Abstract
Modern industrial systems (e.g. power plants, water plants, chemical installation, etc.) make large use of information and communication technologies (ICT). In the past years, those systems started to use public networks (i.e. the Internet) for system-to-system interconnection, to provide new features and services. The migration from the traditional isolated system approach to an open system approach exposed these infrastructures to cyber-threats. The scope of this chapter is provide the reader with an overview of the cyber threats and vulnerabilities affecting the system control and data acquisition systems (SCADA), i.e. those systems in charge for monitoring and controlling the industrial processes, providing indications on possible mitigation techniques.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
The content of this chapter summarises the results of the research activity conducted by the author within the context of the EU funded Escort Project (http://www.escortsproject.eu/)
References
Karnouskos S., Stuxnet worm impact on industrial cyber-physical system security. IECON 2011—37th Annual Conference on IEEE Industrial Electronics Society, January 2012.
Igure V. M., Laughter S. A. and Williams R. D. “Security issues in SCADA networks”. Computers & Security. 2006 V. 25, N.7, Pages 498–506 Month 10.
Chandia, R.; Gonzalez, J.; Kilpatrick, T.; Papa, M.; and Shenoi, S.; Security Strategies for Scada Networks. In Critical Infrastructure Protection, Eric Goetz and S. Shenoi (Eds.), Springer, Boston, Massachusetts, vol. 253, pp. 117–131, 2007.
Carcano, A.; Coletta, A.; Guglielmi, M.; Masera, M.; Nai Fovino, I.; Trombetta, A.; A Multidimensional Critical State Analysis for Detecting Intrusions in SCADA Systems. Industrial Informatics, IEEE Transactions on V. 7, I. 2, 2011, Page(s): 179–186.
Majdalawieh, M.; Parisi-Presicce, F. and Wijesekera, D.; DNPSec, Distributed Network Protocol Version 3 security framework. In Proceedings of the Twenty-First Annual Computer Security Applications Conference (Technology Blitz Session), Tucson, Arizona, USA, 2005.
Mander, T.; Nabhani, F.; Wang, L.; Cheung, R.; Data Object Based Security for DNP3 Over TCP/IP for Increased Utility Commercial Aspects Security. In Proceedings of the Power Engineering Society General Meeting, Tampa, FL, USA, June 24–28, pp. 18. IEEE, Los Alamitos (2007).
Hong, J. H. C. S.; Ho Ju, S.; Lim, Y. H.; Lee, B. S. and Hyun, D. H.; A Security Mechanism for Automation Control in PLC-based Networks. In Proceedings of the ISPLC ’07. IEEE International Symposium on Power Line Communications and Its Applications 26–28 March 2007, pp 466–470, Pisa, Italy.
OPC: http://www.opcfoundation.org/ Last Access: 11/05/2012
Leszczyna, R.; Nai Fovino, I.; Masera, M.; Security Evaluation of IT Systems Underlying Critical Networked Infrastructures. In Proceeding of the 1st International Conference on Information Technology, Gdansk, Poland, 18–21 May 2008.
Cagalaban, G.; KIM, T; KIM, S; Improving SCADA Control Systems Security with Software Vulnerability Analysis. In Proceedings of the 12th WSEAS International Conference on Automatic Control, Modeling & Simulation. pp 409–414, 2010.
Edmonds, J.; Papa, M.; Shenoi, S.; Security Analysis of Multilayer SCADA Protocols. In Proceedings of the IFIP Critical Infrastructure Protection 2008. pp 205–221, 2008.
Carcano, A.; Nai Fovino, I; Masera, N. and Trombetta, A.; Scada Malware, a proof of Concept. In proceeding of the 3rd International Workshop on Critical Information Infrastructures Security, Rome, October 13–15, 2008.
Creery, A.; Byres, E.J.; Industrial Cybersecurity for power system and SCADA networks IEEE Industry Application Magazine, July-August 2007.
http://www.tofinosecurity.com. Last Access 02/12/2009
Dondossola, G.; Masera, M.; Nai Fovino, I.; Szanto, J.; Effects of intentional threats to power substation control systems. International Journal of Critical Infrastructure, (IJCIS), Vol. 4, No. 1/2, 2008.
East, S.; Butts, J.; Papa, M.; Shenoi, S.; A taxonomy of Attacks on the DNP3 Protocol. In proceedings of the third IFIP international conference on Critical Infrastructure Protection, Hannover, NH, 2009.
Nai Fovino, I.; Carcano, A. and Masera, M.; Secure Modbus Protocol, implementation, tests and analysis. In Proceeding of the Third Annual IFIP Working Group 11.10 International Conference on Critical Infrastructure Protection, Dartmouth College, Hanover, New Hampshire, USA, March 22–25, 2009.
http://www.dnp.org/default.aspx; DNP consortium. Last access: 05/01/2012
IEC/TC 57 IEC 60870–5-104; http://www.iec.ch; International Electrotechnical Commission. Last access: 05/01/2012
http://www.profibus.com/nc/downloads/downloads/profibus-technology-and-application-system-description/display/; Profinet Foundation. Last Access: 05/01/2012
Nai Fovino, I.; Carcano, A.; Masera, M. and Trombetta, A.; A State Based Intrusion Detection System for Modbus Protocol. In Critical Information Infrastructures Security. Lecture Notes in Computer Science 2010. Springer Berlin / Heidelberg. Isbn: 978-3-642-14378-6 pp. 138-150. Vol. 6027.
Nai Fovino, I. and Masera, M.; A service oriented approach to the assessment of Infrastructure Security. In Proceeding of the First Annual IFIP Working Group 11.10 International Conference on Critical Infrastructure Protection, Dartmouth College, Hanover, New Hampshire, USA, March 19–21, 2007.
The IAONA Handbook for Network Security Draft/RFC v0.4, Industrial Automation Open.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer Science+Business Media New York
About this chapter
Cite this chapter
Fovino, I.N. (2014). SCADA System Cyber Security. In: Markantonakis, K., Mayes, K. (eds) Secure Smart Embedded Devices, Platforms and Applications. Springer, New York, NY. https://doi.org/10.1007/978-1-4614-7915-4_20
Download citation
DOI: https://doi.org/10.1007/978-1-4614-7915-4_20
Published:
Publisher Name: Springer, New York, NY
Print ISBN: 978-1-4614-7914-7
Online ISBN: 978-1-4614-7915-4
eBook Packages: Computer ScienceComputer Science (R0)