Total views : 4754

A Survey of SCADA Testbed Implementation Approaches

Affiliations

  • Centre for Information and Network Security Universiti Tenaga Nasional (UNITEN) Kajang – 43000, Selangor, Malaysia
  • Cyber Security Malaysia Seri Kembangan – 43300, Selangor, Malaysia

Abstract


Objectives: SCADA systems are turning into the central nerve system of the electric power system critical infrastructure. With the increasing availability and use of computer networks and the Internet as well as the convenience of cloud computing, SCADA systems have increasingly adopted Internet-of-Things technologies to significantly reduce infrastructure costs and increase ease of maintenance and integration. However, SCADA systems are obvious targets for cyber attacks that would seek to disrupt the critical infrastructure systems thus are governed by a SCADA system. Methods/Statistical Analysis: Cyber attacks exploit SCADA security vulnerabilities in order to take control or disrupt the normal operation of the system. Analyzing security vulnerability and loopholes are critical in developing security solutions for such systems. It is also equally important to test security solutions developed to protect SCADA systems. Findings: Experimenting on live systems is generally not advisable and impractical as this may render the system unstable. Such situation calls for the need of an experimental setup equivalent or quite close to the real scenario for developing and testing security solutions. Application/Improvements: This paper reviews common SCADA implementation approaches utilized in previous related works.

Keywords

Cyber Attacks, Industrial Control, Power Systems, SCADA Systems, Security, Testbed.

Full Text:

 |  (PDF views: 192)

References


  • Chen B, Pattanaik N, Goulart A, Butler-Purry KL, Kundur D. Implementing attacks for modbus/TCP protocol in a real-time cyber physical system test bed. Proc CQR 2015 IEEE Int Work Tech Comm Commun Qual Reliab; 2015.
  • Queiroz C, Mahmood A, Tari Z. SCADASimA framework for building SCADA simulations. IEEE Trans Smart Grid. 2011; 2(4):589–97. Crossref
  • Stoian I, Ignat S, Capatina D, Ghiran O. Security and intrusion detection on critical SCADA systems for water management.
  • IEEE Int Conf Autom Qual Testing Robot; 2014. p. 1–6. Crossref
  • Do VL, Fillatre L, Nikiforov I, Antipolis S. Cyber-Physical Attacks. University of Technology of Troyes. CNRS ICD / LM2S UMR 6281 10004 Troyes Cedex; France; 2015. p. 2301–5.
  • Zhu B, Joseph A, Sastry S. A taxonomy of cyber attacks on SCADA systems. Proc of 2011 IEEE Int Conf Internet Things Cyber Phys Soc Comput; 2011. p. 380–8. Crossref
  • Drias Z, Serhrouchni A, Vogel O. Analysis of Cyber Security for Industrial Control Systems. Int Conf Cyber Secur Smart Cities Ind Control Syst Commun; 2015. p. 1–8. Crossref
  • Anwar Z, Shankesi R, Campbell RH. Automatic security assessment of critical cyber-infrastructures. Proc Int Conf Dependable Syst Networks; 2008. p. 366–75. Crossref
  • Aghamolki HG, Miao Z, Fan L. A hardware-in-the-loop SCADA testbed. 2015 North Am Power Symp (NAPS); 2015. p. 1–6.
  • Queiroz C, Mahmood A, Hu J, Tari Z, Yu X. Building a SCADA security testbed. NSS 2009 Netw Syst Secur; 2009 Jan. p. 357–64. Crossref
  • Dayal A, Deng Y, Tbaileh A, Shukla S. VSCADA: A Reconfigurable Virtual SCADA Test- bed for Simulating Power Utility Control Center Operations; 2015. p. 1–5.
  • Chikuni E, Dondo M. Investigating the security of electrical power systems SCADA. IEEE AFRICON Conference; 2007. Crossref
  • McLaughlin S, Konstantinou C, Wang X, Davi L, Sadeghi A, Maniatakos M, Karri R. The Cybersecurity Landscape in Industrial Control Systems. Proc IEEE. 2016 May; 104(5):1039–57. Crossref
  • Li W, Xie L, Liu D, Wang Z. False logic attacks on SCADA control system. Proc 2014 Asia Pacific Serv Comput Conference (APSCC 2014); 2015. p. 136–40.
  • Stouffer K, Falco J, Scarfone K. Guide to Industrial Control Systems (ICS) security: Supervisory Control and Data Acquisition (SCADA) systems Distributed Control systems (DCS) and other control system configurations such as Programmable Logic Controllers (PLC); Gaithersburg, MD; 2011 Jun.
  • Gao H, Peng Y, Jia K, Dai Z, Wang T. The design of ICS testbed based on emulation physical and simulation (EPSICS Testbed). Proc 2013 9th Int Conf Intell Inf Hiding Multimed Signal Process (IIH-MSP); 2013. p. 420–3. Crossref
  • Gao W, Morris T, Reaves B, Richey D. On SCADA control system command and response injection and intrusion detection. Gen Members Meet eCrime Res Summit eCrime; 2010.
  • Nai Fovino I, Coletta A, Carcano A, Masera M. Critical state-based filtering system for securing SCADA network protocols. IEEE Trans Ind Electron. 2012; 59(10):3943–50. Crossref
  • Singh P, Garg S, Kumar V, Saquib Z. A testbed for SCADA cyber security and intrusion detection. 2015 International Conference on Cyber Security of Smart Cities Industrial Control System and Communications (SSIC); 2015. p. 1–6. Crossref
  • Bergman DC, Jin D, Nicol DM, Yardley T. The Virtual Power System Testbed and Inter-Testbed Integration; 2003 Aug.
  • Inl T. National SCADA Test Bed Substation Automation Evaluation Report; 2009.
  • Hahn A, Member S, Ashok A, Member S. Cyber-Physical Security Testbeds: Architecture, Application, and Evaluation for Smart Grid. 2013; 4(2):847–55.
  • Queiroz C, Mahmood A, Hu J, Tari Z, Yu X. Building a SCADA security testbed. NSS 2009 Netw Syst Secur; 2009. p. 357–64.
  • Common Cyber Security Vulnerabilities Observed in Control System Assessments by the INL NSTB Program. U.S. Department of Energy Idaho National Engineering and Environmental Laboratory; 2008. p. 18–27.
  • Mallouhi M, Al-Nashif Y, Cox D, Chadaga T, Hariri S. A testbed for analyzing security of SCADA control systems (TASSCS). IEEE PES Innov Smart Grid Technol Conf Eur ISGT Eur; 2011. p. 1–7. Crossref
  • Holm H, Karresand M, Vidström A, Westring E. A Survey of Industrial Control System Testbeds. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). S. Buchegger and M. Dam Eds; Springer. 2015; 9417:11–26.
  • Siaterlis C, Genge B. Cyber-Physical Testbeds: Scientific Instruments for Cyber Security Assessment of Critical Infrastructures; 2012.
  • Davis CM, Tate JE, Okhravi H, Grier C, Overbye TJ, Nicol D. SCADA cyber security testbed development. 2006 38th Annual North Am Power Symp NAPS-2006 Proc; 2006. p. 483–8. Crossref
  • Bergman DC. Power Grid Simulation Evaluation and Test Framework; 2010.
  • Daniels J. Server virtualization architecture and implementation. Crossroads. 2009; 16(1): 8–12. Crossref
  • Reaves B, Morris T. An open virtual testbed for industrial control system security; 2012. p. 215–29.
  • Mehta BR, Reddy YJ. SCADA Systems. Industrial Process Automation Systems; 2015. p. 237–300.
  • Mets K, Ojea JA, Develder C. Combining Power and Communication Network Simulation for Cost-Effective Smart Grid Analysis. IEEE Commun Surv Tutorials. 2014 Jan; 16(3):1771–96, Jan. 2014. Crossref
  • The PI System OSI soft [Internet]. Crossref
  • Siaterlis C, Genge B. Cyber-physical testbeds. Commun ACM. 2014; 57(6):64–73. Crossref
  • Gao H, Peng Y, Dai Z, Wang T, Han X, Li H. An industrial control system testbed based on emulation, physical devices and simulation. IFIP Adv Inf Commun Technol. 2014; 441:79–91. Crossref
  • Benzel T, Braden R, Kim D, Newnan C, Joseph A, Sklower K, Ostrenga R, Schwab S. Experience with deter: A testbed for security research. 2nd Int Conf Testbeds Res Infrastructures Dev Networks Communities (TRIDENTCOM). 2006; 2006:379–88. Crossref
  • Wertzberger N, Glatter C, Mahoney W, Gandhi R, Dick K. Towards a Low-Cost SCADA Test Bed: An Open-Source Platform for Hardware-in-the-Loop Simulation. 2011 International Conference on Security and Management Special Track on Mission Assurance and Critical Infrastructure Protection (STMACIP); 2011.

Refbacks

  • There are currently no refbacks.


Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 License.