SCADA System Cyber Security

Modern industrial systems (e.g. power plants, water plants, chemical installation, etc.) make large use of information and communication technologies (ICT). In the past years, those systems started to use public networks (i.e. the Internet) for system-to-system interconnection, to provide new features and services. The migration from the traditional isolated system approach to an open system approach exposed these infrastructures to cyber-threats. The scope of this chapter is provide the reader with an overview of the cyber threats and vulnerabilities affecting the system control and data acquisition systems (SCADA), i.e. those systems in charge for monitoring and controlling the industrial processes, providing indications on possible mitigation techniques.

[1]  Sujeet Shenoi,et al.  Security Strategies for SCADA Networks , 2007, Critical Infrastructure Protection.

[2]  Igor Nai Fovino,et al.  A Multidimensional Critical State Analysis for Detecting Intrusions in SCADA Systems , 2011, IEEE Transactions on Industrial Informatics.

[3]  Vinay M. Igure,et al.  Security issues in SCADA networks , 2006, Comput. Secur..

[4]  Sujeet Shenoi,et al.  A Taxonomy of Attacks on the DNP3 Protocol , 2009, Critical Infrastructure Protection.

[5]  Igor Nai Fovino,et al.  Scada Malware, a Proof of Concept , 2008, CRITIS.

[6]  Nai Fovino Igor,et al.  A Service Oriented Approach to the Assessment of Infrastructure Security , 2007 .

[7]  Stamatis Karnouskos,et al.  Stuxnet worm impact on industrial cyber-physical system security , 2011, IECON 2011 - 37th Annual Conference of the IEEE Industrial Electronics Society.

[8]  Tai-hoon Kim,et al.  Improving SCADA control systems security with software vulnerability analysis , 2010 .

[9]  Igor Nai Fovino,et al.  Effects of intentional threats to power substation control systems , 2008, Int. J. Crit. Infrastructures.

[10]  Igor Nai Fovino,et al.  State-Based Network Intrusion Detection Systems for SCADA Protocols: A Proof of Concept , 2009, CRITIS.

[11]  Sujeet Shenoi,et al.  Security Analysis of Multilayer SCADA Protocols , 2007, Critical Infrastructure Protection.

[12]  M. Masera,et al.  Security evaluation of IT systems underlying critical networked infrastructures , 2008, 2008 1st International Conference on Information Technology.

[13]  Choong Seon Hong,et al.  A Security Mechanism for Automation Control in PLC-based Networks , 2007, 2007 IEEE International Symposium on Power Line Communications and Its Applications.

[14]  A.A. Creery,et al.  Industrial cybersecurity for a power system and SCADA networks - Be secure , 2007, IEEE Industry Applications Magazine.

[15]  Lin Wang,et al.  Data Object Based Security for DNP3 Over TCP/IP for Increased Utility Commercial Aspects Security , 2007, 2007 IEEE Power Engineering Society General Meeting.