Cyber security risk assessment for SCADA and DCS networks.

The growing dependence of critical infrastructures and industrial automation on interconnected physical and cyber-based control systems has resulted in a growing and previously unforeseen cyber security threat to supervisory control and data acquisition (SCADA) and distributed control systems (DCSs). It is critical that engineers and managers understand these issues and know how to locate the information they need. This paper provides a broad overview of cyber security and risk assessment for SCADA and DCS, introduces the main industry organizations and government groups working in this area, and gives a comprehensive review of the literature to date. Major concepts related to the risk assessment methods are introduced with references cited for more detail. Included are risk assessment methods such as HHM, IIM, and RFRM which have been applied successfully to SCADA systems with many interdependencies and have highlighted the need for quantifiable metrics. Presented in broad terms is probability risk analysis (PRA) which includes methods such as FTA, ETA, and FEMA. The paper concludes with a general discussion of two recent methods (one based on compromise graphs and one on augmented vulnerability trees) that quantitatively determine the probability of an attack, the impact of the attack, and the reduction in risk associated with a particular countermeasure.

[1]  A. Y. Saad Securing supervisory control and data acquisition systems : Plant utilities: A special report , 2002 .

[2]  T. Brown Security in SCADA systems: how to handle the growing menace to process automation , 2005 .

[3]  Yacov Y. Haimes,et al.  System simulation for availability of weapon systems under various missions , 2005 .

[4]  Shamkant B. Navathe,et al.  Managing vulnerabilities of information systems to security incidents , 2003, ICEC '03.

[5]  Jim Alves-Foss,et al.  Risk Analysis and Probabilistic Survivability Assessment ( RAPSA ) : An Assessment Approach for Power Substation Hardening , 2002 .

[6]  E. Cohen Making the Nation Safer: The Role of Science and Technology in Countering Terrorism , 2002 .

[7]  E.J. Byres,et al.  Industrial cybersecurity for power system and SCADA networks , 2005, Record of Conference Papers Industry Applications Society 52nd Annual Petroleum and Chemical Industry Conference.

[8]  Yacov Y. Haimes,et al.  Hierarchical Holographic Modeling , 1981, IEEE Transactions on Systems, Man, and Cybernetics.

[9]  Yacov Y. Haimes,et al.  Journal of Homeland Security and Emergency Management A Roadmap for Quantifying the Efficacy of Risk Management of Information Security and Interdependent , 2011 .

[10]  Timothy Grance,et al.  Guide to Supervisory Control and Data Acquisition (SCADA) and Other Industrial Control System Security , 2006 .

[11]  Jeffrey B. Roberts,et al.  Safeguarding IEDs, Substations, and SCADA Systems Against Electronic Intrusions , 2001 .

[12]  Joseph A. Falco,et al.  The NIST Process Control Security Requirements Forum (PCSRF) and the Future of Industrial Control System Security , 2004 .

[13]  Mark A. Turnquist,et al.  Assessing the performance of interdependent infrastructures and optimizing investments , 2004, 37th Annual Hawaii International Conference on System Sciences, 2004. Proceedings of the.

[14]  Joseph A. Falco,et al.  IT Security for Industrial Control Systems , 2002 .

[15]  Fred Cohen,et al.  Simulating cyber attacks, defences, and consequences , 1999, Comput. Secur..

[16]  Sandip C. Patel,et al.  Security enhancement for SCADA communication protocols using augmented vulnerability trees , 2006, CAINE.

[17]  Bharat B. Madan,et al.  Modeling and quantification of security attributes of software systems , 2002, Proceedings International Conference on Dependable Systems and Networks.

[18]  S. Kaplan,et al.  On The Quantitative Definition of Risk , 1981 .

[19]  Robert J. Ellison,et al.  Attack Trees , 2009, Encyclopedia of Biometrics.

[20]  Yacov Y Haimes,et al.  Risk Filtering, Ranking, and Management Framework Using Hierarchical Holographic Modeling , 2002, Risk analysis : an official publication of the Society for Risk Analysis.

[21]  Makis Stamatelatos,et al.  Fault tree handbook with aerospace applications , 2002 .

[22]  Jin Wang,et al.  Risk assessment of fishing vessels using fuzzy set approach , 2002 .

[23]  Vinay M. Igure,et al.  Security issues in SCADA networks , 2006, Comput. Secur..

[24]  Peter Kertzner,et al.  Process Control System Security Technical Risk Assessment: Analysis of Problem Domain , 2005 .

[25]  Jason Edwin Stamp,et al.  Framework for SCADA Security Policy , 2005 .

[26]  Christopher J. Smith Connection to public communications increases danger of cyber-attacks , 2003 .

[27]  James H. Lambert,et al.  ASSESSING AND MANAGING RISK OF TERRORISM TO VIRGINIA'S INTERDEPENDENT TRANSPORTATION SYSTEMS , 2004 .

[28]  Ann Miller Trends in Process Control Systems Security , 2005, IEEE Secur. Priv..

[29]  Troy Nash,et al.  An Undirected Attack Against Critical Infrastructure , 2005 .

[30]  T. Kropp System threats and vulnerabilities [power system protection] , 2006, IEEE Power and Energy Magazine.

[31]  E. Eugene Schultz,et al.  Dilemmas and boundaries of digital rights management , 2006, Comput. Secur..

[32]  Steven M. Rinaldi,et al.  Modeling and simulating critical infrastructures and their interdependencies , 2004, 37th Annual Hawaii International Conference on System Sciences, 2004. Proceedings of the.

[33]  Eric Byres,et al.  Uncovering cyber flaws , 2006 .

[34]  Trent Nelson Common Control System Vulnerability , 2005 .

[35]  Yacov Y. Haimes,et al.  Application of the inoperability input—output model (IIM) for systemic risk assessment and management of interdependent infrastructures , 2005, Syst. Eng..

[36]  Ketil Stølen,et al.  Model-based risk assessment to improve enterprise security , 2002, Proceedings. Sixth International Enterprise Distributed Object Computing.

[37]  Jan H. P. Eloff,et al.  Risk analysis modelling with the use of fuzzy logic , 1996, Comput. Secur..

[38]  Hiromitsu Kumamoto,et al.  Probabilistic Risk Assessment and Management for Engineers and Scientists , 1996 .

[39]  Carol Woody,et al.  Introduction to the OCTAVE ® Approach , 2003 .

[40]  David Geer Security of critical control systems sparks concern , 2006, Computer.

[41]  E. Byres,et al.  The Myths and Facts behind Cyber Security Risks for Industrial Control Systems , 2004 .

[42]  Hany H. Ammar,et al.  A methodology for architectural-level risk assessment using dynamic metrics , 2000, Proceedings 11th International Symposium on Software Reliability Engineering. ISSRE 2000.

[43]  Yacov Y. Haimes,et al.  Risks of Terrorism to Information Technology and to Critical Interdependent Infrastructures , 2004 .

[44]  Robert J. Kauffman,et al.  Proceedings of the ninth international conference on Electronic commerce , 2003, ICEC 2007.

[45]  E. Byres,et al.  The Use of Attack Trees in Assessing Vulnerabilities in SCADA Systems , 2004 .

[46]  Gregory D. Wyss,et al.  An Object-Oriented Approach to Risk and Reliability Analysis: Methodology and Aviation Safety Applications , 2004, Simul..

[47]  Miles A. McQueen,et al.  Quantitative Cyber Risk Reduction Estimation Methodology for a Small SCADA Control System , 2006, Proceedings of the 39th Annual Hawaii International Conference on System Sciences (HICSS'06).

[48]  Yacov Y. Haimes,et al.  Risk modeling, assessment, and management , 1998 .

[49]  John D. Fernandez,et al.  SCADA systems: vulnerabilities and remediation , 2005 .

[50]  Mark A. Turnquist,et al.  Assessing the performance of interdependent infrastructures and optimising investments , 2005, Int. J. Crit. Infrastructures.

[51]  Joe Weiss,et al.  Control Systems Cyber Security , 2005 .

[52]  S. Vidalis,et al.  Using Vulnerability Trees for Decision Making in Threat Assessment , 2003 .

[53]  Hany H. Ammar,et al.  A Methodology for Architecture-Level Reliability Risk Analysis , 2002, IEEE Trans. Software Eng..

[54]  Andrew P. Moore,et al.  Attack Modeling for Information Security and Survivability , 2001 .

[55]  Eric W.T. Ngai,et al.  Risk analysis in electronic commerce development using fuzzy set , 2001, Proceedings Joint 9th IFSA World Congress and 20th NAFIPS International Conference (Cat. No. 01TH8569).

[56]  Jason Edwin Stamp,et al.  A classification scheme for risk assessment methods. , 2004 .

[57]  David Watts Security & Vulnerability in Electric Power Systems , 2003 .

[58]  R. W. Walker Assessment of technical risks , 2000, Proceedings of the 2000 IEEE International Conference on Management of Innovation and Technology. ICMIT 2000. 'Management in the 21st Century' (Cat. No.00EX457).

[59]  Robert F. Dacey PROTECTION Challenges and Efforts to Secure Control Systems Statement of , 2004 .

[60]  Robert P. Evans A Comparison of Cross-Sector Cyber Security Standards , 2005 .

[61]  Keith A. Stouffer,et al.  System Protection Profile--Industrial Control Systems Version 1.0 , 2004 .

[62]  Eric Byres,et al.  Insidious threat to control systems , 2005 .

[63]  Jeffrey E. Dagle,et al.  Summary of Control System Security Standards Activities in the Energy Sector , 2005 .

[64]  Hyo-Nam Cho,et al.  Risk Assessment Methodology for Underground Construction Projects , 2004 .

[65]  Dale Peterson,et al.  Intrusion detection and cybersecurity , 2004 .