A Model-based Approach to Self-Protection in SCADA Systems
نویسندگان
چکیده
Supervisory Control and Data Acquisition (SCADA) systems, which are widely used in monitoring and controlling critical infrastructure sectors, are highly vulnerable to cyber attacks. Current security solutions can protect SCADA systems from known cyber assaults, but most solutions require human intervention. This paper applies autonomic computing technology to monitor SCADA system performance, and proactively estimate upcoming attacks for a given system model of a physical infrastructure. We also present the feasibility of intrusion detection systems for known and unknown attack detection. A dynamic intrusion response system is designed to evaluate recommended responses, and appropriate responses are executed to influence attack impacts. We used a case study of a water storage tank to develop an attack that modifies Modbus messages transmitted between slaves and masters. Experimental results show that, with little or no human intervention, the proposed approach enhances the security of the SCADA system, reduces protection time delays, and maintains water storage tank performance.
منابع مشابه
A Petri-net Model for Operational Cycle in SCADA Systems
Supervisory control and data acquisition (SCADA) system monitors and controls industrial processes in critical infrastructures (CIs) and plays the vital role in maintaining the reliability of CIs such as power, oil, and gas system. In fact, SCADA system refers to the set of control process, which measures and monitors sensors in remote substations from a control center. These sensors usually ha...
متن کاملTowards Benchmarking of P2P Technologies from a SCADA Systems Protection Perspective
Supervisory Control and Data Acquisition (SCADA) systems are used to control and monitor critical processes. Modern SCADA systems are increasingly built with off-the-shelf components simplifying their integration into existing networks. The benefits of increased flexibility and reduced costs are accompanied by newly introduced challenges regarding SCADA security/dependability. Peer-to-Peer (P2P...
متن کاملA K/N Attack-Resilient ICT Shield for SCADA Systems, with State Based Attack Detection
The security of Critical Infrastructures has become a prominent problem with the advent of modern ICT technologies used to improve the performance and the features of Process Control Systems. Several scientific works have showed how Supervisory Control And Data Acquisition Systems (SCADA), i.e. the systems that control industrial installations, are exposed to cyber-attacks. Traditional ICT secu...
متن کاملAsthma Control Level Assessment by Moving from the Current Reactive Care Models into a Preventive Approach based on Fuzzy Clustering and Classification Algorithms
Background and Aim: Asthma is a common and chronic disease of respiratory tracts. The best way to treat Asthma is to control it. Experts of this field suggest the continues monitoring on Asthma symptoms and adjustment of self-care plan with offering the preventive treatment program to have desired control over Asthma. Presenting these plans by the physician is set based on the control level in ...
متن کاملUsing a Specification-based Intrusion Detection System to Extend the DNP3 Protocol with Security Functionalities
Modern SCADA systems are increasingly adopting Internet technologies to control distributed industrial assets. As proprietary communication protocols are increasingly being used over public networks without efficient protection mechanisms, it is increasingly easier for attackers to penetrate into the communication networks of companies that operate electrical power grids, water plants, and othe...
متن کامل