Skip to main content
SpringerLink
Log in

Improving Security of Oil Pipeline SCADA Systems Using Service-Oriented Architectures

  • Conference paper
On the Move to Meaningful Internet Systems: OTM 2008 Workshops (OTM 2008)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 5333))

Abstract

Oil pipeline Supervisory Control and Data Acquisition (SCADA) systems monitor and help control pipes transporting both crude and refined petroleum products. Typical SCADA system architectures focus on centralized data collection and control – however, this system has vulnerabilities that decrease the overall security of the system, especially for an oil pipeline SCADA. Service-oriented architecture (SOA) helps to improve security of SCADA systems by providing more localized data collection and control. In this paper we describe an SOA-based architecture for oil pipeline SCADA system that provides improved security compared to traditional architectures. An SOA-based SCADA divides the entire length of the pipeline system into zones where services offered within a zone are controlled by the zone master and masters periodically batch-update the central database over the back-bone network. The feasibility is explored by mathematical analysis and emulation.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. http://en.wikipedia.org/wiki/List_of_countries_by_total_length_of_pipelines (accessed on July 5, 2008)

  2. http://en.wikipedia.org/wiki/Pipeline_transport (accessed on July 5, 2008)

  3. Ismailzade, F.: A Strategic Approach to Pipeline Security. Report of the Institute for the Analysis of Global Security (2004), http://www.iags.org/n1115043.htm

  4. Clementson, D.P.: Reviewing SCADA basics. Pipeline and Gas Technology (2006) (accessed on July 5, 2008), http://www.pipelineandgastechnology.com/story.php?storyfile=2defd4c7-bdad-4776-af94-fa948ad21b18.html

  5. Slay, J., Sitnikova, E.: Developing SCADA Systems Security Course within a Systems Engineering Program. In: Proceedings of the 12th Colloquium for Information Systems Security Education, pp. 101–108 (2008)

    Google Scholar 

  6. Idaho National Engineering and Environmental Laboratory. A Comparison of Oil and Gas Segment Cyber Security Standards. Report No. INEEL/EXT-04-02462 (2004)

    Google Scholar 

  7. API Standard 1164, Pipeline SCADA Security First Edition (September 2004) (accessed on July 5, 2008), http://api-ep.api.org/filelibrary/1164PA.pdf

  8. Sauver, J.: SCADA Security (accessed on July 5, 2008), http://darkwing.uoregon.edu/~joe/scada/

  9. Henrie, M.: API 1164 Standard Revision (accessed on July 5, 2008), http://www.api.org/meetings/topics/pipeline/upload/Morgan_Henrie_API_1164_Standard_Revision_API_Presentation_REv_1.pdf

  10. Press Release, Sinopec selects Invensys for SCADA system on China’s longest crude oil pipeline (October 11, 2005) (accessed on July 5, 2008), http://news.thomasnet.com/companystory/468291

  11. References for Cegelec installations (accessed on July 5, 2008), http://www.oilandgas.cegelec.com/References/ScadaRef.htm

  12. O’Neill, M., et al.: Web Services Security. McGraw-Hill, New York (2003)

    Google Scholar 

  13. Associated Press news report, Oil passes, settles above $145 for first time (July 3, 2008) (accessed on July 5, 2008), http://www.msnbc.msn.com/id/12400801/

  14. http://en.wikipedia.org/wiki/SCADA (accessed on July 5, 2008)

  15. Matheson, M., Cooper, B.S.: Security Planning and Preparedness in the Oil Pipeline Industry. In: The Oil & Gas Review, pp. 104–108 (2004)

    Google Scholar 

  16. Farris, J.J., Nicol, D.M.: Evaluation of Secure Peer-to-Peer Overlay Routing for Survivable SCADA Systems. In: Proceedings of the 36th Conference on Winter Simulation, pp. 300–308. ACM Press, Washington (2004)

    Google Scholar 

  17. National Communications System, Technical Information Bulletin 04-1, Supervisory Control and Data Acquisition (SCADA) Systems (October 2004) (accessed on August 23, 2008), http://www.ncs.gov/library/tech_bulletins/2004/tib_04-1.pdf

  18. Ebata, Y., Hayashi, H., Hasegawa, Y., Komatsu, S., Suzuki, K.: Development of the Intranet-based SCADA (supervisory control and data acquisition system) for Power System. In: IEEE Power Engineering Society Winter Meeting, vol. 3, pp. 1656–1661. IEEE Press, Los Alamitos (2000)

    Google Scholar 

  19. Dagle, J.E., Widergren, S.E., Johnson, J.M.: Enhancing the Security of Supervisory Control and Data Acquisition Systems: the Lifeblood of Modern Energy Infrastructures. In: IEEE Power Engineering Society Winter Meeting, vol. 1, p. 635. IEEE Press, Los Alamitos (2002)

    Google Scholar 

  20. Bruce, A.G.: Reliability analysis of electric utility SCADA systems. IEEE Transactions on Power Systems 13(3), 844–849 (1998)

    Article  Google Scholar 

  21. Prinz, J., Kampichler, W., Haindl, B.: Service Orietned Communication Architectures in Safety Critical Environments. In: Integrated Communications Navigation and Surveillance (ICNS) Conference (2006) (accessed on August 23, 2008), http://spacecome.grc.nasa.gov/icnsconf/docs/2006/04_Session_A3/06-Kampichler.pdf

  22. Roch, E.: SOA Security Architecture (2006) (accessed on August 23, 2008), http://it.toolbox.com/blogs/the-soa-blog/soa-security-architecture-11431

  23. Leonard, P.: High Performance SOA – A Contradiction in Terms? (2006) (accessed on August 23, 2008), http://www.webservices.org/weblog/patrick_leonard/high_performance_soa_a_contradiction_in_terms

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, The University of Texas at Tyler 3900 University Blvd., Tyler, Texas, 75799, USA

    Nary Subramanian

Authors
  1. Nary Subramanian
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. STARLab, Vrije Universiteit Brussel (VUB),, Bldg G/10, Pleinlaan 2, 1050, Brussels, Belgium

    Robert Meersman

  2. School of Computer Science and Information Technology, RMIT University, Bld 10.10, 376-392 Swanston Street, VIC 3001, Melbourne, Australia

    Zahir Tari

  3. Facultad de Informática, Universidad Politécnica de Madrid, Campus de Montegancedo S/N, Boadilla del Monte, 28660, Madrid, Spain

    Pilar Herrero

Rights and permissions

Reprints and permissions

Copyright information

© 2008 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Subramanian, N. (2008). Improving Security of Oil Pipeline SCADA Systems Using Service-Oriented Architectures. In: Meersman, R., Tari, Z., Herrero, P. (eds) On the Move to Meaningful Internet Systems: OTM 2008 Workshops. OTM 2008. Lecture Notes in Computer Science, vol 5333. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-88875-8_56

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-88875-8_56

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-88874-1

  • Online ISBN: 978-3-540-88875-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation