For my thesis, I aim to research about the industrial control system(SCADA) attacks. Therefore, I am looking for the vulnerabilities specific to SCADA. There are attacks such as DoS, Eavesdropping, MITM, etc. that focus on the network usage of SCADA, but for an academic and specialized study in this field, I intend to choose a subject that focuses on the architecture and application of SCADA rather than the internet network.There are some things to note?
Dear Kaaven Mahamedi,
I suggest you to see links and attached files in topics.
-How to Defend Your Industrial Control Systems: 8 Practical Steps
https://www.trustwave.com/.../How-to-Defend-Your-Industrial-Co...
-Cybersecurity for SCADA Systems
https://books.google.dz/books?isbn=1593700687 -
-2 Types of Threats Associated with Information Technology Infrastructure
https://www.nap.edu/read/10640/chapter/4
Best regards
http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/targeted_attacks_against_the_energy_sector.pdf
In my opinion, the most significant thing differentiating SCADA from IT systems is that they are attached to a physical process. A cyber attack that specifically targets a SCADA system is generally focused on affecting the physical process, not just gathering or modifying data.
The reported information on Industroyer / CrashOverride and Ralph Langner's description of StuxNet give some insight into the complexity of advanced attacks on control systems.
Another differentiator is that most "IT-centric" discussion of SCADA seems to limit itself to the interface between a corporate IT system and the SCADA system. This ignores the other major interface between the SCADA master, a communication network and the field equipment. Whereas once this was usually a private network, this is often no longer the case. The field network does not always work the same way that IT communication works and might not be understood well by people who are not familiar with these systems.
Many people also fail to remember that in addition to the operational (process monitoring and control) data traffic, these systems often also support device maintenance and management activities. The operational data interfaces are now commonly implemented in standard protocols (often with an industry focus, such as IEEE 1815 or IEC 61850 used in the power industry), whereas the maintenance interfaces usually use vendor proprietary protocols. Most systems include equipment from multiple control system equipment vendors. Securing this maintenance interface is challenging with very few really effective vendor-neutral options.
https://www.dhs.gov/sites/default/files/publications/csd-nist-guidetosupervisoryanddataccquisition-scadaandindustrialcontrolsystemssecurity-2007.pdf
Conference Paper Implementation of SCADA System for DC Motor Control
http://c.ymcdn.com/sites/oawwa.org/resource/collection/FB33BC36-E839-4426-9383-A602EA041312/SCADA%20and%20Controls%20System%20Upgrade.pdf
- Badges
- Science topic
- Similar topics
- Mathematical Sciences
- Control Theory
- Control Systems