parallel and Distributed Systems.

[137]  Neeraj Suri,et al.  MPTCP-H: A DDoS attack resilient transport protocol to secure wide area measurement systems , 2019, Int. J. Crit. Infrastructure Prot..

[138]  Rayford B. Vaughn,et al.  Deterministic Intrusion Detection Rules for MODBUS Protocols , 2013, 2013 46th Hawaii International Conference on System Sciences.

[139]  David Mazières,et al.  Kademlia: A Peer-to-Peer Information System Based on the XOR Metric , 2002, IPTPS.

[140]  Mauricio Papa,et al.  A Linux-based firewall for the DNP3 protocol , 2016, 2016 IEEE Symposium on Technologies for Homeland Security (HST).

[141]  Dilip Patel,et al.  Assessing and augmenting SCADA cyber security: A survey of techniques , 2017, Comput. Secur..

[142]  Dirk Timmermann,et al.  HaRTKad: A hard real-time Kademlia approach , 2014, 2014 IEEE 11th Consumer Communications and Networking Conference (CCNC).

[143]  Ernest Foo,et al.  Extending the cyber-attack landscape for SCADA-based critical infrastructure , 2019, Int. J. Crit. Infrastructure Prot..

[144]  Gabor Karsai,et al.  A testbed for secure and robust SCADA systems , 2008, SIGBED.

[145]  Viktor Schiffer Common Industrial Protocol (CIP™) and the Family of CIP Networks , 2014 .

[146]  Rafal Leszczyna A Systematic Approach to Cybersecurity Management , 2019 .

[147]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[148]  Bernhard Walke,et al.  IEEE 802.11 Wireless Local Area Networks , 2006 .

[149]  Jeff Ahrenholz Comparison of CORE network emulation platforms , 2010, 2010 - MILCOM 2010 MILITARY COMMUNICATIONS CONFERENCE.

[150]  Naima Kaabouch,et al.  Cyber security in the Smart Grid: Survey and challenges , 2013, Comput. Networks.

[151]  Martin Hromada,et al.  Complex approach to assessing resilience of critical infrastructure elements , 2019, Int. J. Crit. Infrastructure Prot..

[152]  Seung Ho Hong,et al.  A top-down approach to add hot-pluggable asynchronous devices to RAPIEnet infrastructure , 2009, 2009 9th International Symposium on Communications and Information Technology.

[153]  Avishai Wool,et al.  Control variable classification, modeling and anomaly detection in Modbus/TCP SCADA systems , 2015, Int. J. Crit. Infrastructure Prot..

[154]  Greg M. Kemper,et al.  Maintaining HMI and SCADA Systems Through Computer Virtualization , 2015, IEEE Transactions on Industry Applications.

[155]  Kibet Langat,et al.  Cyber security challenges for IoT-based smart grid networks , 2019, Int. J. Crit. Infrastructure Prot..

[156]  Sujuan Qin,et al.  Snort improvement on Profinet RT for Industrial Control System Intrusion Detection , 2016, 2016 2nd IEEE International Conference on Computer and Communications (ICCC).

[157]  Thomas Morris,et al.  Virtualization of SCADA testbeds for cybersecurity research: A modular approach , 2018, Comput. Secur..