Supervisory Control and Data Acquisition (SCADA) systems are the underlying monitoring and control components of critical infrastructures, such as power, telecommunication, transportation, pipelines, chemicals and manufacturing plants. Legacy SCADA systems operated on isolated networks, that made them less exposed to Internet threats. However, the increasing connection of SCADA systems to the Internet, as well as corporate networks, introduces severe security issues. Security considerations for SCADA systems are gaining higher attention, as the number of security incidents against these critical infrastructures is increasing. In this survey, we provide an overview of the general SCADA architecture, along with a detailed description of the SCADA communication protocols. Additionally, we discuss certain high-impact security incidents, objectives, and threats. Furthermore, we carry out an extensive review of the security proposals and tactics that aim to secure SCADA systems. We also discuss the state of SCADA system security. Finally, we present the current research trends and future advancements of SCADA security.
The combination of the most prestigious optical and wireless technologies for implementing a modern broadband integrated access network has been progressively gaining ground. By extending the network coverage in a cost-efficient way, hybrid wireless-optical networks are able to enclose a larger number of potential subscribers than standalone access architectures. Hence, they are capable of increasing revenue levels and facilitating commercial penetration to the telecom market. At the same time, hybrid wireless-optical networks pose an ambitious, alternative, and efficient solution to coping with new bandwidth-hungry user applications. Hybrid wireless-optical networks incorporate sophisticated modules, fabrics, and network entities to effectively provide adequate quality of service (QoS) provisioning. This survey endeavors to classify the main features of wireless-optical integration. We provide a comprehensive compilation of the latest architectures, integrated technologies, QoS features, and dynamic bandwidth allocation (DBA) schemes. In addition, new trends towards wireless-optical convergence are presented. Moreover, as the up-to-date hybrid network standards remain under development, since there is not yet an integrated standard for approving hybrid network access platforms, we accompany this survey with detailed challenges indicating potential avenues of future research.
The rise of the Internet of Medical Things (IoMT) introduces the healthcare ecosystem in a new digital era with multiple benefits, such as remote medical assistance, real-time monitoring and pervasive control. However, despite the valuable healthcare services, this progression raises significant cybersecurity and privacy concerns. In this paper, we focus our attention on the IEC 60870-5-104 protocol, which is widely adopted in industrial healthcare systems. First, we investigate and assess the severity of the IEC 60870-5-104 cyberattacks by providing a quantitative threat model, which relies on Attack Defence Trees (ADTs) and Common Vulnerability Scoring System (CVSS) v3.1. Next, we introduce an Intrusion Detection and Prevention System (IDPS), which is capable of discriminating and mitigating automatically the IEC 60870-5-104 cyberattacks. The proposed IDPS takes full advantage of the Machine Learning (ML) and Software Defined Networking (SDN) technologies. ML is used to detect the IEC 60870-5-104 cyberattacks, utilising (a) Transmission Control Protocol (TCP)/ Internet Protocol (IP) network flow statistics and (b) IEC 60870-5-104 payload flow statistics.On the other side, the automated mitigation is transformed into a Multi-Armed Bandit (MAB) problem, which is solved through a Reinforcement Learning (RL) method called Thomson Sampling (TS) and SDN. The evaluation analysis demonstrates the efficiency of the proposed IDPS in terms of intrusion detection accuracy and automated mitigation performance. The detection accuracy and the F1 score of the proposed IDPS reach 0.831 and 0.8258, while the mitigation accuracy is calculated at 0.923.
Unmanned aerial vehicles (UAVs) in the role of flying anchor nodes have been proposed to assist the localisation of terrestrial Internet of Things (IoT) sensors and provide relay services in the context of the upcoming 6G networks. This paper considered the objective of tracing a mobile IoT device of unknown location, using a group of UAVs that were equipped with received signal strength indicator (RSSI) sensors. The UAVs employed measurements of the target’s radio frequency (RF) signal power to approach the target as quickly as possible. A deep learning model performed clustering in the UAV network at regular intervals, based on a graph convolutional network (GCN) architecture, which utilised information about the RSSI and the UAV positions. The number of clusters was determined dynamically at each instant using a heuristic method, and the partitions were determined by optimising an RSSI loss function. The proposed algorithm retained the clusters that approached the RF source more effectively, removing the rest of the UAVs, which returned to the base. Simulation experiments demonstrated the improvement of this method compared to a previous deterministic approach, in terms of the time required to reach the target and the total distance covered by the UAVs.
The rise of the Industrial Internet of Things (IIoT) plays a crucial role in the era of hyper-connected digital economies. Despite the valuable benefits, such as increased resiliency, self-monitoring and pervasive control, IIoT raises severe cybersecurity and privacy risks, allowing cyberattackers to exploit a plethora of vulnerabilities and weaknesses that can lead to disastrous consequences. Although the Intrusion Detection and Prevention Systems (IDPS) constitute valuable solutions, they suffer from several gaps, such as zero-day attacks, unknown anomalies and false positives. Therefore, the presence of supporting mechanisms is necessary. To this end, honeypots can protect real assets and trap cyberattackers. In this paper, we provide a web-based platform called T RU ST Y , which is capable of aggregating, storing and analysing the detection results of multiple industrial honeypots related to Modbus/Transmission Control Protocol (TCP), IEC 60870-5-104, BACnet, Message Queuing Telemetry Transport (MQTT) and EtherNet/IP. Based on this analysis, we provide a dataset related to honeypot security events. Moreover, this paper provides a Reinforcement Learning (RL) method, which decides about the number of honeypots that can be deployed in an industrial environment in a strategic way. In particular, this decision is converted into a Multi-Armed Bandit (MAB), which is solved with the e-Greedy method. The evaluation analysis demonstrates the efficiency of the proposed method.
Information and Communication Technology (ICT) is an integral part of Critical Infrastructures (CIs), bringing both significant pros and cons. Focusing our attention on the energy sector, ICT converts the conventional electrical grid into a new paradigm called Smart Grid (SG), providing crucial benefits such as pervasive control, better utilisation of the existing resources, self-healing, etc. However, in parallel, ICT increases the attack surface of this domain, generating new potential cyberthreats. In this paper, we present the Secure and PrivatE smArt gRid (SPEAR) architecture which constitutes an overall solution aiming at protecting SG, by enhancing situational awareness, detecting timely cyberattacks, collecting appropriate forensic evidence and providing an anonymous cybersecurity information-sharing mechanism. Operational characteristics and technical specifications details are analysed for each component, while also the communication interfaces among them are described in detail.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
334 Leonard St
Brooklyn, NY 11211
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.