Abstract
SCADA systems are the computers that control essential, complicated, and often dangerous physical processes, many of which constitute the physical infrastructure critical to modern societies. These physical processes are powerful tools, and their misuse generally has unacceptable consequences. Preventing such abuse is the goal of SCADA security. To understand misuse and how to avoid it, we need some understanding of what a SCADA system is, and how it works under different forms of attacks. These are the primary objectives of this paper.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Igure, V.M., Laughter, S.A., Williams, R.D.: Security issues in SCADA networks. Comput. Secur. 25(7), 498–506 (2006)
Pollet, J.: Developing a solid SCADA security strategy. In: 2nd ISA/IEEE Sensors for Industry Conference, pp. 148–156. IEEE (2002)
Chandia, R., Gonzalez, J., Kilpatrick, T., Papa, M., Shenoi, S.: Security strategies for SCADA networks. In: Goetz, E., Shenoi, S. (eds.) ICCIP 2007. IIFIP, vol. 253, pp. 117–131. Springer, Boston, MA (2008). https://doi.org/10.1007/978-0-387-75462-8_9
Nicholson, A., Webber, S., Dyer, S., Patel, T., Janicke, H.: SCADA security in the light of Cyber-Warfare. Comput. Secur. 31(4), 418–436 (2012)
Adamo, F., Attivissimo, F., Cavone, G., Giaquinto, N.: SCADA/HMI systems in advanced educational courses. IEEE Trans. Instrum. Meas. 56(1), 4–10 (2007)
Salihbegovic, A., Marinkovi, V., Cico, Z., Karavdi, E., Delic, N.: Web based multilayered distributed SCADA/HMI system in refinery application. Comput. Stand. Interfaces 31(3), 599–612 (2009)
Endi, M., Elhalwagy, Y.Z.: Three-layer PLC/SCADA system architecture in process automation and data monitoring. In: 2010 The 2nd International Conference on Computer and Automation Engineering (ICCAE), vol. 2, pp. 774–779. IEEE (2010)
Radvanovsky, R., Brodsky, J.: Handbook of SCADA/Control Systems Security. CRC Press, Boca Raton (2016)
Gallagher, S.: Two more healthcare networks caught up in outbreak of hospital ransomware. Ars Technica 29(03) (2016)
CBC News: University of Calgary paid \$20K in ransomware attack (2016). http://www.cbc.ca/news/canada/calgary/university-calgary-ransomware-cyberattack-1.3620979
Mandiant: Mandiant APT1 Exposing One of China’s Cyber Espionage Units (2013). https://www.fireeye.com/content/dam/fireeye-www/services/pdfs/mandiant-apt1-report.pdf
Alperovitch, D.: Revealed: Operation Shady RAT, vol. 3. McAfee (2011)
United States. White House Office, and Barack Obama. International Strategy for Cyberspace: Prosperity, Security, and Openness in a Networked Worldr. White House (2011)
Leyden, J.: Hack on Saudi Aramco Hit 30,000 Workstations, Oil Firm Admits-First Hacktivist-Style Assault to Use Malware? (The Register) (2012)
Zetter, K.: The NSA acknowledges what we all feared: Iran learns from US cyberattacks. Wired (2015)
Daryabar, F., Dehghantanha, A., Udzir, N.I., bin Shamsuddin, S.: Towards secure model for scada systems. In: 2012 International Conference on Cyber Security, Cyber Warfare and Digital Forensic (CyberSec), pp. 60–64. IEEE (2012)
Rege-Patwardhan, A.: Cybercrimes against critical infrastructures: a study of online criminal organization and techniques. Crim. Justice Stud. 22(3), 261–271 (2009)
Bigham, J., Gamez, D., Lu, N.: Safeguarding SCADA systems with anomaly detection. In: Gorodetsky, V., Popyack, L., Skormin, V. (eds.) MMM-ACNS 2003. LNCS, vol. 2776, pp. 171–182. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-45215-7_14
Fiaidhi, J., Gelogo, Y.E.: SCADA cyber attacks and security vulnerabilities. In: SERSC, Research Trend of Computer Science and Related Areas, ASTL, vol. 14, pp. 202–208 (2012)
Kerr, P.K., Rollins, J., Theohary, C.A.: The Stuxnet Computer Worm: Harbinger of an Emerging Warfare Capability. Congressional Research Service, Washington, DC (2010)
Colombini, C.M., Colella, A., Mattiucci, M., Castiglione, A.: Cyber threats monitoring: experimental analysis of malware behavior in cyberspace. In: Cuzzocrea, A., Kittl, C., Simos, D.E., Weippl, E., Xu, L. (eds.) CD-ARES 2013. LNCS, vol. 8128, pp. 236–252. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40588-4_17
Palmieri, F., Ficco, M., Castiglione, A.: Adaptive stealth energy-related dos attacks against cloud data centers. In: 2014 Eighth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), pp. 265–272. IEEE (2014)
De Santis, A., Castiglione, A., Fiore, U., Palmieri, F.: An intelligent security architecture for distributed firewalling environments. J. Ambient Intell. Hum. Comput. 4(2), 223–234 (2013)
Bertino, E., Casola, V., Castiglione, A., Susilo, W.: Security and privacy protection vs sustainable development, pp. 250–251 (2018)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Ionica, D., Pop, F., Popescu, N., Popescu, D., Dobre, C. (2018). SCADA Security: Concepts and Recommendations. In: Castiglione, A., Pop, F., Ficco, M., Palmieri, F. (eds) Cyberspace Safety and Security. CSS 2018. Lecture Notes in Computer Science(), vol 11161. Springer, Cham. https://doi.org/10.1007/978-3-030-01689-0_7
Download citation
DOI: https://doi.org/10.1007/978-3-030-01689-0_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-01688-3
Online ISBN: 978-3-030-01689-0
eBook Packages: Computer ScienceComputer Science (R0)