Managing Cybersecurity Risks of SCADA Networks of Critical Infrastructures in the IoT Environment

This chapter reviews the cybersecurity risks of critical infrastructures such as supervisory control and data acquisition (SCADA) systems in the IoT environment; and provides security management strategies to beef up the security of SCADA networks. An overview of IoT reference model and related security concerns are reviewed. Vulnerabilities of SCADA systems as well as risk assessment approaches and risk management strategies to help mitigate vulnerabilities and threats are also examined. The chapter concludes that to effectively manage cybersecurity of SCADA systems in an IoT environment, a control framework that defines a comprehensive set of security objectives with policies, standards, and guidelines should be established and enforced. Additionally, it is suggested that existing protocols should be analyzed to understand their vulnerabilities for effective risk control and SCADA networks should be designed to prevent direct access from the Internet.

[1]  Li Li,et al.  The applications of WiFi-based Wireless Sensor Network in Internet of Things and Smart Grid , 2011, 2011 6th IEEE Conference on Industrial Electronics and Applications.

[2]  Rolf E. Carlson Sandia SCADA Program -- High Surety SCADA LDRD Final Report , 2002 .

[3]  Andreas Nettstraeter,et al.  The Internet of Things in Logistics , 2010 .

[4]  Vinay M. Igure,et al.  Security issues in SCADA networks , 2006, Comput. Secur..

[5]  Peter Friess,et al.  Internet of Things Applications - From Research and Innovation to Market Deployment , 2014 .

[6]  Sandia Report,et al.  Sandia SCADA Program High-Security SCADA LDRD Final Report , 2002 .

[7]  Christian Schwaiger,et al.  Achievement of secure Internet access to fieldbus systems , 2002, Microprocess. Microsystems.

[8]  Carsten Maple,et al.  Security and privacy in the internet of things , 2017 .

[9]  Ian F. Akyildiz,et al.  Sensor Networks , 2002, Encyclopedia of GIS.

[10]  Hong Liu,et al.  Cyber-Physical-Social Based Security Architecture for Future Internet of Things , 2012, IOT 2012.

[11]  Stuart A. Boyer Scada: Supervisory Control and Data Acquisition , 1993 .

[12]  Imrich Chlamtac,et al.  Internet of things: Vision, applications and research challenges , 2012, Ad Hoc Networks.

[13]  Mohsen Guizani,et al.  Internet of Things: A Survey on Enabling Technologies, Protocols, and Applications , 2015, IEEE Communications Surveys & Tutorials.

[14]  HyungJun Kim,et al.  Reducing security vulnerabilities for critical infrastructure , 2009 .

[15]  Kyung-Sup Kwak,et al.  The Internet of Things for Health Care: A Comprehensive Survey , 2015, IEEE Access.

[16]  Sugata Sanyal,et al.  Survey of Security and Privacy Issues of Internet of Things , 2015, ArXiv.

[17]  Klaus Wehrle,et al.  Security Challenges in the IP-based Internet of Things , 2011, Wirel. Pers. Commun..

[18]  HyungJun Kim,et al.  Security and Vulnerability of SCADA Systems over IP-Based Wireless Sensor Networks , 2012, Int. J. Distributed Sens. Networks.

[19]  Srijith Krishnan Nair,et al.  Self Managed Security Cell, a Security Model for the Internet of Things and Services , 2009, 2009 First International Conference on Advances in Future Internet.

[20]  Anurag Agarwal,et al.  The Internet of Things—A survey of topics and trends , 2014, Information Systems Frontiers.

[21]  Ki-Hyung Kim,et al.  A unified security framework with three key management schemes for wireless sensor networks , 2008, Comput. Commun..

[22]  Mohamed Cheriet,et al.  Taxonomy of information security risk assessment (ISRA) , 2016, Comput. Secur..

[23]  Michele Zorzi,et al.  Health care applications: a solution based on the internet of things , 2011, ISABEL '11.

[24]  Andrea Zanella,et al.  Internet of Things for Smart Cities , 2014, IEEE Internet of Things Journal.

[25]  David E. Culler,et al.  Transmission of IPv6 Packets over IEEE 802.15.4 Networks , 2007, RFC.

[26]  Mohsen Sharifi,et al.  A Survey on Wireless Sensor Networks Security , 2007 .

[27]  Antonio Iera,et al.  The Internet of Things: A survey , 2010, Comput. Networks.

[28]  Amit Kumar Mishra,et al.  ANALYSIS OF DENIAL OF SERVICE (DOS) ATTACKS IN WIRELESS SENSOR NETWORKS , 2014 .

[29]  Lida Xu,et al.  The internet of things: a survey , 2014, Information Systems Frontiers.

[30]  Florian Michahelles,et al.  Architecting the Internet of Things , 2011 .