A Survey of SCADA Testbed Implementation Approaches

Objectives: SCADA systems are turning into the central nerve system of the electric power system critical infrastructure. With the increasing availability and use of computer networks and the Internet as well as the convenience of cloud computing, SCADA systems have increasingly adopted Internet-of-Things technologies to significantly reduce infrastructure costs and increase ease of maintenance and integration. However, SCADA systems are obvious targets for cyber attacks that would seek to disrupt the critical infrastructure systems thus are governed by a SCADA system. Methods/Statistical Analysis: Cyber attacks exploit SCADA security vulnerabilities in order to take control or disrupt the normal operation of the system. Analyzing security vulnerability and loopholes are critical in developing security solutions for such systems. It is also equally important to test security solutions developed to protect SCADA systems. Findings: Experimenting on live systems is generally not advisable and impractical as this may render the system unstable. Such situation calls for the need of an experimental setup equivalent or quite close to the real scenario for developing and testing security solutions. Application/Improvements: This paper reviews common SCADA implementation approaches utilized in previous related works.

[1]  Igor Nai Fovino,et al.  Critical State-Based Filtering System for Securing SCADA Network Protocols , 2012, IEEE Transactions on Industrial Electronics.

[2]  Zhiliang Wang,et al.  False Logic Attacks on SCADA Control System , 2014, 2014 Asia-Pacific Services Computing Conference.

[3]  Bradley Reaves,et al.  An open virtual testbed for industrial control system security research , 2012, International Journal of Information Security.

[4]  Ting Wang,et al.  The Design of ICS Testbed Based on Emulation, Physical, and Simulation (EPS-ICS Testbed) , 2013, 2013 Ninth International Conference on Intelligent Information Hiding and Multimedia Signal Processing.

[5]  Briam Johnson,et al.  National SCADA Test Bed Substation Automation Evaluation Report , 2009 .

[6]  S. Shankar Sastry,et al.  A Taxonomy of Cyber Attacks on SCADA Systems , 2011, 2011 International Conference on Internet of Things and 4th International Conference on Cyber, Physical and Social Computing.

[7]  Erik Westring,et al.  A Survey of Industrial Control System Testbeds , 2015, NordSec.

[8]  S. Ignat,et al.  Security and intrusion detection on critical SCADA systems for water management , 2014, 2014 IEEE International Conference on Automation, Quality and Testing, Robotics.

[9]  Xinghuo Yu,et al.  Building a SCADA Security Testbed , 2009, 2009 Third International Conference on Network and System Security.

[10]  David M. Nicol,et al.  The Virtual Power System Testbed and Inter-Testbed Integration , 2009, CSET.

[11]  Dongho Kim,et al.  Experience with DETER: a testbed for security research , 2006, 2nd International Conference on Testbeds and Research Infrastructures for the Development of Networks and Communities, 2006. TRIDENTCOM 2006..

[12]  B. R. Mehta Chapter 7 – SCADA systems , 2015 .

[13]  Yi Deng,et al.  VSCADA: A reconfigurable virtual SCADA test-bed for simulating power utility control center operations , 2015, 2015 IEEE Power & Energy Society General Meeting.

[14]  David C. Bergman Power grid simulation, evaluation, and test framework , 2010 .

[15]  Lingling Fan,et al.  A hardware-in-the-loop SCADA testbed , 2015, 2015 North American Power Symposium (NAPS).

[16]  Ahmed Serhrouchni,et al.  Analysis of cyber security for industrial control systems , 2015, 2015 International Conference on Cyber Security of Smart Cities, Industrial Control System and Communications (SSIC).

[17]  Zahir Tari,et al.  SCADASim—A Framework for Building SCADA Simulations , 2011, IEEE Transactions on Smart Grid.

[18]  Aditya Ashok,et al.  Cyber-Physical Security Testbeds: Architecture, Application, and Evaluation for Smart Grid , 2013, IEEE Transactions on Smart Grid.

[19]  Y. J. Reddy,et al.  Industrial process automation systems , 2015 .

[20]  Jeff Daniels,et al.  Server virtualization architecture and implementation , 2009, ACM Crossroads.

[21]  Michail Maniatakos,et al.  The Cybersecurity Landscape in Industrial Control Systems , 2016, Proceedings of the IEEE.

[22]  Zia Saquib,et al.  A testbed for SCADA cyber security and intrusion detection , 2015, 2015 International Conference on Cyber Security of Smart Cities, Industrial Control System and Communications (SSIC).

[23]  Zahid Anwar,et al.  Automatic security assessment of critical cyber-infrastructures , 2008, 2008 IEEE International Conference on Dependable Systems and Networks With FTCS and DCC (DSN).

[24]  Karen A. Scarfone,et al.  Guide to Industrial Control Systems (ICS) Security , 2015 .

[25]  Luca Viganò,et al.  Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) , 2015, IWSEC 2015.

[26]  Deepa Kundur,et al.  Implementing attacks for modbus/TCP protocol in a real-time cyber physical system test bed , 2015, 2015 IEEE International Workshop Technical Committee on Communications Quality and Reliability (CQR).

[27]  Salim Hariri,et al.  A testbed for analyzing security of SCADA control systems (TASSCS) , 2011, ISGT 2011.

[28]  E. Chikuni,et al.  Investigating the security of electrical power systems SCADA , 2007, AFRICON 2007.

[29]  Wei Gao,et al.  On SCADA control system command and response injection and intrusion detection , 2010, 2010 eCrime Researchers Summit.

[30]  Chris Develder,et al.  Combining Power and Communication Network Simulation for Cost-Effective Smart Grid Analysis , 2014, IEEE Communications Surveys & Tutorials.

[31]  Ting Wang,et al.  An Industrial Control System Testbed Based on Emulation, Physical Devices and Simulation , 2014, Critical Infrastructure Protection.

[32]  Béla Genge,et al.  Cyber-Physical Testbeds : Scientific Instruments for Cyber Security Assessment of Critical Infrastructures , 2014 .

[33]  Béla Genge,et al.  Cyber-physical testbeds , 2014, CACM.

[34]  T.J. Overbye,et al.  SCADA Cyber Security Testbed Development , 2006, 2006 38th North American Power Symposium.

[35]  Gerard J. Holzmann,et al.  Mars code , 2014, CACM.