A Research Project Abstract
submitted in fulfillment of the requirements
for
Master of Science in Engineering [Electrical]: Telecommunications
at the
University Of The Witwatersrand, Johannesburg
07 June 2016Utilities use Supervisory Control and Data Acquisition systems as their industrial control
system. The architecture of these systems in the past was based on them being isolated from
other networks. Now with recent ever changing requirements of capabilities from these
systems there is a need to converge with information technology systems and with the need to
have these industrial networks communicating on packet switched networks there are cyber
security concerns that come up.
This research project looks at the whether using encryption in an IP/MPLS core network for
SCADA in an OT IT environment has an effect on the performance requirements. This was
done through an experimental simulation with the results recorded. The research project also
looks at the key literature study considerations.
The key research question for the research project of this MSc 50/50 mini-thesis is “whether
using encryption in SCADA systems, the services performance requirements are still met in
OT/ IT environment over an MPLS core network”? The research project seeks to determine if
SCADA performance requirements are met over an encrypted MPLS/IP core network in an
OT/IT environment. The key focus area of the research project is only encryption in the
whole cyber security value chain versus SCADA services performances. This means that the
research project only focused on the encryption portion of the whole cyber security value
chain and the scope did not focus on other aspects of the value chain. This suffices for an
MSc 50/50 mini-thesis research project as a focus on the whole value chain would require a
full MSc thesis.
Thus the primary objective for the research project is to research and demonstrate that
encryption is essential for secure SCADA communication over a MPLS/IP core network. As
aforementioned encryption forms an essential part of the Cyber Security value chain which
has to achieve the following objectives.
Confidentiality: ensuring that the information source is really from that source.
Integrity: ensuring that the information has not been altered in any way.
Availability: ensuring that system is not comprised but that it is available.
These objectives of encryption should be met with SCADA service performance
requirements not violated which is the objective of the research project.M T 201
