Towards Improving SCADA Control Systems Security with Vulnerability Analysis

Cagalaban, Giovanni; Kim, Seoksoo

doi:10.1007/978-3-642-22706-6_5

Cited by 8 publications

(10 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Similarly, the list of recently developed SCADA testbed for cyber-security research applications is exhaustive and could not be entirely covered in this section. Few other significant examples include Lu et al [7], Davis [8], Giani et al [9] and Cagalaban et al [10].…”

Section: Recent Developments Of Scada Testbedmentioning

confidence: 99%

Cyber Security Backdrop: A SCADA testbed

Farooqui

Zaidi

Memon

et al. 2014

2014 IEEE Computers, Communications and IT Applications Conference

View full text Add to dashboard Cite

Supervisory Control and Data Acquisition (SCADA) systems are traditionally proprietary and well protected. Due to increasing use of commercial/open source technology and communication protocols, there are growing concerns about the associated security threats. SCADA networks are usually employed in critical infrastructure, therefore, not much technical data of the actual systems is accessible to the research community.Most of the researchers simulate the SCADA functioning through development of testbed. Such projects are usually expensive and requiring financial sponsorship. In this paper we present a simple, inexpensive and flexible approach to develop a SCADA testbed utilizing TrueTime, a MATLAB/ Simulink based tool. The paper describes TrueTime simulation blocks, our control system, simulation of Denial of Service (DoS) attack and its effects. The main aim was to assess the effectiveness and suitability of TrueTime for the intended use in the development of a larger scale SCADA testbed. The results shown reflect that TrueTime can be effectively used for the purpose of SCADA network simulations and collection of necessary data for security analysis.

show abstract

Section: Recent Developments Of Scada Testbedmentioning

confidence: 99%

Cyber Security Backdrop: A SCADA testbed

Farooqui

Zaidi

Memon

et al. 2014

2014 IEEE Computers, Communications and IT Applications Conference

View full text Add to dashboard Cite

show abstract

“…In 2010, [7] stated that since cyber-attacks can destroy critical infrastructures and affect the lives of people, protection mechanisms should be taken to prevent penetrations and intrusions into the ICS network. They also expressed that mitigating the effect of increasing number of vulnerabilities caused by employing ICT services into industrial settings and connecting ICS network to external world, requires to investigate security bugs of industrial applications.…”

Section: Related Workmentioning

confidence: 99%

A security test-bed for industrial control systems

Azimi

Sami

Khalili

2014

Proceedings of the 1st International Workshop on Modern Software Engineering Methods for Industrial Automation

View full text Add to dashboard Cite

Industrial Control Systems (ICS) such as Supervisory ControlAnd Data Acquisition (SCADA), Distributed Control Systems (DCS) and Distributed Automation Systems (DAS) control and monitor critical infrastructures. In recent years, proliferation of cyber-attacks to ICS revealed that a large number of security vulnerabilities exist in such systems. Excessive security solutions are proposed to remove the vulnerabilities and improve the security of ICS. However, to the best of our knowledge, none of them presented or developed a security test-bed which is vital to evaluate the security of ICS tools and products. In this paper, a test-bed is proposed for evaluating the security of industrial applications by providing different metrics for static testing, dynamic testing and network testing in industrial settings. Using these metrics and results of the three tests, industrial applications can be compared with each other from security point of view. Experimental results on several real world applications indicate that proposed test-bed can be successfully employed to evaluate and compare the security level of industrial applications.

show abstract

“…Considering their location (on board of PLCs) it is hardly possible to detect the presence of vulnerabilities in advance, but at the same time being so close to the actuators they can be one of the most dangerous sources of threat. For details about SCADA software vulnerabilities we point to [10].…”

Section: Software Vulnerabilitiesmentioning

confidence: 99%

SCADA System Cyber Security

Fovino

2013

Secure Smart Embedded Devices, Platforms and Applications

View full text Add to dashboard Cite

Modern industrial systems (e.g. power plants, water plants, chemical installation, etc.) make large use of information and communication technologies (ICT). In the past years, those systems started to use public networks (i.e. the Internet) for system-to-system interconnection, to provide new features and services. The migration from the traditional isolated system approach to an open system approach exposed these infrastructures to cyber-threats. The scope of this chapter is provide the reader with an overview of the cyber threats and vulnerabilities affecting the system control and data acquisition systems (SCADA), i.e. those systems in charge for monitoring and controlling the industrial processes, providing indications on possible mitigation techniques.

show abstract

Towards Improving SCADA Control Systems Security with Vulnerability Analysis

Cited by 8 publications

References 3 publications

Cyber Security Backdrop: A SCADA testbed

Cyber Security Backdrop: A SCADA testbed

A security test-bed for industrial control systems

SCADA System Cyber Security

Contact Info

Product

Resources

About