Security and protection of SCADA: a bigdata algorithmic approach

Due to technological advances, it has been a common practice for quite some time to use embedded computers for the monitoring and control of physical processes/plants. These are essentially networked computer-based systems consisting of application-specific control-processing systems, actuators, sensors etc., used for digitally controlling physical systems (often in a federated manner) within a defined geographical location such as power plants, chemical plants etc. Different terminologies like distributed control systems (DCS), cyber-physical systems (CPS), supervisory control and data acquisition systems(SCADA) etc., are used to denoting similar usage. Technology has further made it possible to federate/ integrate heterogeneous (even built by different manufacturers) systems. While such capabilities have provided the needed flexibility and user convenience, it has also created challenges for system designers not only from the correctness point of view but also from the point of view of security and protection of the underlying physical plants. With the arrival of complex malwares, it has become very challenging to secure network and information systems from intruders and protect the systems from attackers. Recently, complex malwares like Stuxnet, Flame etc., have specifically targeted SCADA of public infrastructures like power grids/plants, and thus, bringing to the forefront the challenges in securing and protecting SCADA. The above mentioned malwares are horrendously complex and hence, need a wholesome approach for detection and protection. In these scenarios, apart from the classical IT security, there is a need to look at other plausible new attacks considering the domain of the physical systems in conjunction with the capabilities of the embedded computers, and arrive at methods of protection and risk evaluation.

In this paper, we shall describe an algorithmic data-intensive approach (referred to as Bigdata approach) for protecting and securing SCADA from malware attacks. The approach is based on using the data used by control-system designers for making the system robust, and then reducing the security and protection problem of control systems or SCADA, in general, to the problem of monitoring distributed streaming data. We further show that the method is algorithmically scalable and argue that such algorithmic Bigdata approaches enable securing and protecting of IT controlled public infrastructures.