Skip to main content
SpringerLink
Log in

Security Aspects of SCADA and DCS Environments

  • Chapter
Critical Infrastructure Protection

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7130))

Abstract

SCADA Systems can be seen as a fundamental component in Critical Infrastructures, having an impact in the overall performance of other Critical Infrastructures interconnected. Currently, these systems include in their network designs different types of Information and Communication Technology systems (such as the Internet and wireless technologies), not only to modernize operational processes but also to ensure automation and real-time control. Nonetheless, the use of these new technologies will bring new security challenges, which will have a significant impact on both the business process and home users. Therefore, the main purpose of this Chapter is to address these issues and to analyze the interdependencies of Process Control Systems with ICT systems, to discuss some security aspects and to offer some possible solutions and recommendations.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 69.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 89.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. IBM Corporation, A Strategic Approach to Protecting SCADA and Process Control Systems (2007), http://documents.iss.net/whitepapers/SCADA.pdf (accessed on March 2010)

  2. Smith, M.: Web-based Monitoring & Control for OilGas Industry, SCADA’s Next Step Forward, Pipeline & Gas Journal (2001)

    Google Scholar 

  3. Qiu, B., Gooi, B.: Web-based SCADA display systems (WSDS) for access via Internet. IEEE Transactions on Power Systems 5(2), 681–686 (2000)

    Article  Google Scholar 

  4. Qiu, B., Gooi, H., Liu, Y., Chan, E.: Internet-based SCADA display system. Computer Applications in Power 15(1), 14–19 (2002)

    Article  Google Scholar 

  5. Leou, R., Chang, Y., Teng, J.: A Web-based power quality monitoring system. IEEE Power Engineering Society Summer Meeting 3, 1504–1508 (2001)

    Google Scholar 

  6. Li, D., Serizawa, Y., Kiuchi, M.: Concept design for a Web-based supervisory control and data-acquisition (SCADA) system. In: Transmission and Distribution Conference and Exhibition, Asia Pacific, vol. 1, pp. 32–36. IEEE/PES (2002)

    Google Scholar 

  7. Jain, M., Jain, A., Srinivas, M.: A web based expert system shell for fault diagnosis and control of power system equipment. In: Condition Monitoring and Diagnosis, pp. 1310–1313 (2008)

    Google Scholar 

  8. Yokogawa, http://yokogawa.com/scd/fasttools/scd-scada-websuper-en.htm (accessed on March 2010)

  9. WebSCADA, http://www.webscada.com/ (accessed on March 2010)

  10. Gungor, V., Lambert, F.: A survey on communication networks for electric system automation. Computer Networks: The International Journal of Computer and Telecommunications Networking, ACM 50(7), 877–897 (2006)

    Google Scholar 

  11. Cardenas, A., Amin, S., Sastry, S.: Research Challenges for the Security of Control Systems. In: 3rd USENIX Workshop on Hot Topics in Security (HotSec 2008), San Jose, USA (2008)

    Google Scholar 

  12. Dacey, R.: Critical Infrastructure Protection: Challenges in securing control systems, Information Security Issues. U.S. General Accounting Office (2003)

    Google Scholar 

  13. Bialek, J.W.: Critical Interrelations between ICT and Electricity System, Electricity security in the cyber age: Managing the increasing dependence of the electricity infrastructure on ICT (NGInfra), Utrecht, The Netherlands (2009)

    Google Scholar 

  14. NERC Power Industry Policies, IEEE Industry Applications Magazine (2004)

    Google Scholar 

  15. Choong, S.: Deregulation of the Power Industry in Singapore, IEE Conf. Pub, Vol. 2000, Issue CP478/Vol. 1, pp.11–32, APSCOM (2000)

    Google Scholar 

  16. Pollet, J.: Developing a Solid SCADA Security Strategy. In: 2nd ISA/IEEE Sensors for Industry Conference, pp. 148–156 (2002)

    Google Scholar 

  17. Riptech, Inc., Understanding SCADA System Security Vulnerabilities, http://www.zdnet.co.uk/white-papers/riptech/n-1z10rhq/ (accessed on March 2010)

  18. Barkakati, N., Wilshusen, G.: Deficient ICT Controls Jeorpardize Systems Supporting the Electricity Grid - A case Study, Securing Electricity Supply in the Cyber Age: Managing the increasing dependence of the electricity infrastructure on ICT (NGInfra), Utrecht, The Netherlands, vol. 15, pp. 129–142 (2009)

    Google Scholar 

  19. Alcaraz, C., Agudo, I., Fernandez-Gago, C., Roman, R., Fernandez, G., Lopez, J.: Adaptive Dispatching of Incidences based on Reputation for SCADA Systems. In: Fischer-Hübner, S., Lambrinoudakis, C., Pernul, G. (eds.) TrustBus 2009. LNCS, vol. 5695, pp. 86–94. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  20. Ronald, L.: Securing SCADA Systems. Wiley Publishing Inc., Indianapolis (2006)

    Google Scholar 

  21. Igure, V.M., Laughter, S., Ronald, W.: Security issues in SCADA networks. Computers & Security (25), 498–506 (2006)

    Google Scholar 

  22. National Infrastructure Security Coordination Centre (NISCC), Good Practice Guide on Firewall Deployment for SCADA and Process Control Networks, http://www.cpni.gov.uk/docs/re-20050223-00157.pdf (accessed March 2010)

  23. Byres, E., Carter, J., Elramly, A., Hoffman, D.: Worlds in collision: Ethernet on the plant floor (2002), http://www.isa.org/fmo/newsweb/pdf/worlds.pdf (accessed March 2010)

  24. Philip, L., Campbell, P.: Survivability via Control Objectives. In: 3rd IEEE Information Survivability (ISW 2000), pp. 1–4 (2000)

    Google Scholar 

  25. ANSI/ISA-99.02.01-2009 standard, Security for Industrial Automation and Control Systems Part 2: Establishing an Industrial Automation and Control Systems Security Program (2009), http://www.isa.org/MSTemplate.cfm?MicrositeID=988&CommitteeID=6821

  26. ISO/IEC TR 19791:2006, Information technology-Security techniques-Security assessment of operational systems, Draft revision ISO/IEC JTC 1/SC 27 Final text for ISO/IEC TR, ITTF (2009)

    Google Scholar 

  27. Stamp, J., Campbell, P., Depoy, J., Dillinger, J., Young, W.: Sustainable security for infrastructure SCADA, SAND2003-4670 (2004), http://www.sandia.gov/scada/documents/SustainableSecurity.pdf (accessed March 2010)

  28. Alcaraz, C., Fernandez, G., Roman, R., Balastegui, A., Lopez, J.: Secure Management of SCADA Networks. UPGRADE 9(6), 22–28 (2008)

    Google Scholar 

  29. GAO, Challenges and Efforts to Secure Control Systems (2004)

    Google Scholar 

  30. NIST, SP800-82 Guide to Industrial Control Systems, http://csrc.nist.gov/publications/drafts/800-82/draft_sp800-82-fpd.pdf (accessed March 2010)

  31. CPNI, Good practice guide process control and SCADA security guide 7, Establish ongoing governance, http://www.cpni.gov.uk/Docs/Guide_7_Establish_Ongoing_Governance.pdf http://www.cpni.gov.uk/Products/bestpractice/goodpracticearchive.aspx

  32. ESCoRTS Security of Controls and Real Time Systems, TD21 (January 2010), http://www.escortsproject.eu/getfile.php?id=316/

  33. James, J., Graham, J., Leger, A.: Gap Analysis for Survivable PCS, United States Military Academy Research Report No. 14, www.thei3p.org/publications/ResearchReport14.pdf (accessed March 2010)

  34. Kertzner, P., Bodeau, D., Nitschke, R., Watters, J., Young, M., Stoddard, M.: Process Control System Security Technical Risk Assessment, Analysis of Problem Domain, I3P research report No. 3 (2005), http://www.thei3p.org/docs/publications/ResearchReport3.pdf (accessed, March 2010)

  35. eCID, enlightened Critical Infrastructures Defense, TSI-020301-2009-18, R&D project co-financed by Spanish Ministry of Tourism and Commerce by Plan Avanza, 2009–2010

    Google Scholar 

  36. Evans, R.P.: Control Systems Cyber Security Standards Support Activities (2009), http://www.inl.gov/technicalpublications/Documents/4192219.pdf (accessed March 2010)

  37. Department of Homeland Security (DHS), Catalog of Control Systems Security: Recommendations for Standards Developers (2008), http://www.us-cert.gov/control_systems/pdf/Catalog_of_Control_Systems_Security_Recommendations.pdf (accessed March 2010)

  38. NERC, Critical Infrastructure Protection (CIP) (2008), http://www.nerc.com/page.php?cid=2|20]

    Google Scholar 

  39. NIST, System Protection Profile-Industrial Control Systems, version 1.0 (2004)

    Google Scholar 

  40. Sandip, C., Ganesh, D., Graham, H.: Improving the Cyber Security of SCADA Communication Networks. ACM 52(7) (2009)

    Google Scholar 

  41. Okhravi, H., Nicol, D.: Applying Trusted Network Technology to Process Control Systems. In: Papa, M., Shenoi, S. (eds.) Critical Infrastructure Protection II. IFIP, vol. 290, pp. 57–70. Springer, Boston (2009)

    Chapter  Google Scholar 

  42. Viking Project (2010), http://www.vikingproject.eu/page3.php (accessed on March 2010)

  43. Office of Electricity Delivery and Energy Reliability Common Cyber Security Vulnerabilities Observed in Control, DoE, System Assessments by the INL NSTB Program (2008), http://www.oe.energy.gov/DocumentsandMedia/DOE_SG_Book_Single_Pages.pdf (accessed March 2010)

  44. Cavoukian, A., Polonetsky, J., Wolf, C.: SmartPrivacy for the Smart Grid: Embedding Privacy into the Design of Electricity Conservation, Office of the Information and Privacy Commissioner/Ontario (2009), http://www.ipc.on.ca/images/Resources/pbd-smartpriv-smartgrid.pdf (accessed March 2010)

  45. Mazza, P.: Smart Grid: Powering Up the Smart Grid-Smart Grid News-Grid Modernization and the Smart Grid (2007), http://www.smartgridnews.com/artman/uploads/1/sgnr_2007_12035.pdf

  46. Wei, D., Lu, Y., Jafari, M., Skare, P., Rohde, K.: An integrated security system of protecting Smart Grid against cyber attacks. In: Innovative Smart Grid Technologies (ISGT), pp. 1–7 (2010)

    Google Scholar 

  47. Carvajal, F.: Computer Immune System: An overview-creating a cyberimmune operating system. In: Proceedings of the 1st International Workshop on Security in Information Systems, SIS 2002 (2002)

    Google Scholar 

  48. IRRIIS Project, Overview on Bio-inspired operation strategies, Deliverable 2.2.3, http://www.irriis.org/File.aspx?lang=2&oiid=9139&pid=572 (accessed on March 2010)

  49. Kilman, D., Stamp, J.: Framework for SCADA Security Policy, Sandia National Laboratories report SAND2005-1002C (2005)

    Google Scholar 

  50. Jaatun, G., Albrechtsen, E., Line, B., Tondel, I., Longva, O.: A framework for Incident Response Management in the Petroleum Industry. International Journal of Critical Infrastructure Protection 2(1-2), 26–37 (2009)

    Article  Google Scholar 

  51. Nai, I., Carcanoa, A., Masera, M., Trombetta, A.: An Experimental Investigation of Malware Attacks on SCADA Systems. International Journal of Critical Infrastructure Protection 2(4), 139–145 (2009)

    Article  Google Scholar 

  52. Verba, J., Milvich, M.: Idaho National Laboratory Supervisory Control and Data Acquisition Intrusion Detection System (SCADA IDS). In: IEEE Conference on Technologies for Homeland Security, pp. 469–473 (2008)

    Google Scholar 

  53. Cai, N., Wang, J., Yu, X.: SCADA system security: Complexity, history and new developments. In: 6th IEEE International Conference on Industrial Informatics (INDIN 2008), pp. 569–574 (2008)

    Google Scholar 

  54. Marhusin, M., Cornforth, D., Larkin, H.: An overview of recent advances in intrusion detection. In: 8th IEEE International Conference on Computer and Information Technology (CIT 2008), pp. 432–437. IEEE Press (2008)

    Google Scholar 

  55. DigitalBond, http://www.digitalbond.com (accessed on November 2010)

  56. Linda, O., Vollmer, T., Manic, M.: Neural Network based Intrusion Detection System for Critical Infrastructures. In: International Joint Conference on Neural Networks (IJCNN), pp. 1827–1834. IEEE Press (2009)

    Google Scholar 

  57. Coutinho, M., Lambert-Torres, G., Silva, L., Martins, H., Lazarek, H., Neto, J.: Anomaly Detection in Power System Control Center Critical Infrastructures using Rough Classification Algorithm. In: DEST 2009, pp. 733–738. IEEE Press (2009)

    Google Scholar 

  58. Valdes, A., Cheung, S.: Intrusion Monitoring in Process Control Systems. In: 42nd Hawaii International Conference on System Sciences (HICSS 2009), pp. 1–7. IEEE Press (2009)

    Google Scholar 

  59. Patil, N., Das, C., Patankar, S., Pol, K.: Analysis of Distributed Intrusion Detection Systems Using Mobile Agents. In: First International Conference on Emerging Trends in Engineering and Technology (ICETET 2008), pp. 1255–1260. IEEE Press (2008)

    Google Scholar 

  60. Tsang, C., Kwong, S.: Multi-agent Intrusion Detection System in Industrial Network using Ant Colony Clustering Approach and Unsupervised Feature Extraction. In: IEEE International Conference on Industrial Technology, ICIT 2005, pp. 51–56 (2005)

    Google Scholar 

  61. SNORT, http://www.snort.org (accessed on November 2010)

  62. Georgoulas, D., Blow, K.: Intelligent Mobile Agent Middleware for Wireless Sensor Networks: A Real Time Application Case Study. In: Fourth Advanced International Conference on Telecommunications, AICT 2008, pp. 95–100 (2008)

    Google Scholar 

  63. Fok, C., Roman, G., Lu, C.: Agilla: A Mobile Agent Middleware for Self-adaptive Wireless Sensor Networks. Transactions on Autonomous and Adaptive Systems (TAAS) 4 (2009)

    Google Scholar 

  64. Slay, J., Sitnikova, E., Campbell, P., Daniels, B.: Process Control System Security and Forensics: A Risk Management Simulation. In: Proceedings of SIMTECT 2009, Adelaide (2009)

    Google Scholar 

  65. Slay, J., Sitnikova, E.: The Development of a Generic Framework for the Forensic Analysis of SCADA and Process Control Systems, e-Forensics (2009)

    Google Scholar 

  66. Morris, T., Srivastava, A., Reaves, B., Pavurapu, K., Abdelwahed, S., Vaughn, R., McGrew, W., Dandass, Y.: Engineering Future Cyber-Physical Energy Systems: Challenges, Research Needs, and Roadmap. In: IEEE North American Power Symposium (October 2009)

    Google Scholar 

  67. Tolone, W.: Interactive Visualizations for Critical Infrastructure Analysis. International Journal of Critical Infrastructure Protection 2, 124–134 (2009)

    Article  Google Scholar 

  68. NIST, Smart Grid Cyber Security Strategy and Requirements, The Smart Grid Interoperability Panel - Cyber Security Working Group, Draft NISTIR 7628, U.S. Department of Commerce (2010)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Computer Science Department, University of Malaga, 29071, Malaga, Spain

    Cristina Alcaraz & Gerardo Fernandez

  2. Indra Company, 28108, Alcobendas, Madrid, Spain

    Fernando Carvajal

Authors
  1. Cristina Alcaraz
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Gerardo Fernandez
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Fernando Carvajal
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, University of Malaga, 29071, Málaga, Spain

    Javier Lopez

  2. Complex Systems & Security Lab, University CAMPUS Bio-Medico, Via Alavro del Portilla, 21, 00128, Roma, Italy

    Roberto Setola

  3. Information Security Group, Department of Mathematics, University of London, Royal Holloway, Egham Hill, TW20 0EX, Egham, Surrey, UK

    Stephen D. Wolthusen

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this chapter

Cite this chapter

Alcaraz, C., Fernandez, G., Carvajal, F. (2012). Security Aspects of SCADA and DCS Environments. In: Lopez, J., Setola, R., Wolthusen, S.D. (eds) Critical Infrastructure Protection. Lecture Notes in Computer Science, vol 7130. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-28920-0_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-28920-0_7

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-28919-4

  • Online ISBN: 978-3-642-28920-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation