Security issues in SCADA based industrial control systems

Babu, B. Raveendra; Ijyas, Thafasal; Muneer, P.; Varghese, Justin

doi:10.1109/anti-cybercrime.2017.7905261

Cited by 53 publications

(27 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…IEC 62443 assists the IT/OT convergence but the standard itself is complex and leads to alignment issues. Some of the issues related to IT/OT convergence are discussed in [ 14 , 18 , 19 , 60 , 98 ]. They include outdated legacy systems with custom configurations and limited security, different security levels for IT/OT, increased security stakes, and IT/OT accountability and productivity risks.…”

Section: It/ot Convergence and Issuesmentioning

confidence: 99%

Industrial IoT, Cyber Threats, and Standards Landscape: Evaluation and Roadmap

Dhirani

Armstrong

Newe

2021

Sensors

View full text Add to dashboard Cite

Industrial IoT (IIoT) is a novel concept of a fully connected, transparent, automated, and intelligent factory setup improving manufacturing processes and efficiency. To achieve this, existing hierarchical models must transition to a fully connected vertical model. Since IIoT is a novel approach, the environment is susceptible to cyber threat vectors, standardization, and interoperability issues, bridging the gaps at the IT/OT ICS (industrial control systems) level. IIoT M2M communication relies on new communication models (5G, TSN ethernet, self-driving networks, etc.) and technologies which require challenging approaches to achieve the desired levels of data security. Currently there are no methods to assess the vulnerabilities/risk impact which may be exploited by malicious actors through system gaps left due to improper implementation of security standards. The authors are currently working on an Industry 4.0 cybersecurity project and the insights provided in this paper are derived from the project. This research enables an understanding of converged/hybrid cybersecurity standards, reviews the best practices, and provides a roadmap for identifying, aligning, mapping, converging, and implementing the right cybersecurity standards and strategies for securing M2M communications in the IIoT.

show abstract

Section: It/ot Convergence and Issuesmentioning

confidence: 99%

Industrial IoT, Cyber Threats, and Standards Landscape: Evaluation and Roadmap

Dhirani

Armstrong

Newe

2021

Sensors

View full text Add to dashboard Cite

show abstract

“…The effects of the vulnerabilities in the hardware, software, network or their operational configuration manifest in the form of security threats. An interesting overview of the major threats to SCADA systems is provided by Babu et al [10] in the following order: zero day vulnerabilities, lack of task prioritization, database injections, and last, communication protocol issues.…”

Section: Related Workmentioning

confidence: 99%

“…Babu et al [10] Review and analysis of security vulnerabilities affecting SCADA systems only, highlighting the current security risks targeting the communication protocols.…”

Section: ---mentioning

confidence: 99%

Experimenting With Digital Signatures Over a DNP3 Protocol in a Multitenant Cloud-Based SCADA Architecture

Marian

Cusman²,

Stinga

et al. 2020

IEEE Access

View full text Add to dashboard Cite

The ideas presented in this paper are summarized as follows. The first idea entails improving the security of supervisory control and data acquisition (SCADA) architectures by means of asymmetric cryptography and digital signatures and measuring the performance overhead. This allows achieving some obvious subsequent goals such as data-origin authentication, and the traceability and implicit nonrepudiation of commands given to intelligent field and direct control equipment. The possibility to include digital signatures with a minimum impact on a standard and a reliable data communication protocol, such as Distributed Network Protocol version 3 (DNP3), also known to have a mature, industrially validated, opensource implementation, has been tested and the results are presented. A second idea concerns designing and developing a multitenant cloud-based architecture for a SCADA environment. This hypothesis focuses on certain SCADA operators that manage multiple industrial control systems (ICS) and intend to consolidate process data in a centralized manner. INDEX TERMS digital signatures, cybersecurity, SCADA, industrial control system, cloud-based services.

show abstract

“…SCADA security systems are vulnerable to attacks on hardware, software, and communication protocols. In [25], as major vulnerabilities for SCADA automation systems, the following were identified: “zero-day” vulnerabilities, lack of task prioritization, database injection, and issues at communication protocol level. Additionally, in [26], the vulnerabilities are highlighted at the level of interaction with HMI (Human-Machine Interface): cross-site scripting, the existence of unused ports and services, vulnerabilities which are allowing unauthorized writings leading to buffer overflow.…”

Section: Related Workmentioning

confidence: 99%

Cryptographic Considerations for Automation and SCADA Systems Using Trusted Platform Modules

Tidrea

Korodi

Silea

2019

Sensors

View full text Add to dashboard Cite

The increased number of cyber threats against the Supervisory Control and Data Acquisition (SCADA) and automation systems in the Industrial-Internet-of-Things (IIoT) and Industry 4.0 era has raised concerns in respect to the importance of securing critical infrastructures and manufacturing plants. The evolution towards interconnection and interoperability has expanded the vulnerabilities of these systems, especially in the context of the widely spread legacy standard protocols, by exposing the data to the outside network. After gaining access to the system data by launching a variety of attacks, an intruder can cause severe damage to the industrial process in place. Hence, this paper attempts to respond to the security issue caused by legacy structures using insecure communication protocols (e.g., Modbus TCP, DNP3, S7), presenting a different perspective focused on the capabilities of a trusted platform module (TPM). Furthermore, the intent is to assure the authenticity of the data transmitted between two entities on the same (horizontal interoperation) or different (vertical interoperation) hierarchical levels communicating through Modbus TCP protocol based on functionalities obtained by integrating trusted platform modules. From the experimental results perspective, the paper aims to show the advantages of integrating TPMs in automation/SCADA systems in terms of security. Two methods are proposed in order to assure the authenticity of the messages which are transmitted, respectively the study presents the measurements related to the increased time latency introduced due to the proposed concept.

show abstract

Security issues in SCADA based industrial control systems

Cited by 53 publications

References 8 publications

Industrial IoT, Cyber Threats, and Standards Landscape: Evaluation and Roadmap

Industrial IoT, Cyber Threats, and Standards Landscape: Evaluation and Roadmap

Experimenting With Digital Signatures Over a DNP3 Protocol in a Multitenant Cloud-Based SCADA Architecture

Cryptographic Considerations for Automation and SCADA Systems Using Trusted Platform Modules

Contact Info

Product

Resources

About