Security Aspects of SCADA and DCS Environments

SCADA Systems can be seen as a fundamental component in Critical Infrastructures, having an impact in the overall performance of other Critical Infrastructures interconnected. Currently, these systems include in their network designs different types of Information and Communication Technology systems (such as the Internet and wireless technologies), not only to modernize operational processes but also to ensure automation and real-time control. Nonetheless, the use of these new technologies will bring new security challenges, which will have a significant impact on both the business process and home users. Therefore, the main purpose of this Chapter is to address these issues and to analyze the interdependencies of Process Control Systems with ICT systems, to discuss some security aspects and to offer some possible solutions and recommendations.

[1]  José Fernando Carvajal Vión Computer Immune System: An overview - creating a cyberimmune operating system , 2002, SIS.

[2]  Bradley Reaves,et al.  Engineering future cyber-physical energy systems: Challenges, research needs, and roadmap , 2009, 41st North American Power Symposium.

[3]  Sandip C. Patel,et al.  Improving the cyber security of SCADA communication networks , 2009, CACM.

[4]  Soh Siew Cheong Deregulation of the power industry in Singapore , 2000 .

[5]  J. Stamp,et al.  Sustainable Security for Infrastructure SCADA , 2004 .

[6]  R. Evans Control Systems Cyber Security Standards Support Activities , 2009 .

[7]  Jen-Hao Teng,et al.  A Web-based power quality monitoring system , 2001, 2001 Power Engineering Society Summer Meeting. Conference Proceedings (Cat. No.01CH37262).

[8]  G. Lambert-Torres,et al.  Anomaly detection in power system control center critical infrastructures using rough classification algorithm , 2009, 2009 3rd IEEE International Conference on Digital Ecosystems and Technologies.

[9]  Chhaya Das,et al.  Analysis of Distributed Intrusion Detection Systems Using Mobile Agents , 2008, 2008 First International Conference on Emerging Trends in Engineering and Technology.

[10]  J. Pollet Developing a solid SCADA security strategy , 2002, 2nd ISA/IEEE Sensors for Industry Conference,.

[11]  M.B. Srinivas,et al.  A web based expert system shell for fault diagnosis and control of power system equipment , 2008, 2008 International Conference on Condition Monitoring and Diagnosis.

[12]  Nabajyoti Barkakati,et al.  Deficient ICT Controls Jeopardize Systems Supporting the Electric Grid: A Case Study , 2010 .

[13]  Duo Li,et al.  Concept design for a Web-based supervisory control and data-acquisition (SCADA) system , 2002, IEEE/PES Transmission and Distribution Conference and Exhibition.

[14]  William J. Tolone Interactive visualizations for critical infrastructure analysis , 2009, Int. J. Crit. Infrastructure Prot..

[15]  Igor Nai Fovino,et al.  An experimental investigation of malware attacks on SCADA systems , 2009, Int. J. Crit. Infrastructure Prot..

[16]  M. Milvich,et al.  Idaho National Laboratory Supervisory Control and Data Acquisition Intrusion Detection System (SCADA IDS) , 2008, 2008 IEEE Conference on Technologies for Homeland Security.

[17]  E. Lavernia,et al.  An experimental investigation , 1992, Metallurgical and Materials Transactions A.

[18]  Hoay Beng Gooi,et al.  Internet-based SCADA display system , 2002 .

[19]  Philip L. Campbell Survivability via Control Objectives , 2000 .

[20]  Cristina Alcaraz,et al.  Adaptive Dispatching of Incidences Based on Reputation for SCADA Systems , 2009, TrustBus.

[21]  A. Cavoukian,et al.  SmartPrivacy for the Smart Grid: embedding privacy into the design of electricity conservation , 2010 .

[22]  David Cornforth,et al.  An overview of recent advances in intrusion detection , 2008, 2008 8th IEEE International Conference on Computer and Information Technology.

[23]  Ronald L. Krutz Securing SCADA systems , 2005 .

[24]  Sujeet Shenoi,et al.  Critical Infrastructure Protection II - Second Annual IFIP WG 11.10 International Conference on Critical Infrastructure Protection, George Mason University, Arlington, Virginia, USA, March 17-19, 2008, Revised Papers , 2009, IFIP Advances in Information and Communication Technology.

[25]  Elena Sitnikova,et al.  The Development of a Generic Framework for the Forensic Analysis of SCADA and Process Control Systems , 2009, e-Forensics.

[26]  Rodrigo Roman,et al.  Secure Management of SCADA Networks , 2008 .

[27]  Mike Smith Web-based monitoring & control for oil/gas industry , 2001 .

[28]  Milos Manic,et al.  Neural Network based Intrusion Detection System for critical infrastructures , 2009, 2009 International Joint Conference on Neural Networks.

[29]  Martin Gilje Jaatun,et al.  A framework for incident response management in the petroleum industry , 2009, Int. J. Crit. Infrastructure Prot..

[30]  Keith J. Blow,et al.  Intelligent Mobile Agent Middleware for Wireless Sensor Networks: A Real Time Application Case Study , 2008, 2008 Fourth Advanced International Conference on Telecommunications.

[31]  S. Shankar Sastry,et al.  Research Challenges for the Security of Control Systems , 2008, HotSec.

[32]  Jason Edwin Stamp,et al.  Framework for SCADA Security Policy , 2005 .

[33]  Chi-Ho Tsang,et al.  Multi-agent intrusion detection system in industrial network using ant colony clustering approach and unsupervised feature extraction , 2005, 2005 IEEE International Conference on Industrial Technology.

[34]  Chenyang Lu,et al.  Agilla: A mobile agent middleware for self-adaptive wireless sensor networks , 2009, TAAS.

[35]  David M. Nicol,et al.  Applying Trusted Network Technology To Process Control Systems , 2008, Critical Infrastructure Protection.

[36]  Vinay M. Igure,et al.  Security issues in SCADA networks , 2006, Comput. Secur..

[37]  Alfonso Valdes,et al.  Intrusion Monitoring in Process Control Systems , 2009 .

[38]  Xinghuo Yu,et al.  SCADA system security: Complexity, history and new developments , 2008, 2008 6th IEEE International Conference on Industrial Informatics.

[39]  Janusz Bialek,et al.  Critical Interrelations Between ICT and Electricity System , 2010 .

[40]  Frank C. Lambert,et al.  A survey on communication networks for electric system automation , 2006, Comput. Networks.

[41]  Michael K. Reiter,et al.  Homeland Security , 2004, IEEE Internet Comput..

[42]  Mohsen Jafari,et al.  An integrated security system of protecting Smart Grid against cyber attacks , 2010, 2010 Innovative Smart Grid Technologies (ISGT).

[43]  Hoay Beng Gooi,et al.  Web-based SCADA display systems (WSDS) for access via Internet , 2000 .