Skip to main content
SpringerLink
Log in

A Short Review: Issues and Threats Pertaining the Security of SCADA Systems

  • Conference paper
  • First Online:
Advances in Cyber Security (ACeS 2021)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1487))

Included in the following conference series:

Abstract

SCADA systems are commonly used to track and manage utilities in vital national infrastructures including electricity generation and delivery, transportation networks, water supply and manufacturing, and manufacturing facilities. Cyber-attacks that threaten data privacy in SCADA networks, such as unauthorised misuse of sensor or control signals, may have a significant effect on the functioning of sensitive national infrastructure by causing device operators to make incorrect decisions, which could result in disastrous outcomes. Therefore, the cyber-security of SCADA systems has been an active topic of research for the past decades due to the potentially disastrous impact on the environment, public safety, and economy when these systems are breached or compromised. This paper examines the current security posture of SCADA systems from the perspective of data and cybersecurity and to propose recommendations for enhancing protection measures.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 99.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 129.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Alcaraz, C., Zeadally, S.: Critical infrastructure protection: requirements and challenges for the 21st century. Int. J. Crit. Infrastr. Protect. 8, 53–66 (2015). http://linkinghub.elsevier.com/retrieve/pii/S1874548214000791

  2. Nazir, S., Patel, S., Patel, D.: Assessing and augmenting SCADA cyber security: a survey of techniques. Comput. Secur. 70, 436–454 (2017). http://linkinghub.elsevier.com/retrieve/pii/S0167404817301293

  3. Ani, U.P.D., He, H.M., Tiwari, A.: Review of cybersecurity issues in industrial critical infrastructure: manufacturing in perspective. J. Cyber Secur. Technol. 1(1), 32–74 (2017). https://doi.org/10.1080/23742917.2016.1252211

    Article  Google Scholar 

  4. Rosa, L., Freitas, M., Mazo, S., Monteiro, E., Cruz, T., Simoes, P.: A comprehensive security analysis of a SCADA protocol: from OSINT to mitigation. IEEE Access 7, 42156–42168 (2019). https://ieeexplore.ieee.org/document/8672892/

  5. Krotofil, M., Gollmann, D.: Industrial control systems security: what is happening? In: 2013 11th IEEE International Conference on Industrial Informatics (INDIN), pp. 664–669. IEEE (2013). http://ieeexplore.ieee.org/document/6622963/

  6. Tawde, R., Nivangune, A., Sankhe, M.: Cyber security in smart grid SCADA automation systems. In: 2015 International Conference on Innovations in Information, Embedded and Communication Systems (ICIIECS), pp. 1–5. IEEE, March 2015. http://ieeexplore.ieee.org/document/7192918/

  7. Ghosh, S., Sampalli, S.: A survey of security in SCADA networks: current issues and future challenges. IEEE Access 7, 135812–135831 (2019). https://ieeexplore.ieee.org/document/8753583/

  8. Pliatsios, D., Sarigiannidis, P., Lagkas, T., Sarigiannidis, A.G.: A survey on SCADA systems: secure protocols, incidents, threats and tactics. IEEE Commun. Surv. Tutor. 22(3), 1942–1976 (2020). https://ieeexplore.ieee.org/document/9066892/

  9. Volkova, A., Niedermeier, M., Basmadjian, R., de Meer, H.: Security challenges in control network protocols: a survey. IEEE Commun. Surv. Tutor. 21(1), 619–639 (2019). https://ieeexplore.ieee.org/document/8472799/

  10. Bhamare, D., Zolanvari, M., Erbad, A., Jain, R., Khan, K., Meskin, N.: Cybersecurity for industrial control systems: a survey. Comput. Secur. 89, 101677 (2020). https://linkinghub.elsevier.com/retrieve/pii/S0167404819302172

  11. Alladi, T., Chamola, V., Zeadally, S.: Industrial control systems: cyberattack trends and countermeasures. Comput. Commun. 155, 1–8 (2020). https://linkinghub.elsevier.com/retrieve/pii/S0140366419319991

  12. Coffey, K., Smith, R., Maglaras, L., Janicke, H.: Vulnerability analysis of network scanning on SCADA systems. Secur. Commun. Netw. 2018, 1–21 (2018). https://www.hindawi.com/journals/scn/2018/3794603/

  13. Qassim, Q.S., Jamil, N., Z’aba, M.R., Aba, N., Kamarulzaman, W.A.W.: Assessing the cyber-security of the IEC 60870-5-104 protocol in SCADA system. Int. J. Crit. Infrastr. 16(2), 91 (2020). http://www.inderscience.com/link.php?id=107242

  14. Qassim, Q.S., Jamil, N., Mahdi, M.N., Abdul Rahim, A.A.: Towards SCADA threat intelligence based on intrusion detection systems - a short review. In: 2020 8th International Conference on Information Technology and Multimedia, ICIMU 2020 (2020)

    Google Scholar 

  15. Qassim, Q.S., Jamil, N., Daud, M., Ja’affar, N., Kamarulzaman, W.A.W., Mahdi, M.N.: Compromising the data integrity of an electrical power grid SCADA system. In: Anbar, M., Abdullah, N., Manickam, S. (eds.) ACeS 2020. CCIS, vol. 1347, pp. 604–626. Springer, Singapore (2021). https://doi.org/10.1007/978-981-33-6835-4_40

    Chapter  Google Scholar 

  16. Maglaras, L.A., et al.: Cyber security of critical infrastructures. ICT Express 4(1), 42–45 (2018). http://linkinghub.elsevier.com/retrieve/pii/S2405959517303880

  17. Cárdenas, A.A., Amin, S., Lin, Z.S., Huang, Y.L., Huang, C.Y., Sastry, S.: Attacks against process control systems. In: Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security - ASIACCS 2011, p. 355. ACM Press, New York (2011). http://portal.acm.org/citation.cfm?doid=1966913.1966959

  18. Cherdantseva, Y., et al.: A review of cyber security risk assessment methods for SCADA systems. Comput. Secur. 56, 1–27 (2016). http://linkinghub.elsevier.com/retrieve/pii/S0167404815001388

  19. Igure, V.M., Laughter, S.A., Williams, R.D.: Security issues in SCADA networks. Comput. Secur. 25(7), 498–506 (2006). http://linkinghub.elsevier.com/retrieve/pii/S0167404806000514

  20. Wu, G., Sun, J., Chen, J.: A survey on the security of cyber-physical systems. Control Theory Technol. 14(1), 2–10 (2016). http://link.springer.com/10.1007/s11768-016-5123-9

  21. Drias, Z., Serhrouchni, A., Vogel, O.: Analysis of cyber security for industrial control systems. In: International Conference on Cyber Security of Smart Cities, Industrial Control System and Communications (SSIC), pp. 1–8 (2015)

    Google Scholar 

  22. Amoah, R.: Formal security analysis of the DNP3-secure authentication protocol. Ph.D. thesis, Queensland University of Technology (2016). http://eprints.qut.edu.au/93798/

  23. Darwish, I., Igbe, O., Celebi, O., Saadawi, T., Soryal, J.: Smart grid DNP3 vulnerability analysis and experimentation. 2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing, pp. 141–147, November 2015. http://ieeexplore.ieee.org/document/7371473/ ieeexplore.ieee.org/lpdocs/epic03/wrapper.htm?arnumber=7371473

  24. Tan, S.: Electric power automation control system based on SCADA protocols. In: Zhong, Z. (ed.) Proceedings of the International Conference on Information Engineering and Applications (IEA) 2012. LNEE, vol. 218, pp. 137–143. Springer, London (2013). https://doi.org/10.1007/978-1-4471-4847-0_17

    Chapter  Google Scholar 

  25. Pidikiti, D.S., Kalluri, R., Kumar, R.K.S., Bindhumadhava, B.S.: SCADA communication protocols: vulnerabilities, attacks and possible mitigations. CSI Trans. ICT 1(2), 135–141 (2013). http://link.springer.com/10.1007/s40012-013-0013-5

  26. Qassim, Q.S., Jamil, N., Daud, M., Hasan, H.C.: Towards implementing scalable and reconfigurable SCADA security testbed in power system environment. Int. J. Crit. Infrastr. 15(2), 91 (2019). http://www.inderscience.com/link.php?id=98834

Download references

Acknowledgement

This research is supported by Transdisciplinary Research Grant Scheme (TRGS) 2020, Ministry of Higher Education Malaysia, under the project ‘Cyber Threat Modeling and Advanced Persistent Threat Detection for a Resilient Dam Control System Using Context-based Approach and Ensemble Method of Machine Learning Models With Discrete Probability Distribution’.

Author information

Authors and Affiliations

  1. University of Technology and Applied Sciences – Ibri, Ibri, Sultanate of Oman

    Qais Saif Qassim

  2. College of Computing and Informatics, Universiti Tenaga Nasional, Kajang, Malaysia

    Norziana Jamil, Mohammed Najah Mahdi & Zaihisma Che Cob

  3. School of Computing, Universiti Teknologi Malaysia, Skudai, Malaysia

    Fiza Abd Rahim

  4. Institute of Energy Infrastructure, Universiti Tenaga Nasional, Kajang, Malaysia

    Lariyah Mohd Sidek

Authors
  1. Qais Saif Qassim
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Norziana Jamil
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Mohammed Najah Mahdi
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Zaihisma Che Cob
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Fiza Abd Rahim
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Lariyah Mohd Sidek
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Qais Saif Qassim .

Editor information

Editors and Affiliations

  1. Hodeidah University, Hodeidah, Yemen

    Nibras Abdullah

  2. Universiti Sains Malaysia, Penang, Malaysia

    Selvakumar Manickam

  3. Universiti Sains Malaysia, Penang, Malaysia

    Mohammed Anbar

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Qassim, Q.S., Jamil, N., Mahdi, M.N., Cob, Z.C., Rahim, F.A., Sidek, L.M. (2021). A Short Review: Issues and Threats Pertaining the Security of SCADA Systems. In: Abdullah, N., Manickam, S., Anbar, M. (eds) Advances in Cyber Security. ACeS 2021. Communications in Computer and Information Science, vol 1487. Springer, Singapore. https://doi.org/10.1007/978-981-16-8059-5_14

Download citation

  • DOI: https://doi.org/10.1007/978-981-16-8059-5_14

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-16-8058-8

  • Online ISBN: 978-981-16-8059-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation