Article thumbnail

Assessing and improving SCADA security in the Dutch drinking water sector

By H.A.M. Luiijf, M. Ali and A. Zielstra


International studies have shown that information security for process control systems, in particular SCADA, is weak. Many of the critical infrastructure (CI) services critically depend on process control systems. Therefore, any vulnerability in the protection of process control systems in CI may result in serious consequences for citizens and society. In order to understand their sector-wide security posture, the drinking water sector in The Netherlands benchmarked the information security of their process control environment. Large differences in the individual security postures of the ten drinking water companies were found. Good Practices for SCADA security were developed based upon the benchmark results. This paper discusses the simple but effective approach taken to perform the benchmark, the way the results were reported to the drinking water companies, and the way in which the SCADA information security good practices were developed. Apart from some high-level indications of areas requiring more security attention, no actual security posture results are presented in this paper since the study data contain company and national sensitive information. For the same reason, the figures in this paper are based on artificial data

Year: 2011
DOI identifier: 10.1016/j.ijcip.2011.08.002
OAI identifier:
Provided by: NARCIS
Download PDF:
Sorry, we are unable to provide the full text but you may find it at the following location(s):
  • (external link)
  • (external link)
  • (external link)
  • Suggested articles

    To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.