The Security Survey and Anaylsis on Supervisory Control and Data Acquisition Communication (original) (raw)
Related papers
The Scada Review: System Components, Architecture, Protocols and Future Security Trends
American Journal of Applied Sciences
The Supervisory Control and Data Acquisition (SCADA) system has prominent place and play important roles within real time industrial communication included "electric stations, oil stations and water purification plants". In this study; the SCADA System main components, architecture and important protocols, which have been used in SCADA message transmission are reviewed. After review, the current research changes the direction (Section: Future Work) to the security of SCADA system and the existing methods or security methods that have been deployed within the SCADA system. This review also gives directions to secure SCADA network communication.
Encryption Security in SCADA Networks
Supervisory control and data acquisition (SCADA) are applications that collect data from a system in order to automate the monitoring and controlling of its activities. Several industrial fields such as, electric utilities, water supplies and buildings’ facilities have already adopted SCADA systems to increase the efficiency and reduce cost. However, the IT community is concerned about the level of security that any applied SCADA system provides. This paper concentrates on the major security threats encountered in SCADA systems. In addition, it discusses a new proposed methodology in order to increase the system security with minimal impact on efficiency. The proposed scheme provides several security services which are mutual authentication, confidentiality, data integrity and accountability.
A Survey on SCADA Systems: Secure Protocols, Incidents, Threats and Tactics
IEEE Communications Surveys & Tutorials
Supervisory Control and Data Acquisition (SCADA) systems are the underlying monitoring and control components of critical infrastructures, such as power, telecommunication, transportation, pipelines, chemicals and manufacturing plants. Legacy SCADA systems operated on isolated networks, that made them less exposed to Internet threats. However, the increasing connection of SCADA systems to the Internet, as well as corporate networks, introduces severe security issues. Security considerations for SCADA systems are gaining higher attention, as the number of security incidents against these critical infrastructures is increasing. In this survey, we provide an overview of the general SCADA architecture, along with a detailed description of the SCADA communication protocols. Additionally, we discuss certain high-impact security incidents, objectives, and threats. Furthermore, we carry out an extensive review of the security proposals and tactics that aim to secure SCADA systems. We also discuss the state of SCADA system security. Finally, we present the current research trends and future advancements of SCADA security.
Utilization of Encryption for Security in SCADA Networks
International Journal of Engineering Inventions
Supervisory control and data acquisition (SCADA) are applications that collect data from a system in order to automate the monitoring and controlling of its activities. Several industrial fields such as, electric utilities, water supplies and buildings’ facilities have already adopted SCADA systems to increase the efficiency and reduce cost. However, the IT community is concerned about the level of security that any applied SCADA system provides. This paper concentrates on the major security threats encountered in SCADA systems. In addition, it discusses a new proposed methodology in order to increase the system security with minimal impact on efficiency. The proposed scheme provides several security services which are mutual authentication, confidentiality, data integrity and accountability.
Security Solution to Protect SCADA Systems from Cyber Attacks
Supervisory Control and Data Acquisition (SCADA) systems, control and monitor utility infrastructure, such as electricity, gas, water etc, which happen to be part of critical infrastructure. Existing SCADA systems were originally designed for reliability. Initial SCADA systems used proprietary protocols like Modbus, DNP3 to access sensed data and initiate supervisory control. These SCADA systems were not designed with Internet security in mind, which provides challenges as these systems are migrated toward common Internet communication protocols and networks. Compared to IT systems, SCADA systems have a higher requirement concerning reliability, latency and uptime, so it is not always feasible to apply IT security measures deployed in IT systems. This paper provides an overview of security issues in SCADA networks. A range of threats to SCADA network security is offered. Next, attention is focused on security assessment of the SCADA. This is followed by an overview of relevant SCADA security solutions. Finally our security solution approach which is embedded in "bump-in-the-wire" is discussed.
International Journal of Cyber Warfare and Terrorism, 2015
SCADA (Supervisory Control and Data Acquisition System) is a cyber-physical system, wherein IT (Information Technology) components work in conjunction with field devices to control a physical process. The security of these IT components becomes crucial in view of the damaging effects that any security breach of these IT components can have on the underlying physical process. In response to this critical issue, various governments across the world have recognized the issue of SCADA security and have initiated the creation of a regulatory framework for mandating SCADA security in their respective countries. This paper provides a brief overview of the cyber-security issues of SCADA and the implications of Stuxnet for SCADA security. The paper reviews the steps taken by the governments of India and South Africa; and it provides guidance to the owners of SCADA regarding SCADA security, as mandated by the Government of India.
Cryptography and Authentication Placement to Provide Secure Channel for SCADA
2016
Distributed control systems (DCSs) and Supervisory Control and Data Acquisition (SCADA) systems are widely used in real time industry infrastructures such as water pumping stations, gas, and oil and other real time deployments. SCADA implementation within a cloud computing environment is new and beneficial for real time infrastructures. Using cloud computing, real time infrastructure saves cost, achieves more reliability and functionality related to the current requirements of industry in the term of control and acquisition. In current paper, the cryptyography algorithms are implements to secure data, and a conception model is proposed to implement SCADA within cloud environment and also discuss the security issues related to SCADA, and cloud computing. At the end; cryptographic solution is implemented in SCADA communication without or/and within the cloud infrastructure (Delivery of data/message from the Master terminal unit or MTU to Remote terminal unit or RTU) to achieve securit...
Analysis and Planning of the Cyber Security of SCADA Networks
2017
The increasing dependence of critical infrastructures and industrial automation on interconnected physical and cyber-based control systems has resulted in an increasing and previously unpredicted cyber security threat to supervisory control and data acquisition (SCADA) systems and distributed control systems (DCSs). This work presents a review on SCADA cyber security and the case for improving security to SCADA systems. It examines the factors that have contributed to the growing vulnerability of control systems, and presents new standards designed to protect critical infrastructure including the use of encryption and authentication for SCADA systems. A comprehensive model for analysis and planning of the cyber security of SCADA networks is presented.
Secure Management of SCADA Networks
When a SCADA (Supervisory Control and Data Acquisition) system monitors and manages other complex infrastructures through the use of distributed technologies, it becomes a critical infrastructure by itself: A failure or disruption in any of its components could implicate a serious impact on the performance of the other infrastructures. The connection with other systems makes a SCADA system more vulnerable against attacks, generating new security problems. As a result, it is essential to perform diverse security analysis frequently in order to keep an updated knowledge and to provide recommendations and/or solutions to mitigate or avoid anomalous events. This will facilitate the existence of a suitable, reliable, and available control network.
SECURITY THREATS TO SCADA SYSTEMS
SCADA systems have evolved from exotic hardware and software in the 1970’s, to systems that can include standard PCs and operating systems, TCP/IP communications and Internet access. The threat exposure has increased further by the common practice of linking SCADA networks to business networks. Intentional security threats to SCADA systems can be grouped as follows: 1. Malware 2.Terrorist 3. Hacker 4. Insider The insider may be motivated to damage or disrupt the SCADA system or the utility’s physical system. So we provide user security to prevent users from accessing certain parts of the system.