Proceedings ArticleDOI
A Simulation Environment for SCADA Security Analysis and Assessment
Chun Lei Wang,Lan Fang,Yiqi Dai +2 more
- Vol. 1, pp 342-347
Reads0
Chats0
TLDR
This simulation environment has the characteristics of extensibilities and adaptability, and integrated several components including the simulated enterprise network, OPC Client/HMI, industrial OPC server, SCADA protocol tester, and the sensors and actuators, etc.Abstract:
Simulation experiment is an important means of analyzing and assessing the security of SCADA (Supervisory Control and Data Acquisition) system, however, the existing simulation environments have some limitations in flexibility and extensibility. According to the type of industrial infrastructure and the structure of SCADA system, the abstract models of SCADA system are established, the reference architecture of SCADA system simulation environment is proposed, and the simulation environment for analyzing and assessing the security of SCADA system is designed and implemented. This simulation environment has the characteristics of extensibilities and adaptability, and integrated several components including the simulated enterprise network, OPC Client/HMI, industrial OPC server, SCADA protocol tester, SCADA RTUs, and the sensors and actuators, etc. Finally, experiment on the representative SCADA system attack scenario of has been conducted in this simulation environment to analyze and assess their security status, and the results demonstrate the effectiveness and practicability of the simulation environment.read more
Citations
More filters
Journal ArticleDOI
Accurate modeling of Modbus/TCP for intrusion detection in SCADA systems
Niv Goldenberg,Avishai Wool +1 more
TL;DR: A model-based intrusion detection system designed specifically for Modbus/TCP networks that successfully flagged real anomalies that were caused by technicians who were troubleshooting the HMI system and helped identify a PLC that was configured incorrectly.
Journal ArticleDOI
A survey of cyber security management in industrial control systems
TL;DR: This paper surveys the latest methodologies and research for measuring and managing industrial-control-system-specific security metrics and introduces the "functional assurance" concept to deal with fail-safe and fail-secure industrial control system operations.
Proceedings ArticleDOI
Towards Security-Aware Virtual Environments for Digital Twins
TL;DR: This work presents a framework that allows users to create and execute digital twins, closely matching their physical counterparts, and focuses on a novel approach to automatically generate the virtual environment from specification, taking advantage of engineering data exchange formats.
Book ChapterDOI
A Survey of Industrial Control System Testbeds
TL;DR: This study surveys ICS testbeds that have been proposed for scientific research and finds that most aim to facilitate vulnerability analysis, education and tests of defense mechanisms.
Journal ArticleDOI
Cybersecurity for industrial control systems: A survey
TL;DR: This work discusses the major works, from industry and academia towards the development of the secure ICSs, especially applicability of the machine learning techniques for the ICS cyber-security and may help to address the challenges of securing industrial processes, particularly while migrating them to the cloud environments.
References
More filters
Journal ArticleDOI
Hierarchical Holographic Modeling
TL;DR: A first-phase development of a mathematical theory for a new modeling schema that is termed hierarchical holographic modeling is presented, which will provide a methodology for capturing and dealing with a fundamental, but heretofore neglected, characteristic of large-scale systems-their multifarious nature.
Journal ArticleDOI
Infrastructure Vulnerability Assessment Model (I-VAM).
TL;DR: Results demonstrate that I‐VAM is useful to decisionmakers who prefer quantification to qualitative treatment of vulnerability and can be used to quantify vulnerability to other infrastructures, supervisory control and data acquisition systems (SCADA), and distributed control systems (DCS).
Proceedings ArticleDOI
Industrial cybersecurity for power system and SCADA networks
A. Creery,E.J. Byres +1 more
TL;DR: The procedure for conducting a thorough assessment of the process control networks to evaluate these risks is presented and methods to determine and reduce the vulnerability of networked control systems to unintended and malicious intrusions are presented.
On shaky ground - A study of security vulnerabilities in control protocols
E. J. Byres,D. Huffman,N. Kube +2 more
TL;DR: The nuclear industry urgently needs to adopt better security robustness testing of control devices as standard practice, according to a study undertaken to test a representative control protocol to determine if it had vulnerabilities that could be exploited.
Proceedings ArticleDOI
Vulnerability Analysis of SCADA Protocol Binaries through Detection of Memory Access Taintedness
TL;DR: This paper defines memory access taintedness as a decision tree and uses it as the fundamental component of a finite state machine model devised for the purpose of dynamically detecting memory corruption vulnerabilities in implementations of industrial control protocols.