Securing SCADA-based Critical Infrastructures: Challenges and Open Issues

Abstract Conventionally, the security of critical infrastructures was mainly focused on environmental threats. Cyber attacks, nevertheless, have shifted the attention to various other threats and damages. The attackers try to exploit vulnerabilities in networks and Internet of Things (IoT) technologies, since these technologies are the integral part of the critical systems. Therefore, the vulnerability of Critical Infrastructure (CI) against cyber threats has led the need to devise modern security measures. Unavailability or failure of one CI can cause enormous devastation and damage to the society, economy and stability by provoking cascading failures to many other related infrastructures. Traditional security measures attempt to cater well-known emerging threats; however, strong and adaptive security measures/techniques are inevitable to defend against innovative attacks. This paper presents a survey on cyber threats and defense measures to highlight the necessity for securing SCADA-based critical infrastructures and provides an insight into the security challenges and open issues in this regard.

[1]  Farrukh Aslam Khan,et al.  TSDL: A Two-Stage Deep Learning Model for Efficient Network Intrusion Detection , 2019, IEEE Access.

[2]  Thar Baker,et al.  A Mechanism for Securing IoT-enabled Applications at the Fog Layer , 2019, J. Sens. Actuator Networks.

[3]  D. Kushner,et al.  The real story of stuxnet , 2013, IEEE Spectrum.

[4]  David Hutchison,et al.  A survey of cyber security management in industrial control systems , 2015, Int. J. Crit. Infrastructure Prot..

[5]  Cristina Alcaraz,et al.  A Survey of IoT-Enabled Cyberattacks: Assessing Attack Paths to Critical Infrastructures and Services , 2018, IEEE Communications Surveys & Tutorials.

[6]  Muhammad Imran,et al.  Toward an optimal solution against Denial of Service attacks in Software Defined Networks , 2019, Future Gener. Comput. Syst..

[7]  Ricardo A. S. Fernandes,et al.  An Open-Source Framework for Smart Meters: Data Communication and Security Traffic Analysis , 2019, IEEE Transactions on Industrial Electronics.

[8]  Thar Baker,et al.  The Security of Big Data in Fog-Enabled IoT Applications Including Blockchain: A Survey , 2019, Sensors.

[9]  Gianluca Pescaroli,et al.  Critical infrastructure, panarchies and the vulnerability paths of cascading disasters , 2016, Natural Hazards.

[10]  Marshall A. Kuypers,et al.  Cyber Risk Management for Critical Infrastructure: A Risk Analysis Model and Three Case Studies , 2018, Risk analysis : an official publication of the Society for Risk Analysis.

[11]  Luying Zhou,et al.  SCADAWall: A CPI-enabled firewall model for SCADA security , 2019, Comput. Secur..

[12]  Muhammad Imran,et al.  A detection and prevention system against collaborative attacks in Mobile Ad hoc Networks , 2017, Future Gener. Comput. Syst..

[13]  Mohamed Amine Ferrag,et al.  Cyber security of critical infrastructures , 2018, ICT Express.

[14]  Gianluca Pescaroli,et al.  A definition of cascading disasters and cascading effects: Going beyond the “toppling dominos” metaphor , 2015 .

[15]  Farrukh Aslam Khan,et al.  Reducing the effects of DoS attacks in software defined networks using parallel flow installation , 2019, Hum. centric Comput. Inf. Sci..

[16]  Dilip Patel,et al.  Assessing and augmenting SCADA cyber security: A survey of techniques , 2017, Comput. Secur..