Protection of SCADA Communication Channels

The modern day e-society inherently depends on Critical Infrastructures (CI) such as power grid, communication, transportation etc. For such CIs to operate efficiently, Supervisory Control and Data Acquisition (SCADA) systems direct their control and monitoring functionality. However, the technological shift is towards commercial-off-the-shelf SCADA systems that are also increasingly interconnected with each other primarily over dedicated network but slowly tending to even Internet level connectivity. This introduces new communication-level threats and vulnerabilities to SCADA systems. Therefore, the disputed concept "security through obscurity" is no longer applicable, and previously unnoticed or ignored security issues might now be exposed. To handle such security challenges, techniques from conventional networked systems are also being adopted to the SCADA domain. This chapter discusses both adopted and newly developed techniques to secure communication in monolithic as well as highly interconnected systems.

[1]  Stefano Avallone,et al.  Using MPLS in a Wireless Mesh Network to Improve the Resiliency of SCADA Systems , 2010, MOBILIGHT.

[2]  Peter Druschel,et al.  Peer-to-peer systems , 2010, Commun. ACM.

[3]  Neeraj Suri,et al.  Increasing the Resilience of Critical SCADA Systems Using Peer-to-Peer Overlays , 2010, ISARCS.

[4]  I.H. Lim,et al.  Applying security algorithms against cyber attacks in the distribution automation system , 2008, 2008 IEEE/PES Transmission and Distribution Conference and Exposition.

[5]  Carl H. Hauser,et al.  Security, trust, and QoS in next-generation control and communication for large power systems , 2008, Int. J. Crit. Infrastructures.

[6]  James P. Peerenboom,et al.  Identifying, understanding, and analyzing critical infrastructure interdependencies , 2001 .

[7]  Yue Wu,et al.  Security in Wireless Mesh Networks: Challenges and Solutions , 2009, 2009 Sixth International Conference on Information Technology: New Generations.

[8]  DongGook Park,et al.  A Forward & Backward Secure Key Management in Wireless Sensor Networks for PCS/SCADA , 2009, J. Inform. and Commun. Convergence Engineering.

[9]  Jeffrey M. Bradshaw,et al.  NOMADS: toward a strong and safe mobile agent system , 2000, AGENTS '00.

[10]  Jaideep Srivastava,et al.  Intrusion Detection: A Survey , 2005 .

[11]  Moti Yung,et al.  Expander Graph based Key Distribution Mechanisms in Wireless Sensor Networks , 2006, 2006 IEEE International Conference on Communications.

[12]  Holger Giese Architecting Critical Systems, First International Symposium, ISARCS 2010, Prague, Czech Republic, June 23-25, 2010, Proceedings , 2010, ISARCS.

[13]  J.A. Rodriguez,et al.  IDOLO: multimedia data deployment on SCADA systems , 2004, IEEE PES Power Systems Conference and Exposition, 2004..

[14]  Hervé Paulino,et al.  Sensor Systems and Software , 2012, Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering.

[15]  Neeraj Suri,et al.  Increasing security and protection of SCADA systems through infrastructure resilience , 2009, Int. J. Syst. Syst. Eng..

[16]  Christine Julien,et al.  A secure modular mobile agent system , 2006, SELMAS '06.

[17]  Michal Choras,et al.  Fusion of Bayesian and Ontology Approach Applied to Decision Support System for Critical Infrastructures Protection , 2010, MOBILIGHT.

[18]  Neeraj Suri,et al.  Towards Benchmarking of P2P Technologies from a SCADA Systems Protection Perspective , 2010, MOBILIGHT.

[19]  Seungjoo Kim,et al.  An Efficient Key Management Scheme for Secure SCADA Communication , 2008 .

[20]  Steven Furnell,et al.  A new taxonomy for comparing intrusion detection systems , 2007, Internet Res..

[21]  Andrew K. Wright,et al.  Low-Latency Cryptographic Protection for SCADA Communications , 2004, ACNS.

[22]  Yongge Wang,et al.  sSCADA: securing SCADA infrastructure communications , 2011, Int. J. Commun. Networks Distributed Syst..

[23]  S.J. Lee,et al.  Distributed Restoration system applying Multi-Agent in distribution automation system , 2008, 2008 IEEE Power and Energy Society General Meeting - Conversion and Delivery of Electrical Energy in the 21st Century.

[24]  Sandip C. Patel,et al.  Improving the cyber security of SCADA communication networks , 2009, CACM.

[25]  Sandip C. Patel,et al.  Security Enhancements for Distributed Control Systems , 2007, Critical Infrastructure Protection.

[26]  Jill Slay,et al.  Lessons Learned from the Maroochy Water Breach , 2007, Critical Infrastructure Protection.

[27]  David Mazières,et al.  Kademlia: A Peer-to-Peer Information System Based on the XOR Metric , 2002, IPTPS.

[28]  Peter Mell,et al.  Intrusion Detection Systems , 2001 .

[29]  Peter Mell,et al.  NIST Special Publication on Intrusion Detection Systems , 2001 .

[30]  Sandip C. Patel,et al.  Analysis of SCADA Security Models , 2007 .

[31]  Sandip C. Patel,et al.  Secure internet-based communication protocol for scada networks , 2006 .

[32]  Sujeet Shenoi,et al.  Security Strategies for SCADA Networks , 2007, Critical Infrastructure Protection.

[33]  Mohammed Ketel A mobile agent based framework for web services , 2009, ACM-SE 47.

[34]  Ulf Lindqvist,et al.  Using Model-based Intrusion Detection for SCADA Networks , 2006 .

[35]  Ian F. Akyildiz,et al.  Sensor Networks , 2002, Encyclopedia of GIS.

[36]  Cheryl L. Beaver,et al.  Key Management for SCADA , 2002 .

[37]  Vinay M. Igure,et al.  Security issues in SCADA networks , 2006, Comput. Secur..

[38]  E. J. Byres,et al.  On shaky ground - A study of security vulnerabilities in control protocols , 2006 .

[39]  Neeraj Suri,et al.  INcreasing Security and Protection through Infrastructure REsilience: The INSPIRE Project , 2008, CRITIS.

[40]  L. Pietre-Cambacedes,et al.  Cryptographic Key Management for SCADA Systems-Issues and Perspectives , 2008, 2008 International Conference on Information Security and Assurance (isa 2008).

[41]  Sandip C. Patel,et al.  Improvements in SCADA and DCS Systems Security , 2007, CATA.

[42]  Robert Morris,et al.  Chord: A scalable peer-to-peer lookup service for internet applications , 2001, SIGCOMM 2001.

[43]  A. Bose,et al.  GridStat: A Flexible QoS-Managed Data Dissemination Framework for the Power Grid , 2009, IEEE Transactions on Power Delivery.

[44]  Bülent Yener,et al.  Key distribution mechanisms for wireless sensor networks : a survey , 2005 .

[45]  Roberto Setola,et al.  Critical Information Infrastructure Security, Third International Workshop, CRITIS 2008, Rome, Italy, October 13-15, 2008. Revised Papers , 2009, Critical Information Infrastructures Security.

[46]  Ed Dawson,et al.  SKMA - A Key Management Architecture for SCADA Systems , 2006 .

[47]  C. H. Wang,et al.  A Multi-Agent Based Service Restoration in Distribution Network with Distributed Generations , 2009, 2009 15th International Conference on Intelligent System Applications to Power Systems.

[48]  Antony I. T. Rowstron,et al.  Pastry: Scalable, Decentralized Object Location, and Routing for Large-Scale Peer-to-Peer Systems , 2001, Middleware.