Security-Oriented Cloud Platform for SOA-Based SCADA

During the last 10 years, experts in critical infrastructure security have been increasingly directing their focus and attention to the security of control structures such as Supervisory Control and Data Acquisition (SCADA) systems in the light of the move toward Internet-connected architectures. However, this more open architecture has resulted in an increasing level of risk being faced by these systems, especially as they became offered as services and utilised via Service Oriented Architectures (SOA). For example, the SOA-based SCADA architecture proposed by the AESOP project concentrated on facilitating the integration of SCADA systems with distributed services on the application layer of a cloud network. However, whilst each service specified various security goals, such as authorisation and authentication, the current AESOP model does not attempt to encompass all the necessary security requirements and features of the integrated services. This paper presents a concept for an innovative integrated cloud platform to reinforce the integrity and security of SOA-based SCADA systems that will apply in the context of Critical Infrastructures to identify the core requirements, components and features of these types of system. The paper uses the SmartGrid to highlight the applicability and importance of the proposed platform in a real world scenario.

[1]  Rumen Kyusakov,et al.  A migration approach towards a SOA-based next generation process control and monitoring , 2011, IECON 2011 - 37th Annual Conference of the IEEE Industrial Electronics Society.

[2]  H. T. Mouftah,et al.  Cloud-based security services for the smart grid , 2013, CASCON.

[3]  J. Delsing,et al.  A SOA-based architecture for empowering future collaborative cloud-based industrial automation , 2012, IECON 2012 - 38th Annual Conference on IEEE Industrial Electronics Society.

[4]  Jemal H. Abawajy,et al.  A Multilevel Trust Management Framework for Service Oriented Environment , 2014 .

[5]  Roberto Di Pietro,et al.  Secure virtualization for cloud computing , 2011, J. Netw. Comput. Appl..

[6]  Holger Giese Architecting Critical Systems, First International Symposium, ISARCS 2010, Prague, Czech Republic, June 23-25, 2010, Proceedings , 2010, ISARCS.

[7]  Krishna P. Gummadi,et al.  Towards Trusted Cloud Computing , 2009, HotCloud.

[8]  Dorothy E. Denning Stuxnet: What Has Changed? , 2012, Future Internet.

[9]  HyungJun Kim,et al.  Security and Vulnerability of SCADA Systems over IP-Based Wireless Sensor Networks , 2012, Int. J. Distributed Sens. Networks.

[10]  Action Nechibvute,et al.  Wireless Sensor Networks for SCADA and Industrial Control Systems , 2013 .

[11]  Hervé Debar,et al.  Challenges for Cloud Networking Security , 2010, MONAMI.

[12]  A. Volokyta,et al.  Secure virtualization in cloud computing , 2012, Proceedings of International Conference on Modern Problem of Radio Engineering, Telecommunications and Computer Science.

[13]  Aiko Pras,et al.  Attacks by Anonymous WikiLeaks Proponents not Anonymous , 2010 .

[14]  Neeraj Suri,et al.  Increasing the Resilience of Critical SCADA Systems Using Peer-to-Peer Overlays , 2010, ISARCS.

[15]  Jason Edwin Stamp,et al.  Framework for SCADA Security Policy , 2005 .

[16]  Florian Skopik,et al.  Towards a Layered Architectural View for Security Analysis in SCADA Systems , 2012, ArXiv.

[17]  Karen A. Scarfone,et al.  Guide to Industrial Control Systems (ICS) Security , 2015 .

[18]  Thar Baker,et al.  Security-oriented cloud computing platform for critical infrastructures , 2012, Comput. Law Secur. Rev..

[19]  Philippe Gourbesville,et al.  Flood warning systems and ubiquitous computing , 2012 .

[20]  Xia Bonnie Zhu,et al.  Resilient Control and Intrusion Detection for SCADA Systems , 2011 .