Chapter 17 CREATING A EUROPEAN SCADA SECURITY TESTBED

Abstract Supervisory control and data acquisition (SCADA) systems are commonly used to monitor and control critical infrastructure assets. However, over the past two decades, they have evolved from closed, proprietary systems to open networks comprising commodity platforms running common operating systems and TCP/IP stacks. The open architecture and increased connectivity provide more functionality and reduce costs, but they significantly increase the vulnerabilities and the exposure to threats. Since SCADA systems and the critical infrastructure assets they control must have 24/7 availability, it is imperative to understand and manage the risk. This paper makes the case for a European SCADA security testbed that can be used to analyze vulnerabilities, threats and the impact of attacks, ultimately helping design new architectures and robust security solutions. The paper also discusses testbed requirements, deployment strategies and potential hurdles

Assessing and augmenting SCADA cyber security: a survey of techniques

SCADA systems monitor and control critical infrastructures of national importance such as power generation and distribution, water supply, transportation networks, and manufacturing facilities. The pervasiveness, miniaturisations and declining costs of internet connectivity have transformed these systems from strictly isolated to highly interconnected networks. The connectivity provides immense benefits such as reliability, scalability and remote connectivity, but at the same time exposes an otherwise isolated and secure system, to global cyber security threats. This inevitable transformation to highly connected systems thus necessitates effective security safeguards to be in place as any compromise or downtime of SCADA systems can have severe economic, safety and security ramifications. One way to ensure vital asset protection is to adopt a viewpoint similar to an attacker to determine weaknesses and loopholes in defences. Such mind sets help to identify and fix potential breaches before their exploitation. This paper surveys tools and techniques to uncover SCADA system vulnerabilities. A comprehensive review of the selected approaches is provided along with their applicability

Software Defined Networks based Smart Grid Communication: A Comprehensive Survey

The current power grid is no longer a feasible solution due to ever-increasing user demand of electricity, old infrastructure, and reliability issues and thus require transformation to a better grid a.k.a., smart grid (SG). The key features that distinguish SG from the conventional electrical power grid are its capability to perform two-way communication, demand side management, and real time pricing. Despite all these advantages that SG will bring, there are certain issues which are specific to SG communication system. For instance, network management of current SG systems is complex, time consuming, and done manually. Moreover, SG communication (SGC) system is built on different vendor specific devices and protocols. Therefore, the current SG systems are not protocol independent, thus leading to interoperability issue. Software defined network (SDN) has been proposed to monitor and manage the communication networks globally. This article serves as a comprehensive survey on SDN-based SGC. In this article, we first discuss taxonomy of advantages of SDNbased SGC.We then discuss SDN-based SGC architectures, along with case studies. Our article provides an in-depth discussion on routing schemes for SDN-based SGC. We also provide detailed survey of security and privacy schemes applied to SDN-based SGC. We furthermore present challenges, open issues, and future research directions related to SDN-based SGC.Comment: Accepte

Towards a Versatile Cyber Physical Power System Testbed: Design and Operation Experience

The present trends in the area of smartgrids indicate that future transmission and distribution systems will heavily rely on digital and on communication technologies to operate. Indeed, the power systems are evolving progressively towards what is denoted as a cyber-physical system. This transition challenges the classical approaches for experimental testing and requires the development of testing platforms for cyber-physical systems able to capture the interactions between physical components, control and monitoring software and the communication infrastructure. This paper presents general considerations and requirements for a cyber-physical testing platform for power systems. The paper provides also examples of a testing platform specifying the characteristics of the major components and a summary of the experience matured in its setup and configuration. Finally, an example of an experiment on a notional smartgrid and the related results are reported.acceptedVersio

CRITICAL INFRASTRUCTURE TESTBED FOR CYBER-SECURITY TRAINING AND RESEARCH (4)

Critical infrastructures encompass various sectors such as energy resources, manufacturing and governmental services, which tend to be dispersed over large geographic areas. With recent technological advancements over the last decade, they have developed to be increasingly dependent on Information and Communication Technology (ICT); where control systems and the use of sensor equipment help facilitate operation. In order to sustain the ever-increasing demands, it is essential that these systems can adapt by integrating various new and existing digital technologies. However, this results in an increased vulnerability to cyber-threats. In addition, the persistently evolving global state of ICT has resulted in the emergence of sophisticated cyber-threats. As dependence upon critical infrastructure systems continues to increase, so too does the urgency with which these systems need to be adequately protected. Unfortunately, the consequences of a successful cyber-attack can be dire, potentially resulting in the loss of life or a devastating effect on the operation of government services and the economy. Despite the seriousness of this problem, the development of new and innovative cyber-security methods are being hampered by the lack of access to real-world data for training, research and testing new design methodologies. As such, the project presented in this paper highlights an in-progress project, funded by UKAIS, for the development of an easily-replicable and affordable critical infrastructure testbed for cyber-security training and research

Autonomic computing architecture for SCADA cyber security

Cognitive computing relates to intelligent computing platforms that are based on the disciplines of artificial intelligence, machine learning, and other innovative technologies. These technologies can be used to design systems that mimic the human brain to learn about their environment and can autonomously predict an impending anomalous situation. IBM first used the term ‘Autonomic Computing’ in 2001 to combat the looming complexity crisis (Ganek and Corbi, 2003). The concept has been inspired by the human biological autonomic system. An autonomic system is self-healing, self-regulating, self-optimising and self-protecting (Ganek and Corbi, 2003). Therefore, the system should be able to protect itself against both malicious attacks and unintended mistakes by the operator