Advertisement

Adaptive Dispatching of Incidences Based on Reputation for SCADA Systems

  • Cristina Alcaraz
  • Isaac Agudo
  • Carmen Fernandez-Gago
  • Rodrigo Roman
  • Gerardo Fernandez
  • Javier Lopez
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5695)

Abstract

SCADA systems represent a challenging scenario where the management of critical alarms is crucial. Their response to these alarms should be efficient and fast in order to mitigate or contain undesired effects. This work presents a mechanism, the Adaptive Assignment Manager (AAM) that will aid to react to incidences in a more efficient way by dynamically assigning alarms to the most suitable human operator. The mechanism uses various inputs for identifying the operators such as their availability, workload and reputation. In fact, we also define a reputation component that stores the reputation of the human operators and uses feedback from past experiences.

Keywords

SCADA systems Critical Control Systems Reputation 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Jøsang, A., Ismail, R., Boyd, C.: A Survey of Trust and Reputation Systems for Online Service Provision. Decision Support Systems 43(2), 618–644 (2007)CrossRefGoogle Scholar
  2. 2.
    Resnick, P., Zeckhauser, R., Friedman, E., Kuwabara, K.: Reputation Systems. Communications of ACM 43(12), 45–48 (2000)CrossRefGoogle Scholar
  3. 3.
    Cardenas, A., Amin, S., Sastry, S.: Research Challenges for the Security of Control Systems. In: HotSec 2008 (2008)Google Scholar
  4. 4.
    Peerenboom, J.P., Fisher, R.E.: Analyzing Cross-Sector Interdependencies. In: IEEE Computer Society, HICSS 2007, pp. 112–119. IEEE Computer Society, Los Alamitos (2007)Google Scholar
  5. 5.
    Byres, E., Lowe, J.: The myths and facts behind cyber security risks for industrial control systems. In: ’VDE Congress, VDE Association For Electrical, Electronic Information Technologies, British Columbia Institute of Technology and PA Consulting Group (2004)Google Scholar
  6. 6.
    Department of Energy Office of Energy Assurance. In: Steps to Improve Cyber Security of SCADA Networks, white paper (2002)Google Scholar
  7. 7.
    NISCC, National Infrastructure Security Co-ordination Centre, NISCC Good Practice Guide on Firewall Deployment for SCADA and Process Control Networks, BCIT (2005)Google Scholar
  8. 8.
    IEC 60870-5-104, International Electrotechnical Commission (2006)Google Scholar
  9. 9.
    IEC 60870-6, ICCP/TASE2, International Electrotechnical Commission (2008)Google Scholar
  10. 10.
    ISACA, Control Objectives for Information and related Technology, rev. 4.1 (2007)Google Scholar
  11. 11.
    ISO/IEC 17799:2005, Code of Practice for Information Security Management (2005)Google Scholar
  12. 12.
    NIST Special Publication 800-53 revision 2, Recommended Security Controls for Federal Information Systems (2007)Google Scholar
  13. 13.
    NIST Special Publication 800-82, DRAFT - Guide to Industrial Control Systems (ICS) Security (2007)Google Scholar
  14. 14.
    BCIT, British Columbia Institute of Technology (2008), http://www.bcit.ca/
  15. 15.
    CERT, Carnegie Mellon Software Engineering Institute, CERT/CC Statistics (1988-2008), http://www.cert.org/stats/vulnerability_remediation.html
  16. 16.
    DNP3, DNP Users Group (2008), http://www.dnp.org
  17. 17.
    Modbus-IDA, The Architecture for Distributed Automation (2005), http://www.modbus.org/

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Cristina Alcaraz
    • 1
  • Isaac Agudo
    • 1
  • Carmen Fernandez-Gago
    • 1
  • Rodrigo Roman
    • 1
  • Gerardo Fernandez
    • 1
  • Javier Lopez
    • 1
  1. 1.Computer Science DepartmentUniversity of MalagaMalagaSpain

Personalised recommendations