An Evaluation of Security Posture Assessment Tools on a SCADA Environment

Increased concerns for energy grid cybersecurity has lead to the development of compliance requirements that must be evaluated by utilities. The North American Electric Reliability Council (NERC) has created Critical Infrastructure Protection (CIP) requirements for all cyber assets supporting the bulk energy system [17]. This research explores whether the methodologies and tools commonly used for traditional information technology (IT) systems are sufficient to meet the cybersecurity assessment needs in power systems. This paper reviews these assessment tools to determine their ability to assist in the evaluation of the CIP requirements. In addition to the evaluation the tool capabilities, they are also reviewed for their potential to negatively impact the network availability properties. Evaluation was performed on the SecureCyber testbed at MIMOS & UTM-AIS Lab which implements real-world environment as in employs industry standard hardware, software and field devices. The result of this analysis is provided along with a review known gaps where current IT cybersecurity tools do not appropriately support SCADA environments.