Open Architecture Supervisory Control and Data Acquisition System: Security Enhancement with Defense-in-Depth Strategies
Alade, A.A, Ajayi, O.B, Okolie, S.O, Alao, O.D, Akinsanya, A.O, Eze, M.O, Ebiesuwa Seun "Open Architecture Supervisory Control and Data Acquisition System: Security Enhancement with Defense-in-Depth Strategies". International Journal of Computer Trends and Technology (IJCTT) V54(1):56-62, December 2017. ISSN:2231-2803. www.ijcttjournal.org. Published by Seventh Sense Research Group.
Abstract -
The function of the Supervisory Control and Data Acquisition (SCADA) System is to monitor and control physical processes in real time in a geographi-cally spread environment. SCADA system is applied in supervision and control of devices action in electricity distribution, transmission; oil and gas pipelines, water distribution, and traffic lights among other critical in-frastructure. Deregulation of electricity sector in Nige-ria provides private independent power producers’ ac-cess to the Transmission Company of Nigeria network and hence transforms the closed (isolated) SCADA Sys-tem of the TCN to an open architecture SCADA System. An open architecture SCADA System is susceptible to threats and attacks within and without with catastrophic impact on the efficiency of the critical infrastructure it is designed to monitor and control. Using empirical method, the type of threats and level of exposure of the TCN SCADA System were examined. The investigation revealed that TCN SCADA System is majorly protected against internal threats. Hence security enhancement through Defense-in-depth strategies that would provide wide arrays of security were proposed and briefly elaborated on for successful implementation.
References
[1] ASIS International (2004). General Security Risk Assessment Guidelines. Available at www.tisp.org/index.cfm?pk=download&id=10948&p id=10261.
[2] D. Bailey and E. Wright. Practical SCADA for Industry. Elsevier Linacre House, Jordan Hill, Oxford OX2 8DP 200 Wheeler Road, Burlington, MA 01803, 2003.
[3] D. Choi, H. Kim, D. Won and S. Kim. An Advanced Key-management Architecture for Secure SCADA Communications. IEEE Transactions on Power Delivery, vol. 24, pp. 1154 – 1163, 2009.
[4] A. Dayal, A. Tbaileh, Y. Deng and S. Shukla. Distributed VSCADA: An Integrated Heterogeneous Framework for Power System Utility Security Modeling and Simulation. Proc. IEEE Symp. Modeling and Simulation of Cyber-Physical Energy Sys-tems (MSCPES? 15), pp. Apr. 2015, doi: 10.1109/MSCPES. 2015.7115408. (Workshop Proceedings).
[5] M. Fabro and T. Nelson. Control Systems Cyber Security: De-fense- in-Depth Strategies. US department of Home Security Idaho National Laboratory, 2007.
[6] FORTINET Incorporated. Securing SCADA Infrastructure. White paper, WP-SCADA-R1, 2010.
[7] F. Guillermo, D. Thornton, D. and J. Dawson. Security Best Practices and Risk Assessment of SCADA and Industrial Control Systems”, Jacksonville State University Jacksonville, AL 36265 USA, 2010.
[8] D. Kang, J. Lee, S. Kim, and J. Park. Analysis on Cyber Threats to SCADA Systems. IEEE T&D, 1– 4, 2009.
[9] D. Kuipers and M. Fabro (2006). Control Systems CyberSecu-rity: Defense- in-Depth Strategies. US department of Home Se-curity Idaho National Laboratory Network Perimeter, available at http://searchnetworking.techtarget.com/definition/.
[10] J. Paloma (2007). Windows Server 2008 in an Organization`s Defense in Depth Strategy. Available at https://technet.microsoft.com/en-us/library/cc512681.aspx.
[11] A. Pauna and K. Moulinos. Window of exposure… a real prob-lem for SCADA systems? Recommendations for Europe on SCADA patching. European Union Agency for Network and In-formation Security, www.enisa.europa.eu, 2013.
[12] C. Queiroz, A. Mahmood and Z. Tari. SCADASim – A frame-work for Building SCADA Simulation. IEEE Transactions on SMART GRID, vol. 2, 589 – 597, 2011.
[13] D.A. Shea. Critical Infrastructure: Control Systems and Terror-ist threat. Congressional Research Service, the Library of Con-gress, CR, 1 – 9, 2004 [14] SIEMENS. SICAM ERTU Basic Training Course, Edition: December 2013, PTD SE.
[15] J. Snyder. Six Strategies for Defense-in-Depth Securing the Net-work from the Insideout, OPUS, 2014.
[16] R. Tsang. Cyber Threats, Vulnerabilities and Attack on SCADA Network. International Journal of Critical Infrastructure Protec-tion, 2, 1 – 23, 2009.
[17] U.S. Home Land Security. Recommended Practice: Improving Industrial Control Systems Cybersecurity with Defense-In-Depth Strategies, 2009 [18] U.S. Department of Energy. 21 Steps to Improve Cyber Security of SCADA Networks, 2010.
Keywords
Defense-in-depth, Firewalls, Intrusion Detection System (IDS), Policy and Procedures, Remote Terminal Units (RTU), Risk Assessments, Security Zones, SCADA, Threats and Vulnerability.