See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/4366961

SCADA system security: Complexity, history and new developments

Conference Paper · August 2008

DOI: 10.1109/INDIN.2008.4618165 · Source: IEEE Xplore

CITATIONS READS

56 3,697

3 authors, including:

Jidong Wang Xinghuo Yu

RMIT University RMIT University
32 PUBLICATIONS 315 CITATIONS 1,041 PUBLICATIONS 44,267 CITATIONS

SEE PROFILE SEE PROFILE

All content following this page was uploaded by Xinghuo Yu on 28 May 2017.

The user has requested enhancement of the downloaded file.

{ŒGplllGp•›Œ™•ˆ›–•ˆ“Gj–•Œ™Œ•ŠŒG–•G
p•‹œš›™ˆ“Gp•–™”ˆ›ŠšGOpukpuGYWW_P
kjjSGkˆŒ‘Œ–•SGr–™ŒˆGqœ“ GXZTX]SGYWW_
SCADA System Security: Complexity, History and
New Developments
Ning Cai, Jidong Wang and Xinghuo Yu
School of Electrical and Computer Engineering, RMIT University, Melbourne, VIC. 3001, Australia
n.cai@student.rmit.edu.au, jidong.wang@rmit.edu.au, x.yu@rmit.edu.au
Abstract – Over the last decade, efforts from industries and
research communities have been made in addressing the
security of Supervisory Control and Data Acquisition (SCADA)
systems. However, the SCADA security deployed for critical
infrastructures is still a challenging issue today. This paper
gives an overview of the complexity of SCADA security.
Products and applications in control network security are
reviewed. Furthermore, new developments in SCADA security,
especially the trend in technical and theoretical studies are
presented. Some important topics on SCADA security are
identified and highlighted and this can be served as the guide
for future works in this area.
I. INTRODUCTION
Large industrial facilities and infrastructures such as
chemical/petrochemical factories, oil refineries, steelworks,
power generation plants, and water/sewage treatment plants
are highly dependent on automatic control systems, among
which Supervisory Control and Data Acquisition (SCADA)
systems are the most widely deployed. In this paper,
Distributed Control System (DCS), Programmable Logic
Controller (PLC), Emergency Shutdown System (ESS),
Fieldbus Control System (FCS), Intelligent Electronic
Devices (IED) and Remote Terminal Unit (RTU) are
collectively called as SCADA systems. The old stand-alone
SCADA systems were not linked to other systems and
computer networks. Their communication mechanisms and
protocols are most likely proprietary. For example,
Honeywell’s early TDC-3000 DCS has Local Control
Network (LCN), which is similar to IEEE 802.4. The
second generation of SCADA systems has integrated
management systems and control systems within an
enterprise or a company. The control system networks were
connected to Management Information System (MIS)
networks and became a part of the Intranet in an enterprise.
The second generation is also called Intranet-based SCADA.
Today’s SCADA systems, i.e. Internet-based SCADA or
third generation SCADA, which are integrated with
Enterprise Resource Planning (ERP) system as shown in
Figure 1, have full integration with corporate IT networks
which are interconnected with Internet. Operators can
remotely monitor and control stations and devices such as
RTUs and IEDs over the Internet.
The openness of the latest SCADA systems is reflected
from the adopted common techniques, platforms, facilities,
software and etc. TCP/IP protocol, UNIX, Microsoft
Windows and commercial software packages, and
`^_TXT[Y[[TYX^XT_VW_VKY\UWWGⓒYWW_Gplll
Authorized licensed use limited to: RMIT University. Downloaded on July 28, 2009 at 19:21 from IEEE Xplore. Restrictions apply.
Remote Monitor / Control
Remote
Office
Internet
MIS / ERP…
SCADA1
SCADA2 SCADA3
FACTORY
Intranet
Fig. 1. Architecture of Intranet/Internet-based SCADA System
development tools, all can be found in the third generation
SCADA systems. Real-time data in the control and
monitoring systems are transferred over the Intranet or even
Internet. The improvement on the efficiency of the operation
is obvious. But the convenience of the remote access to
SCADA systems has made the system more vulnerable to
security attacks as the interconnection introduces more
security holes for potential attackers to break in [1].
Documented cases of the attacks on SCADA systems
show that the activities have increased significantly since
1998. If an attack uses active scanning and attempts to take
advantage of unpatched holes, worms, viruses, and spyware,
then any control system network connected directly or
indirectly through a business IT network to the Internet is
under immediate attack threat. It is reasonable to assume
that network-connected SCADA systems across the country
are probed daily [2].
The rest of the paper is organized as follows. Our
discussion in Section II tries to explain why the SCADA
security is still a big issue today. In Section III, the works
carried out by research communities, government
organizations, standardization bodies and industries are
presented. A brief introduction of artificial immune
algorithms, attack tree model, remotely device vulnerability
quantifying model are described in Section IV. An
investigation on current studies and trends in SCADA
security are also presented in this section. Our final
conclusion provides some insight on the future works on
\]`
SCADA security research.
II. COMPLEXITY OF SCADA SECURITY
The security of SCADA systems is found to be more
complicated than that in the traditional IT or Internet world.
The early conventional SCADA designs do not provide
industrial systems with the protection against cyber attacks.
Old control system facilities are still in use today and they
are fully or partially connected to corporate IP networks
extending to Internet. This connection is vulnerable to cyber
terrorists’ targeted attack when any protecting technique and
measure such as specialized firewall fails.
IT techniques and facilities initially were not designed for
control systems, but are extensively used in SCADA
systems. These techniques and facilities can not satisfy the
strict needs of SCADA security if they are not modified or
enhanced. For example, IP based Sensor Network is not
created for control systems, but their use is growing fast in
industrial control communications [3].
SCADA and industrial protocols, such as Modbus/TCP,
Ethernet/IP and DNP3, are critical for communications to
most control devices. Unfortunately, these protocols were
designed without security in mind and did not typically
require any authentication to remotely execute commands
on a control device.
The Distributed Component Object Model (DCOM) is
the underlying protocol for both the popular OLE for
Process Control (OPC) and Profibus Network. It utilizes
Microsoft’s Remote Procedure Call (RPC) service which
has known vulnerabilities that were the basis for the Blaster
Worm exploits. In addition, OPC (DCOM) dynamically
opens a wide range of ephemeral ports (#1024 – #65535)
that can be extremely difficult to filter at the firewall [4] [5].
Most SCADA systems, especially those used in process
industries, do not tolerate delay and data loss for important
control and safety operations. Many standard IT security
products and mechanisms do not meet the SCADA systems’
real time requirement. For example, anti-virus processes and
firewall functions could take so much time that the data
concerned will expire when it reaches its destination.
Another problem with SCADA security is that the
conditions on the most SCADA vendors’ contracts often
prohibit installing patched and modified software that have
not been approved or vetted by the vendor [6]. This will
cause the slow response to any security threats detected.
Firewall is a common network security facility used to
isolate the SCADA systems and corporate network as well
as Internet, but there is not enough information on exactly
how to deploy, configure and manage it in industrial
environment. Besides, traditional firewalls are designed for
the Intranet segregated from Internet or outside networks
and are unaware of the existence of industrial protocol such
as Modbus/TCP or Industrial Ethernet/IP. In other words,
they can not examine or filter SCADA packets at the
\^W
Authorized licensed use limited to: RMIT University. Downloaded on July 28, 2009 at 19:21 from IEEE Xplore. Restrictions apply.
application layer or offer proxy services for these protocols
[4].
The lack of security awareness and knowledge is
increasingly problematic as the cyber attacks become more
sophisticated. It was not sufficiently taken into
consideration by some SCADA system engineers.
III. PROGRESS IN SCADA SYSTEM SECURITY
DEVELOPMENT and APPLICATION
Works on SCADA security have been conducted in many
sectors over the last decade. Efforts can be seen from
various reports and policies of government agencies,
international organizations, standardization bodies, industry
alliances, control system manufacturers, and research
institutes. In this section, the progress and status of the
SCADA security are reviewed.
A. SCADA Security Standards and Government Push
Government agencies and organizations have historically
played important roles in security standards development
and enforcement. Each year, evaluation, research and
development reports on SCADA security are published by
these agencies and organizations [7~11]. The works cover
normal IT security, but more specifically focus on SCADA
and protection of critical infrastructures
Governments, especially those of developed countries,
are pushing hard in driving the activities around the
infrastructure security. The governments’ organizations and
international standardization bodies, industry alliances have
cooperated in setting various standards and producing
guides on SCADA security. These guidelines and standards
have started being adapted to SCADA applications in
industry. These new and revised guides are based on
information security principles that have been used for years
in the IT environment [12][13]. But their targets are SCADA
systems [14]. Listed below are some of the active players
and their involvement in the area.
• Instrumentation, Systems, and Automation Society
(ISA) / International Electrotechnical Commission
(IEC); Focus is on manufacturing and control system
security[15~18];
• Institute of Electrical and Electronic Engineers (IEEE);
Target areas: Data and Communications, Electric
Power Control and, etc.[19][20];
• Government Accountability Office (GAO); Annual
report: “Critical Infrastructure Protection, Challenges
in Securing Control Systems”[21][22];
• National Institute of Standards and Technology (NIST):
Standard and guide: “System Protection Profile for
Industrial Control Systems (SPP ICS)” and “Federal
Information Processing Standards” [23];
• National Infrastructure Security Co-ordination Centre
(NISCC): Guide for SCADA and Process Control
Network security;
 • U.S. Industrial Standard: Chemical Sector: CIDX
Cyber-security Standard; Energy – Natural Gas Sector:
AGA Report Number 12; Energy – Petroleum & Oil
Sector: API Standard Number 1164;
Transportation-Rail Sector; Cross Sector ISA-TR99.01
and 02-2004; Energy – Electric Power Sector: NERC
CIP; Telecommunications Sector: ANSI T1.276; Water
Sector: AWWA;
• British Standard (BS) for Information Security
Management: Information Security Management-
Specification for Information Security Management
Systems (British Standard BS 7799); the Electronic
Attack Threat to Supervisory Control and Data
Acquisition (SCADA) Control & Automation Systems
[24][25].
B. Research and Development
There is now an increased interest in strengthening
industrial control network security. Many government
supported R/D organizations are formed. Listed below are
some of the most influential:
• Sandia National Laboratories (USA,
http://www.sandia.gov);
• National Infrastructure Security Co-ordination Centre
(NISCC, UK, http://www.cpni.gov.uk);
• British Columbia Institute of Technology (BCIT,
Canada, http://www.bcit.ca).
They have set up various test beds [26] and published
many reports of investigation, research and development on
SCADA security [6].
SCADA system manufacturers, such as Honeywell
(USA), Emerson (USA), Siemens (German), are improving
the security of their own products. Also some traditional IT
companies such as CISIO Corporation, IBM Corporation
and Symantec Corporation have began to pay close attention
to critical infrastructure security and offered some solutions
based on their original products such as firewalls, servers
and secure software [27] [28].
C. Cisco System Critical Infrastructure Assurance Group
(CIAG)
Four industrial security related research projects were
carried out by CIAG in recent years. They are listed in the
following.
1) Honeynet for SCADA Environments (completed): The
project extends the concept of Honeynet to SCADA
networks. The goal is to simulate a whole SCADA network,
including the devices, protocols, and applications in a single
Linux box, using multiple scripts. Several application
scenarios are listed:
• Build a HoneyNet to gather information on attacker
tools and their attacking modes;
• Provide a scriptable industrial protocol simulator to test
a real-life protocol implementation;
• Research countermeasures, such as device hardening,
\^X
Authorized licensed use limited to: RMIT University. Downloaded on July 28, 2009 at 19:21 from IEEE Xplore. Restrictions apply.
stack obfuscation, application information reduction,
and effectiveness network access controls.
2) Netfilter Extensions For Modbus/TCP (completed):
MODBUSFW is a Linux 2.4.x Netfilter Extension that
permits filtering decisions (DROP, REJECT, etc.) based on
application-layer values, allowing finer-grained access
control that is currently possible by simply blocking TCP
port 502. They added support for Modbus/TCP to Linux
Netfilter to determine the feasibility of adding fine-grained
access controls for an automation protocol within
general-purpose firewall devices.
Like most automation protocols (regardless of their
transport), Modbus/TCP has no built-in security
mechanisms. The protocol has no means of authenticating or
authorizing the initiator of the request. Currently, the only
reasonable solution is to filter via a firewall or router access
control lists based on TCP port 502. This only permits or
denies Modbus/TCP traffic from a given source to a given
destination and provides no control over the type of
messages will be processed, and therefore the type of
operations that the end device will perform. Depending on
the security policy of the organization and the type of
application, all hosts may be allowed to perform read
operations from a given Modbus/TCP slave (permit from
0x01 through 0x04), a smaller number of hosts maybe
allowed to perform write operations, and only a select few
devices can program the PLCs (deny function code 0x7E for
Modicon PLCs). The Netfilter extension makes this sort of
fine-grained policy enforcement possible.
3) SCADA Serial Link Protection (in Progress): This
project seeks to devise and standardize a cryptographic
protocol to protect SCADA communications from cyber
attack while minimizing negative impact on SCADA system
operation.
4) Secure Administrative Access in SCADA Networks (in
progress): The aim of this research work is to propose a
system which provides cryptographically strong security for
management access to RTUs, while remaining simple,
practical, and affordable [29].
D. Firewall installation and Security Management
Improvement
For SCADA system owners, the installation of firewalls
to isolate control system from outside network and the
improvement of security management may be the most
efficient approach to protect their critical infrastructures.
1) Security Management
Security policy for SCADA administration translates the
desired security and reliability control objectives for the
overall business into enforceable direction and behavior for
the staff to ensure secure SCADA design, implementation,
and operation.
The security policy is the root document, with sections
covering purpose, scope, positions, responsibilities,
references, revision history, enforcement, and exceptions for
various subjects relevant for systems security. It covers
topics including the overall security risk management
program, data security, platforms, communications,
personnel, configuration management, auditing / assessment,
computer applications, physical security, and manual
operations.
A clear administrative structure and enforcement
hierarchy of SCADA policy framework is shown in [6][30].
2) Firewall installation and configuration
It is important that specialized firewall used in SCADA
systems should recognise the protocol well enough to allow
rules to block certain SCADA functions. For example, a rule
might allow that Modbus read commands to cross the
firewall and drop all packets with invalid or unauthorized
functions codes. Different control network protocols or
facilities need different firewall devices or special
segregation rules configuration. If distributed digital
SCADA devices or nodes need to directly connect to outside
networks, they should install firewalls in front of each of
them. The research project to develop “Micro-firewall” has
being carried out by National Infrastructure Security
Co-ordination Centre (NISCC) [4].
The detailed rule configuration for firewall as well as the
interconnection suggestions between SCADA systems and
outside network using firewalls can also be found in [4][31].
IV. RESEARCH AND DEVELOPMENT
TRENDS IN SCADA SYSTEM SECURITY
The ongoing studies and researches for improving
SCADA security technology can be seen in the following
areas: Tools for high speed intrusion detection systems,
software assurance, attack attribution and trace-back,
security modeling of existing and proposed SCADA
systems, network visualization for mapping cyber
disruptions, triage of threat scenarios across many vectors,
and methods for assuring the reliable performance of
commercial off-the shelf products, etc.
Generally, the research and development work can be
divided in three levels:
The first level is on application. The work focuses on
practical specific SCADA security mechanism design,
deployment and updating. Some examples are discussed in
[32~37].
The second level is on general modelling, analysing and
solution seeking. The characteristics and vulnerabilities of
general SCADA protocols and networks are used in the
study. New security standards, new policies, and even new
SCADA architectures are expected to be proposed and
developed [38~40].
The third level is on the fundamental security issues
applicable to SCADA. This level of research is to target the
problems which can not be solved based on the existing
models. The following discussion is on this level.
\^Y
Authorized licensed use limited to: RMIT University. Downloaded on July 28, 2009 at 19:21 from IEEE Xplore. Restrictions apply.
A. Artificial Immune Algorithm used in protecting SCADA
system
The Artificial Immune System (AIS) is such a system that
it borrows the ideas from the modeling of human immune
system to detect and stop intrusion in large and complicated
networks including control networks. The powerful
information processing capabilities of the immune system,
such as feature extraction, pattern recognition, learning,
memorization and its distributive nature provide rich
metaphors for its artificial counterpart. In details, an
artificial immune system mechanism can detect the self or
non-self in a network security system. With multiple
detectors that attack only non-self, an AIS can detect known
and strange intrusions and thus protect the systems. When
an immunity agent of an observed network detects an
intruder as non-self, the agent cooperates with other
immunity agents at the observed process level. The detected
non-self could be identified as an illegal intruder with
shared information exchanged with other agents. These
agents then remove all files and processes executed by the
intruders.
One of the key difficulties for using AIS in a control
network environment is how to dynamically generate
different kinds of immunity cell agents by recognizing an
access via the network, and individually gather information
on a network or process level in the systems. The
characteristics description of data, the exchange mechanism
and communication protocols interfacing with outside
network should be further developed. There are some
detailed methods of data fusion such as analyzing log
information collected in packets that flow on a network or
the individual computer [41].
B. Vulnerability Evaluation of Cybersecurity using Attack
Tree Model
The attack tree formulation based on SCADA networks is
used to evaluate the system, scenario, and leaf
vulnerabilities. It is the foundation to emulate penetration
testing, confirm the hypothesis, and study security flaws.
Besides, attack trees can include budgetary constraints to
evaluate system vulnerability that determines the optimal
security investment based on this framework.
The measure of vulnerabilities in the SCADA framework
is determined based on existing cybersecurity conditions
before the vulnerability indices are evaluated. After the
indices are evaluated, an upper bound is imposed on each
scenario vulnerability in order to determine the pivotal
attack leaves that require countermeasure improvements.
Security improvement of an attack tree depends on the total
number of countermeasure types and password policy
enforcement on each attack leaf. The framework can be
extended to security investment analysis.
This methodology can be used to systematically evaluate
the vulnerability and improvements based on cybersecurity
conditions, technological countermeasures, and password
policy enforcement [42].
C. Modeling to Identify Remotely Accessible Devices
Vulnerable
Daniel Conte de Leon, Jim Alves-Foss, Axel Krings and
Paul Oman [43] used graph theory to model electric power
control and protection devices, and their associated
connectivity. They introduced the concept of a device
visibility path and used a small Prolog application to
calculate a device vulnerability level for a target device
within a hypothetical power substation. This vulnerability
assessment method has applications in some real-time
complex control systems, especially those found within
critical infrastructures supporting today’s modern digital
societies.
D. Vulnerability Quantifying Model
The Infrastructure Vulnerability Assessment Model
(I-VAM) is built upon the mathematics of multiattribute
value theory and used to make vulnerability quantified in
[44]. The vulnerability is defined as a measure of system
susceptibility to threat scenarios. Vulnerability as a
condition of the system can be quantified using the
Infrastructure Vulnerability Assessment Model (I-VAM).
The model has been applied to a medium-sized clean water
system. The model requires subject matter experts (SMEs)
to establish value functions and weights, and to assess
protection measures of the system. Simulation is used to
account for uncertainty in measurement, aggregate expert
assessment, and to yield a vulnerability density function.
I-VAM can be used to quantify vulnerability to other
infrastructures, supervisory control and data acquisition
systems (SCADA), and distributed control systems (DCS).
V. CONCLUSIONS
The security of SCADA systems has been the subject of
research, standardization and industrial practices for several
years. However, the attacks on SCADA system is getting
more frequent due to the openness of the SCADA network
platforms, the advancement of hacking techniques and the
increased availability of hacking tools. It will rise to a
significant level in the future according to the investigation
and study by the Committee on Homeland Security [2]. The
cooperative efforts from control/automation and IT
specialists are the key to combat the threats facing the
SCADA systems. New protocols, standards and products are
expected to strengthen the security levels of various existing
and future SCADA systems. In this paper, we have briefly
discussed the major differences between control network
security and traditional IT network security. The
complexity of SCADA system security is presented. The
progress on SCADA system security researches and
developments is reviewed. Efforts on the SCADA security
from governments, international standardization bodies and
\^Z
Authorized licensed use limited to: RMIT University. Downloaded on July 28, 2009 at 19:21 from IEEE Xplore. Restrictions apply.
research communities are summarized. Some representative
products, proposed protocols, and applications are presented.
The technical trend and direction on the SCADA security
research are discussed, A few research topics, such as high
speed real time intrusion detection, artificial immune system
for SCADA system, and SCADA security vulnerability
assessment, are identified as promising research areas.
REFERENCES
[1] Thomas Kropp, "System Threats and Vulnerabilities: an EMS and
SCADA Security System Overview", IEEE Power & Energy
Magazine, pp.46-50, March/April 2006.
[2] Peter T. King, Daniel E. Lungren, Dave G. Reichert, “SCADA Systems
and the Terrorist Threat: Protecting the Nation’s Critical Control
Systems (Joint Hearing before the Subcommittee on Economic
SECURITY, Infrastructure Protection, and Cybersecurity with the
Subcommittee on Emergency Preparedness, Science, and Technology
of the Committee ON Homeland Security), House of Representatives
One Hundred Ninth Congress First Session, Serial No. 109–45,
Printed for the use of the Committee on Homeland Security”, 18 Oct.
2005, Available via the World Wide Web:
http://www.gpoaccess.gov/congress/index.html
[3] Tanya Roosta, Shiuhpyng Shieh, Shankar Sastry, “Taxonomy of
Security Attacks in Sensor Networks and Countermeasures”, 2005,
available on http://dsns.csie.nctu.edu.tw/ssp/docs/IC02-Taxonomy%
20of%20Security%20Attacks%20in%20Sensor%20Networks%20and
%20Countermeasures.pdf
[4] British Columbia Institute of Technology (BCIT), “Good Practice
Guide on Firewall Deployment for SCADA and Process Control
Networks (Prepared for National Infrastructure Security Co-ordination
Centre)”, National Infrastructure Security Co-ordination Centre
(NISCC), Feb. 2005[Online]. Available on: http://www.tc.bcit.ca
[5] Vinary Mallikarjun Igure, “A Taxonomy of Security Vulnerabilities in
SCADA Protocols”, a Dissertation for the Degree of Philosophy
Doctor of Philosophy, University of Virginia, ProQuest Information
and Learning Company, UMI Number: 3239979, Jan. 2007.
[6] Dominique Kilman, Jason Stamp (Sandia National Laboratories)
Framework for SCADA Security Policy, SAND2005-1002, Oct.
2005[Online]. Available: http://www.sandia.gov.
[7] Jack Eisenhauer, Paget Donnelly, Mark Ellis, Michael O’Brien,
“Roadmap to Secure CONTROL Systems in the Energy Sector”, U.S.
Department of Energy, U.S. Department of Homeland Security, Jan.
2006.
[8] Federal Office for Information Security, “The IT Security Situation in
Germany in 2007”, May. 2007, available on http://www.bsi.bund.de
[9] Department of the Prime Minister and Cabinet, Australian Government,
“Research Support for Counter-Terrorism: Information and
Guidelines”, June 2007, Available on http://www.pmc.gov.au/nsst
[10]National Institute of Standards and Technology (NIST), Technology
Administration, U.S. Department of Commerce, “2005 Annual Report
– Computer Security Division”, Feb. 2006.
[11]Department of Communication, Information Technology and Arts,
“Generic SCADA Risk Management Framework for the IT Security
Expert Advisory Group (ITSEAG)”, Australia Government, Dec.
2006.
[12]Ronald L. Krutz, “Securing SCADA systems”, Wiley Publishing, Inc.,
Indianapolis, Indiana, 2006, pp109-122.
[13]Virgil B. Hammond, Shabbir A. Shamsuddin, George A.Shaw, et al,
“Comparison Study of Industrial Control System Standards Against
the Control Systems Protection Framework Cyber-Security
Requirements”, Idaho National Laboratory (INL), Sep. 2005.
[14] Robert P. Evans, “Process Control System Cyber Security Standards –
An Overview”, Idaho National Laboratory, May. 2005.
[15]Information Technology—Code of Practice for Information Security
Management (International Standard ISO/IEC 17799).
[16]Instrumentation, Systems, and Automation Society. Integrating
Electronic Security into the Manufacturing and Control Systems
Environment (ISATR99.00.02- 2004). April 2004.
[17]Instrumentation, Systems, and Automation Society. “Security
Technologies for Manufacturing and Control Systems
 (ISA-TR99.00.01-2004)”. April 2004.
[18]International Electrotechnical Commission. Enterprise
Network—Control Network Interconnection Profile (ECI) (IEC/SC
65C/WG 13 Draft v1.04), December 2004.
[19]IEEE Standard Definition, Specification, and Analysis of Systems
Used for Supervisory Control, Data Acquisition, and Automatic
Control (IEEE Standard C37.1-1994). Institute of Electrical and
Electronics Engineers.
[20]IEEE Standard for Digital Computers in Safety Systems of Nuclear
Power Generating Stations (IEEE Standard 7-4.3.2). Institute of
Electrical and Electronics Engineers.
[21]United States General Accounting Office (GAO). "2004. Border
security: Agencies need to better coordinate their strategies and
operations on federal lands. Report to Congressional requesters
GAO-04-590", June.2005.
[22]United States General Accounting Office (GAO "GAO Reports on
DHS DHS Should Take Steps to Encourage More Widespread Use of
Its Program to Protect and Share Critical Infrastructure Information",
April 2006, available at: http://www.gao.gov/new.items/d06383.pdf
[23]National Institute of Standards and Technology, "National Institute of
Standards & Technology: System Protection Profile - Industrial
Control Systems", April 2004, avail on
http://www.isd.mel.nist.gov/projects/processcontrol/
SPP-ICSv1.0.doc
[24]The British Standards Institution. Information Security
Management-Specification for Information Security Management
Systems (British Standard BS 7799).
[25]The Electronic Attack Threat to Supervisory Control and Data
Acquisition (SCADA) Control & Automation Systems. London, UK:
National Infrastructure Security Co-ordination Center (NISCC), July
12, 2003.
[26]C. M. Davis, J. E. Tate, H. Okhravi, C. Grier, T. J. Overbye, and D.
Nicol, "SCADA Cyber Security Testbed Development", Power
Symposium, 2006. NAPS 2006. 38th North American, Sep. 2006.
[27]IBM Corporation, “A Strategic Approach to Protecting SCADA and
Process Control Systems (IBM Internet Security Systems White
Paper)”, Oct. 2007, available on http://www.isi.net.
[28] Symantec Corporation, “Information Security Challenges in the
Electric Power Industry (White Paper)”, Dec. 2004, available on
http://enterprisesecurity.symantec.com
[29]Cisco Systems Inc, "CIAG Research Projects", available on
http://www.cisco.com/web/about/security/security_services/ciag/resea
rch/CIAG_research_projects.html
[30]Jason Stamp, Phil Campbell, Jennifer DePoy, John Dillinger, William
Young, "Sustainable Security for Infrastructure SCADA", 2003,
available on http://www.sandia.gov/scada/documents/
SustainableSecurity.pdf
[31]Invensys Inc., "Process Control Network Security Firewall
\^[
Authorized
View publication stats licensed use limited to: RMIT University. Downloaded on July 28, 2009 at 19:21 from IEEE Xplore. Restrictions apply.
Configuration and Policies", 2005, available on http://ips.invensys.
com/perf-svs/docs/am/056-Firewall-Configuration.pdf
[32]Olivier Pasteur, Tuan Dang, Pierre-Etienne Delon, “Using Web
Services to exchange power plant process data”, Industrial Informatics,
2007 5th IEEE International Conference, June 2007.
[33]T. Paukatong, “SCADA Security: A New Concerning Issue of an
In-house EGAT-SCADA”, 2005 IEEE/PES Transmission and
Distribution Conference & Exhibition: Asia and Pacific Dalian, China,
2005.
[34]David A. Moore, “Application of the API/NPRA SVA methodology to
transportation security issues”, Journal of Hazardous Materials 130
(2006), pp.107–121.
[35]Dong-Joo Kang and Hak-Man Kim, “A Proposal for Key Policy of
Symmetric Encryption Application to cyber security of KEPCO
SCADA Network”, Future Generation Communication and
Networking, Dec. 2007.
[36]William M. Sieverl, Ann Millerl, Daniel R. Tauritz, “Blueprint for
Iteratively Hardening Power Grids Employing Unified Power Flow
Controllers”, System of Systems Engineering, 2007. SoSE '07. IEEE
International Conference, April 2007.
[37]Ryosuke Watabe, Tadashi Oi, Yoshio Endo3, "Security Design of
Remote Maintenance System for Nuclear Power Plants based on
ISO/IEC 15408", SICE Annual Conference 2007, Sept. 17-20, 2007,
Kagawa University, Japan, pp.1700-1704.
[38][Zhu Youzhi, Zheng Geng, Liu Guoping, “System Architecture Design
of Supervisory Software for Networked Control Systems”,
Proceedings of the 26th Chinese Control Conference 7, Zhangjiajie,
Hunan, China, July 26-31, 2007.
[39]Michael LeMay, George Gross, Carl A. Gunter, Sanjam Garg, “Unified
Architecture for Large-Scale Attested Metering”, Proceedings of the
40th Hawaii International Conference on System Sciences , 2007.
[40]C. Balducelli, S. Bologna, L. Lavalle, G. Vicoli, “Safeguarding
information intensive critical infrastructures against novel types of
emerging failures”, Reliability Engineering and System Safety 92
(2007), pp.1218–1229.
[41]Yi Niu, Quanju Zhang, "Security Operation Center Based on Immune
System", 2007 International Conference on Computational
Intelligence and Security Workshops, 2007.
[42]Chee-Wooi Ten, Chen-Ching Liu, Manimaran Govindarasu,
“Vulnerability Assessment of Cybersecurity for SCADA Systems
Using Attack Trees”, Power Engineering Society General Meeting,
2007. IEEE, June 2007.
[43]Daniel Conte de Leon and Jim Alves-Foss, Axel Krings and Paul
Oman, “Modeling Complex Control Systems to Identify Remotely
Accessible Devices Vulnerable to Cyber Attack”, ACM SACT, Wash.
DC, Nov. 2002.
[44] Barry Charles Ezell, “Infrastructure Vulnerability Assessment Model
(I-VAM)”, Risk Analysis, Vol. 27, No. 3, 2007.