scispace - formally typeset
Proceedings ArticleDOI

A Simulation Environment for SCADA Security Analysis and Assessment

Chun Lei Wang, +2 more
- Vol. 1, pp 342-347
Reads0
Chats0
TLDR
This simulation environment has the characteristics of extensibilities and adaptability, and integrated several components including the simulated enterprise network, OPC Client/HMI, industrial OPC server, SCADA protocol tester, and the sensors and actuators, etc.
Abstract
Simulation experiment is an important means of analyzing and assessing the security of SCADA (Supervisory Control and Data Acquisition) system, however, the existing simulation environments have some limitations in flexibility and extensibility. According to the type of industrial infrastructure and the structure of SCADA system, the abstract models of SCADA system are established, the reference architecture of SCADA system simulation environment is proposed, and the simulation environment for analyzing and assessing the security of SCADA system is designed and implemented. This simulation environment has the characteristics of extensibilities and adaptability, and integrated several components including the simulated enterprise network, OPC Client/HMI, industrial OPC server, SCADA protocol tester, SCADA RTUs, and the sensors and actuators, etc. Finally, experiment on the representative SCADA system attack scenario of has been conducted in this simulation environment to analyze and assess their security status, and the results demonstrate the effectiveness and practicability of the simulation environment.

read more

Citations
More filters
Journal ArticleDOI

Accurate modeling of Modbus/TCP for intrusion detection in SCADA systems

Niv Goldenberg, +1 more
- 01 Jun 2013 - 
TL;DR: A model-based intrusion detection system designed specifically for Modbus/TCP networks that successfully flagged real anomalies that were caused by technicians who were troubleshooting the HMI system and helped identify a PLC that was configured incorrectly.
Journal ArticleDOI

A survey of cyber security management in industrial control systems

William Knowles, +4 more
- 01 Jun 2015 - 
TL;DR: This paper surveys the latest methodologies and research for measuring and managing industrial-control-system-specific security metrics and introduces the "functional assurance" concept to deal with fail-safe and fail-secure industrial control system operations.
Proceedings ArticleDOI

Towards Security-Aware Virtual Environments for Digital Twins

Matthias Eckhart, +1 more
TL;DR: This work presents a framework that allows users to create and execute digital twins, closely matching their physical counterparts, and focuses on a novel approach to automatically generate the virtual environment from specification, taking advantage of engineering data exchange formats.
Book ChapterDOI

A Survey of Industrial Control System Testbeds

Hannes Holm, +3 more
TL;DR: This study surveys ICS testbeds that have been proposed for scientific research and finds that most aim to facilitate vulnerability analysis, education and tests of defense mechanisms.
Journal ArticleDOI

Cybersecurity for industrial control systems: A survey

Deval Bhamare, +5 more
- 01 Feb 2020 - 
TL;DR: This work discusses the major works, from industry and academia towards the development of the secure ICSs, especially applicability of the machine learning techniques for the ICS cyber-security and may help to address the challenges of securing industrial processes, particularly while migrating them to the cloud environments.
References
More filters
Journal ArticleDOI

Hierarchical Holographic Modeling

Yacov Y. Haimes
TL;DR: A first-phase development of a mathematical theory for a new modeling schema that is termed hierarchical holographic modeling is presented, which will provide a methodology for capturing and dealing with a fundamental, but heretofore neglected, characteristic of large-scale systems-their multifarious nature.
Journal ArticleDOI

Infrastructure Vulnerability Assessment Model (I-VAM).

Barry Ezell
- 01 Jun 2007 - 
TL;DR: Results demonstrate that I‐VAM is useful to decisionmakers who prefer quantification to qualitative treatment of vulnerability and can be used to quantify vulnerability to other infrastructures, supervisory control and data acquisition systems (SCADA), and distributed control systems (DCS).
Proceedings ArticleDOI

Industrial cybersecurity for power system and SCADA networks

A. Creery, +1 more
- 31 Oct 2005 - 
TL;DR: The procedure for conducting a thorough assessment of the process control networks to evaluate these risks is presented and methods to determine and reduce the vulnerability of networked control systems to unintended and malicious intrusions are presented.

On shaky ground - A study of security vulnerabilities in control protocols

E. J. Byres, +2 more
TL;DR: The nuclear industry urgently needs to adopt better security robustness testing of control devices as standard practice, according to a study undertaken to test a representative control protocol to determine if it had vulnerabilities that could be exploited.
Proceedings ArticleDOI

Vulnerability Analysis of SCADA Protocol Binaries through Detection of Memory Access Taintedness

Carlo Bellettini, +1 more
TL;DR: This paper defines memory access taintedness as a decision tree and uses it as the fundamental component of a finite state machine model devised for the purpose of dynamically detecting memory corruption vulnerabilities in implementations of industrial control protocols.
Related Papers (5)

Building a SCADA Security Testbed

Carlos Queiroz, +4 more

SCADA Cyber Security Testbed Development

Charles M. Davis, +5 more

A cyber-physical experimentation environment for the security analysis of networked industrial control systems

Bela Genge, +3 more
- 01 Sep 2012 - 

SCADASim—A Framework for Building SCADA Simulations

Carlos Queiroz, +2 more
- 06 Sep 2011 - 

An experimental investigation of malware attacks on SCADA systems

Igor Nai Fovino, +3 more
- 01 Dec 2009 -