Critical infrastructures, such as electrical grids, are monitored and controlled by SCADA (Supervisory Control And Data Acquisition) systems. Cyber attacks against SCADA might put CI and in turn industrial production, environment integrity and human safety at risk. Here, with reference to an actual case study, constituted by an electrical grid, its SCADA system and a corporate network, we discuss how cyber threats, vulnerabilities and attacks might degrade the functionalities of SCADA and corporate network and, in turn, lead to outages of the electrical grid. We represent SCADA and corporate network under malware propagation, Denial of Service and Man In The Middle attacks, and predict their consequent functionalities. Particularly, we use Netlogo to identify possible malware propagation in relation to SCADA & corporate security policies adopted from the utility and NS2 simulator to compute the consequences of such cyber attacks on SCADA and in turn on electrical grid functionalities.
[1]
J. Stamp,et al.
Common vulnerabilities in critical infrastructure control systems.
,
2003
.
[2]
Sumeet Dua,et al.
Data Mining and Machine Learning in Cybersecurity
,
2011
.
[3]
S. M. Rinaldi,et al.
Identifying, Understanding, and Analyzing
,
2001
.
[4]
Enrico Tronci,et al.
Risk analysis via heterogeneous models of SCADA interconnecting Power Grids and Telco networks
,
2009,
2009 Fourth International Conference on Risks and Security of Internet and Systems (CRiSIS 2009).
[5]
Ross J. Anderson,et al.
The Protection of Substation Communications
,
2009
.
[6]
Golden G. Richard,et al.
SCADA Systems: Challenges for Forensic Investigators
,
2012,
Computer.
[7]
Ester Ciancamerla,et al.
Service dependability and performance of SCADA systems interconnecting power grids and Telco networks
,
2011
.