Centre for Telematics and Information Technology, University of Twente
Abstract
We propose a tool-assisted approach to address process-related threats on SCADA systems. Process-related threats have not been addressed before in a systematic manner. Our approach consists of two steps: threat analysis and threat\ud
mitigation. For the threat analysis, we combine two methodologies (PHEA and HAZOP) to systematically identify process-related threats. The threat mitigation is supported by our tool, MELISSA, that helps to detect incidents (attacks or user mistakes). MELISSA uses SCADA system logs and visualization techniques to highlight potential incidents. A preliminary case study suggests that our approach is effective in detecting anomalous events that might alter the regular SCADA process work-flow
