Abstract
The Supervisory Control and Data Acquisition System (SCADA) monitor and control real-time systems. SCADA systems are the backbone of the critical infrastructure, and any compromise in their security can have grave consequences. Therefore, there is a need to have a SCADA testbed for checking vulnerabilities and validating security solutions. In this paper we develop such a SCADA testbed.
- 21 Steps to Improve Cyber Security of SCADA Networks. U.S. Department of Energy white paper, 2005.Google Scholar
- Aspentech. http://www.aspentech.com/Google Scholar
- The C2 Wind Tunnel, https://wiki.isis.vanderbilt.edu/c2w/Google Scholar
- The Center for SCADA Security. Sandia National Labrotories, http://www. sandia.gov/scada/testbeds.htm.Google Scholar
- Henrik Christiansson and Eric Luiijf. Creating a European SCADA Security Testbed. In IFIP International Federation for Information Processing, Springer Boston 2007.Google Scholar
- The DETER Testbed, http://www.deterlab.net/Google Scholar
- DNP. http://www.dnp.org/Google Scholar
- G. Dondossola, J. Szanto, M. Masera, I. Nai Fovino. Evaluation of the effects of intentional threats to power substation control systems. In Proceedings of the International Workshop on Complex Network and Critical Infrastructure Protection, 2006.Google Scholar
- Emulab. http://www.emulab.net/Google Scholar
- Scott Fluhrer and Itsik Mantin and Adi Shamir. Weaknesses in the Key Scheduling Algorithm of RC4. Lecture Notes in Computer Science, 2259, 2001.Google Scholar
- HART Communication Foundation. WirelessHART Technical Data Sheet, 2007. www.hartcomm.orgGoogle Scholar
- Carl Hartung, James Balasalle and Richard Han. Node Compromise in Sensor Networks: The Need for Secure Systems. Department of Computer Science University of Colorado at Boulder, 2005.Google Scholar
- High-Level Architecture, IEEE Standard 1516. www.ieee.orgGoogle Scholar
- Vinay M. Igure, Sean A. Laughter and Ronald D. Williams, Security issues in SCADA networks. In Computers & Security Volume 25, Issue 7, October 2006, Pages 498-506.Google ScholarDigital Library
- MathWorks Simulink. http://www.mathworks.comGoogle Scholar
- Modbus-IDA. http://www.modbus.org/Google Scholar
- A. Moore, R. Ellison and R. Linger. Attack modelling for information security and survivability. In SEI, 2001.Google Scholar
- Hamed Okhravi, Chris Grier, Matt Davis, Zeb Tate, David Nicol, and Tom Overbye. Cyber-Security Simulation Testbed. http://www.iti.uiuc.edu/ tcip/tcip_presentations.htmlGoogle Scholar
- Omnet++. http://www.omnetpp.org/Google Scholar
- A. Seshadri, A. Perrig, L. van Doorn, and P. Khosla. SWATT: SoftWare-based ATTestation for Embedded Devices. In Proceedings of the IEEE Symposium on Security and Privacy, Oakland, California, May 2004.Google ScholarCross Ref
- A. Seshadri, M. Luk, E. Shi, A. Perrig, L. van Doorn, and P. Khosla. Pioneer: Verifying Integrity and Guaranteeing Execution of Code on Legacy Platforms. In Proceedings of the ACM Symposium on Operating Systems Principles (SOSP), Brighton, United Kingdom, October 2005. Google ScholarDigital Library
- A. Seshadri, M. Luk, A. Perrig, L. van Doorn, and P. Khosla. SCUBA: Secure Code Update By Attestation in Sensor Networks. In ACM Workshop on Wireless Security (WiSe 2006), Los Angeles, CA, September 29, 2006. Google ScholarDigital Library
- TrueTime. http://www.control.lth.se/truetime/Google Scholar
- Bernard Zeigler, Tag Gon Kim, Herbert Praehofer (2000). Theory of Modeling and Simulation, Second Edition, Academic Press, New York. ISBN 978-0127784557. Google ScholarDigital Library
Index Terms
- A testbed for secure and robust SCADA systems
Recommendations
Designing Secure SCADA Systems Using Security Patterns
HICSS '10: Proceedings of the 2010 43rd Hawaii International Conference on System SciencesCritical infrastructure systems are those systems that support our daily lives and their protection is fundamental. The key component of a critical infrastructure system is the process control system, also known as the supervisory, control, and data ...
A Secure and Survivable Architecture for SCADA Systems
DEPEND '09: Proceedings of the 2009 Second International Conference on DependabilityIndustrial Systems are nowadays exposed to new kinds of malicious threats. The cause of this is related to the large number of new vulnerabilities and architectural weaknesses introduced by the extensive use of ICT and Networking Technologies for the ...
Building a SCADA Security Testbed
NSS '09: Proceedings of the 2009 Third International Conference on Network and System SecuritySCADA (Supervisory Control and Data Acquisition) systems control and monitor industrial and critical infrastructure functions, such as the electricity, gas, water, waste, railway and traffic. Recent attacks on SCADA systems highlight the need of a SCADA ...
Comments