scispace - formally typeset
Search or ask a question
Journal ArticleDOI

Cloud-Assisted IoT-Based SCADA Systems Security: A Review of the State of the Art and Future Challenges

TL;DR: The focus of the study presented in this paper is to highlight the security challenges that the industrial SCADA systems face in an IoT-cloud environment and provides the existing best practices and recommendations for improving and maintaining security.
Abstract: Industrial systems always prefer to reduce their operational expenses. To support such reductions, they need solutions that are capable of providing stability, fault tolerance, and flexibility. One such solution for industrial systems is cyber physical system (CPS) integration with the Internet of Things (IoT) utilizing cloud computing services. These CPSs can be considered as smart industrial systems, with their most prevalent applications in smart transportation, smart grids, smart medical and eHealthcare systems, and many more. These industrial CPSs mostly utilize supervisory control and data acquisition (SCADA) systems to control and monitor their critical infrastructure (CI). For example, WebSCADA is an application used for smart medical technologies, making improved patient monitoring and more timely decisions possible. The focus of the study presented in this paper is to highlight the security challenges that the industrial SCADA systems face in an IoT-cloud environment. Classical SCADA systems are already lacking in proper security measures; however, with the integration of complex new architectures for the future Internet based on the concepts of IoT, cloud computing, mobile wireless sensor networks, and so on, there are large issues at stakes in the security and deployment of these classical systems. Therefore, the integration of these future Internet concepts needs more research effort. This paper, along with highlighting the security challenges of these CI’s, also provides the existing best practices and recommendations for improving and maintaining security. Finally, this paper briefly describes future research directions to secure these critical CPSs and help the research community in identifying the research gaps in this regard.
Citations
More filters
Journal ArticleDOI
TL;DR: This paper comprehensively survey the body of existing research on I-IoT, and proposes a three-dimensional framework to explore the existing research space and investigate the adoption of some representative networking technologies, including 5G, machine-to-machine communication, and software-defined networking.
Abstract: The vision of Industry 4.0, otherwise known as the fourth industrial revolution, is the integration of massively deployed smart computing and network technologies in industrial production and manufacturing settings for the purposes of automation, reliability, and control, implicating the development of an Industrial Internet of Things (I-IoT). Specifically, I-IoT is devoted to adopting the IoT to enable the interconnection of anything, anywhere, and at any time in the manufacturing system context to improve the productivity, efficiency, safety, and intelligence. As an emerging technology, I-IoT has distinct properties and requirements that distinguish it from consumer IoT, including the unique types of smart devices incorporated, network technologies and quality-of-service requirements, and strict needs of command and control. To more clearly understand the complexities of I-IoT and its distinct needs and to present a unified assessment of the technology from a systems’ perspective, in this paper, we comprehensively survey the body of existing research on I-IoT. Particularly, we first present the I-IoT architecture, I-IoT applications (i.e., factory automation and process automation), and their characteristics. We then consider existing research efforts from the three key system aspects of control, networking, and computing. Regarding control, we first categorize industrial control systems and then present recent and relevant research efforts. Next, considering networking, we propose a three-dimensional framework to explore the existing research space and investigate the adoption of some representative networking technologies, including 5G, machine-to-machine communication, and software-defined networking. Similarly, concerning computing, we again propose a second three-dimensional framework that explores the problem space of computing in I-IoT and investigate the cloud, edge, and hybrid cloud and edge computing platforms. Finally, we outline particular challenges and future research needs in control, networking, and computing systems, as well as for the adoption of machine learning in an I-IoT context.

371 citations


Cites methods from "Cloud-Assisted IoT-Based SCADA Syst..."

  • ...A typical SCADA system, as shown in Figure 6, consists of human machine interface (HMI), SCADA servers, remote terminal units (RTUs), sensors and actuators, and others [36]....

    [...]

Journal ArticleDOI
TL;DR: A comprehensive survey on the IoT-aided smart grid systems is presented in this article, which includes the existing architectures, applications, and prototypes of the IoTaided SG systems.
Abstract: Traditional power grids are being transformed into smart grids (SGs) to address the issues in the existing power system due to uni-directional information flow, energy wastage, growing energy demand, reliability, and security. SGs offer bi-directional energy flow between service providers and consumers, involving power generation, transmission, distribution, and utilization systems. SGs employ various devices for the monitoring, analysis, and control of the grid, deployed at power plants, distribution centers, and in consumers' premises in a very large number. Hence, an SG requires connectivity, automation, and the tracking of such devices. This is achieved with the help of the Internet of Things (IoT). The IoT helps SG systems to support various network functions throughout the generation, transmission, distribution, and consumption of energy by incorporating the IoT devices (such as sensors, actuators, and smart meters), as well as by providing the connectivity, automation, and tracking for such devices. In this paper, we provide a comprehensive survey on the IoT-aided SG systems, which includes the existing architectures, applications, and prototypes of the IoT-aided SG systems. This survey also highlights the open issues, challenges, and future research directions for the IoT-aided SG systems.

313 citations

Journal ArticleDOI
TL;DR: A comprehensive analysis of security features introduced by NFV and SDN, describing the manifold strategies able to monitor, protect, and react to IoT security threats and the open challenges related to emerging SDN- and NFV-based security mechanisms.
Abstract: The explosive rise of Internet of Things (IoT) systems have notably increased the potential attack surfaces for cybercriminals. Accounting for the features and constraints of IoT devices, traditional security countermeasures can be inefficient in dynamic IoT environments. In this vein, the advantages introduced by software defined networking (SDN) and network function virtualization (NFV) have the potential to reshape the landscape of cybersecurity for IoT systems. To this aim, we provide a comprehensive analysis of security features introduced by NFV and SDN, describing the manifold strategies able to monitor, protect, and react to IoT security threats. We also present lessons learned in the adoption of SDN/NFV-based protection approaches in IoT environments, comparing them with conventional security countermeasures. Finally, we deeply discuss the open challenges related to emerging SDN- and NFV-based security mechanisms, aiming to provide promising directives to conduct future research in this fervent area.

311 citations


Cites background from "Cloud-Assisted IoT-Based SCADA Syst..."

  • ...Other surveys deeply discuss security features for precise IoT application domains, such as smart grids [78], [79], vehicular networking [80], and Industrial Internet [81], [82]....

    [...]

Journal ArticleDOI
TL;DR: In this paper, the authors proposed Industrial Cyber Physical Systems (ICPSs) as the pivotal enabler for real-time Internet-based communication and collaboration among value-chain participants, e.g., devices, systems, organizations, and humans.
Abstract: Cyberphysical systems (CPSs) are perceived as the pivotal enabler for a new era of real-time Internetbased communication and collaboration among value-chain participants, e.g., devices, systems, organizations, and humans. The CPS utilization in industrial settings is expected to revolutionize the way enterprises conduct their business from a holistic viewpoint, i.e., from shop-floor to business interactions, from suppliers to customers, and from design to support across the whole product and service lifecycle. Industrial CPS (ICPSs) blur the fabric of cyber (including business) and physical worlds and kickstart an era of systemwide collaboration and information-driven interactions among all stakeholders of the value chain. Therefore, ICPSs are expected to empower the transformation of industry and business at large to a digital, adaptive, networked, and knowledge-based industry with significant long-term impact on the economy, society, environment, and citizens.

277 citations

Journal ArticleDOI
TL;DR: A state-of-art of lightweight cryptographic primitives which include lightweight block cipher, hash function, stream ciphers, high performance system, and low resources device for IoT environment are discussed in details.
Abstract: There are many emerging areas in which highly constrained devices are interconnected and communicated to accomplish some tasks Nowadays, Internet of Things (IoT) enables many low resources and constrained devices to communicate, compute process and make decision in the communication network In the heterogeneous environments for IoT, there are many challenges and issues like power consumption of devices, limited battery, memory space, performance cost, and security in the Information Communication Technology (ICT) network In this paper, we discuss a state-of-art of lightweight cryptographic primitives which include lightweight block ciphers, hash function, stream ciphers, high performance system, and low resources device for IoT environment in details We analyze many lightweight cryptographic algorithms based on their key size, block size, number of rounds, and structures In addition, we discuss the security architecture in IoT for constrained device environment, and focus on research challenges, issues and solutions Finally, a proposed security scheme with a service scenario for an improvement of resource constrained IoT environment and open issues are discussed

252 citations

References
More filters
Proceedings ArticleDOI
22 Mar 2011
TL;DR: By incorporating knowledge of the physical system under control, this paper is able to detect computer attacks that change the behavior of the targeted control system and analyze the security and safety of the mechanisms by exploring the effects of stealthy attacks, and by ensuring that automatic attack-response mechanisms will not drive the system to an unsafe state.
Abstract: In the last years there has been an increasing interest in the security of process control and SCADA systems. Furthermore, recent computer attacks such as the Stuxnet worm, have shown there are parties with the motivation and resources to effectively attack control systems.While previous work has proposed new security mechanisms for control systems, few of them have explored new and fundamentally different research problems for securing control systems when compared to securing traditional information technology (IT) systems. In particular, the sophistication of new malware attacking control systems--malware including zero-days attacks, rootkits created for control systems, and software signed by trusted certificate authorities--has shown that it is very difficult to prevent and detect these attacks based solely on IT system information.In this paper we show how, by incorporating knowledge of the physical system under control, we are able to detect computer attacks that change the behavior of the targeted control system. By using knowledge of the physical system we are able to focus on the final objective of the attack, and not on the particular mechanisms of how vulnerabilities are exploited, and how the attack is hidden. We analyze the security and safety of our mechanisms by exploring the effects of stealthy attacks, and by ensuring that automatic attack-response mechanisms will not drive the system to an unsafe state.A secondary goal of this paper is to initiate the discussion between control and security practitioners--two areas that have had little interaction in the past. We believe that control engineers can leverage security engineering to design--based on a combination of their best practices--control algorithms that go beyond safety and fault tolerance, and include considerations to survive targeted attacks.

749 citations


"Cloud-Assisted IoT-Based SCADA Syst..." refers background or methods in this paper

  • ...[27] presented a methodology that detects such attacks by monitoring and analyzing the physical system under observation....

    [...]

  • ...As recommended by [27], attack-resilient algorithms are required to make the systems able to survive intentional attacks such as Stuxnet....

    [...]

Journal ArticleDOI
TL;DR: It is argued that Internet of Things (IoT) has the potential to provide a ubiquitous network of connected devices and smart sensors for SCC, and big data analytics has the Potential to enable the move from IoT to real-time control desired for S CC.
Abstract: This paper promotes the concept of smart and connected communities SCC, which is evolving from the concept of smart cities. SCC are envisioned to address synergistically the needs of remembering the past (preservation and revitalization), the needs of living in the present (livability), and the needs of planning for the future (attainability). Therefore, the vision of SCC is to improve livability, preservation, revitalization, and attainability of a community. The goal of building SCC for a community is to live in the present, plan for the future, and remember the past. We argue that Internet of Things (IoT) has the potential to provide a ubiquitous network of connected devices and smart sensors for SCC, and big data analytics has the potential to enable the move from IoT to real-time control desired for SCC. We highlight mobile crowdsensing and cyber-physical cloud computing as two most important IoT technologies in promoting SCC. As a case study, we present TreSight, which integrates IoT and big data analytics for smart tourism and sustainable cultural heritage in the city of Trento, Italy.

740 citations

Journal ArticleDOI
28 Jan 2011-Survival
TL;DR: In this article, the authors discuss the political and strategic context in which new cyber threats are emerging, and the effects the worm has generated in this respect, and suggest that cyber offers great potential for striking at enemies with less risk than using traditional military means, but careful strategic thought is required in comparing the cost and benefits of cyber versus traditional military attack.
Abstract: The discovery in June 2010 that a cyber worm dubbed ‘Stuxnet’ had struck the Iranian nuclear facility at Natanz suggested that, for cyber war, the future is now. Yet more important is the political and strategic context in which new cyber threats are emerging, and the effects the worm has generated in this respect. Perhaps most striking is the confluence between cyber crime and state action. States are capitalising on technology whose development is driven by cyber crime, and perhaps outsourcing cyber attacks to non-attributable third parties, including criminal organisations. Cyber offers great potential for striking at enemies with less risk than using traditional military means. It is unclear how much the Stuxnet program cost, but it was almost certainly less than the cost of single fighter-bomber. Yet if damage from cyber attacks can be quickly repaired, careful strategic thought is required in comparing the cost and benefits of cyber versus traditional military attack. One important benefit of cyber ...

621 citations


"Cloud-Assisted IoT-Based SCADA Syst..." refers background in this paper

  • ...In 2010, Iran’s nuclear systemwas disrupted by the Stuxnet worm [16]....

    [...]

Journal ArticleDOI
TL;DR: A comprehensive review of the state-of-the-art on mobile health services and applications is presented in this paper, where the authors present a deep analysis of the top and novel m-Health services and application proposed by industry.

443 citations

Journal ArticleDOI
TL;DR: This paper reviews the state of the art in cyber security risk assessment of Supervisory Control and Data Acquisition (SCADA) systems and suggests an intuitive scheme for the categorisation of cyber securityrisk assessment methods for SCADA systems.

440 citations


"Cloud-Assisted IoT-Based SCADA Syst..." refers background in this paper

  • ...Research challenges faced by SCADA systems in risk assessment are outlined in [37] and [38]....

    [...]