Towards Developing SCADA Systems Security Measures for Critical Infrastructures against Cyber-Terrorist Attacks

Suhaila Ismail; Elena Sitnikova; Jill Slay

doi:10.1007/978-3-642-55415-5_20

Towards Developing SCADA Systems Security Measures for Critical Infrastructures against Cyber-Terrorist Attacks

Suhaila Ismail, Elena Sitnikova, Jill Slay

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

6 Citations (Scopus)

Abstract

Security is essential in protecting confidential data, especially in Supervisory Control and Data Acquisition (SCADA) systems which monitor and control national critical infrastructures, such as energy, water and communications. Security controls are implemented to prevent attacks that could destroy or damage critical infrastructures. Previous critical infrastructure surveys point out the gaps in knowledge, including the lack of coordination between sectors, inadequate exchange of information, less awareness and engagement in government critical infrastructure protection (CIP) programs. Consequently, private sector and government organizations feel less prepared. This paper highlights existing vulnerabilities, provides a list of previous attacks, discusses existing cyber security methodologies and provides a framework aiming to improve security in SCADA systems to protect them against cyber-attacks.

Original language	English
Title of host publication	ICT Systems Security and Privacy Protection
Subtitle of host publication	29th IFIP TC 11 International Conference, SEC 2014 Marrakech, Morocco, June 2-4, 2014 Proceedings
Editors	Nora Cuppens-Boulahia, Frédéric Cuppens, Sushil Jajodia, Anas Abou El Kalam, Thierry Sans
Publisher	Springer New York LLC
Pages	242-249
Number of pages	8
ISBN (Electronic)	9783642554155
ISBN (Print)	9783642554148
DOIs	https://doi.org/10.1007/978-3-642-55415-5_20
Publication status	Published - 2014
Externally published	Yes
Event	29th IFIP TC 11 International Conference, SEC 2014 - Marrakesh, Morocco Duration: 2 Jun 2014 → 4 Jun 2014

Publication series

Name	IFIP Advances in Information and Communication Technology
Volume	428
ISSN (Print)	1868-4238
ISSN (Electronic)	1868-422X

Conference

Conference	29th IFIP TC 11 International Conference, SEC 2014
Country/Territory	Morocco
City	Marrakesh
Period	2/06/14 → 4/06/14

Keywords

Critical Infrastructure
Cyber Security
SCADA
SCADA vulnerabilities
Security Assessment

Access to Document

10.1007/978-3-642-55415-5_20Licence: In Copyright

https://rdcu.be/cYmPjLicence: In Copyright

Cite this

Ismail, S., Sitnikova, E., & Slay, J. (2014). Towards Developing SCADA Systems Security Measures for Critical Infrastructures against Cyber-Terrorist Attacks. In N. Cuppens-Boulahia, F. Cuppens, S. Jajodia, A. A. E. Kalam, & T. Sans (Eds.), ICT Systems Security and Privacy Protection: 29th IFIP TC 11 International Conference, SEC 2014 Marrakech, Morocco, June 2-4, 2014 Proceedings (pp. 242-249). (IFIP Advances in Information and Communication Technology; Vol. 428). Springer New York LLC. https://doi.org/10.1007/978-3-642-55415-5_20

Ismail, Suhaila ; Sitnikova, Elena ; Slay, Jill. / Towards Developing SCADA Systems Security Measures for Critical Infrastructures against Cyber-Terrorist Attacks. ICT Systems Security and Privacy Protection: 29th IFIP TC 11 International Conference, SEC 2014 Marrakech, Morocco, June 2-4, 2014 Proceedings. editor / Nora Cuppens-Boulahia ; Frédéric Cuppens ; Sushil Jajodia ; Anas Abou El Kalam ; Thierry Sans. Springer New York LLC, 2014. pp. 242-249 (IFIP Advances in Information and Communication Technology).

@inproceedings{eef9c4fb86684b36be76cb9b5dd766cb,

title = "Towards Developing SCADA Systems Security Measures for Critical Infrastructures against Cyber-Terrorist Attacks",

abstract = "Security is essential in protecting confidential data, especially in Supervisory Control and Data Acquisition (SCADA) systems which monitor and control national critical infrastructures, such as energy, water and communications. Security controls are implemented to prevent attacks that could destroy or damage critical infrastructures. Previous critical infrastructure surveys point out the gaps in knowledge, including the lack of coordination between sectors, inadequate exchange of information, less awareness and engagement in government critical infrastructure protection (CIP) programs. Consequently, private sector and government organizations feel less prepared. This paper highlights existing vulnerabilities, provides a list of previous attacks, discusses existing cyber security methodologies and provides a framework aiming to improve security in SCADA systems to protect them against cyber-attacks.",

keywords = "Critical Infrastructure, Cyber Security, SCADA, SCADA vulnerabilities, Security Assessment",

author = "Suhaila Ismail and Elena Sitnikova and Jill Slay",

year = "2014",

doi = "10.1007/978-3-642-55415-5_20",

language = "English",

isbn = "9783642554148",

series = "IFIP Advances in Information and Communication Technology",

publisher = "Springer New York LLC",

pages = "242--249",

editor = "Nora Cuppens-Boulahia and Fr{\'e}d{\'e}ric Cuppens and Sushil Jajodia and Kalam, {Anas Abou El} and Thierry Sans",

booktitle = "ICT Systems Security and Privacy Protection",

note = "29th IFIP TC 11 International Conference, SEC 2014 ; Conference date: 02-06-2014 Through 04-06-2014",

}

Ismail, S, Sitnikova, E & Slay, J 2014, Towards Developing SCADA Systems Security Measures for Critical Infrastructures against Cyber-Terrorist Attacks. in N Cuppens-Boulahia, F Cuppens, S Jajodia, AAE Kalam & T Sans (eds), ICT Systems Security and Privacy Protection: 29th IFIP TC 11 International Conference, SEC 2014 Marrakech, Morocco, June 2-4, 2014 Proceedings. IFIP Advances in Information and Communication Technology, vol. 428, Springer New York LLC, pp. 242-249, 29th IFIP TC 11 International Conference, SEC 2014, Marrakesh, Morocco, 2/06/14. https://doi.org/10.1007/978-3-642-55415-5_20

Towards Developing SCADA Systems Security Measures for Critical Infrastructures against Cyber-Terrorist Attacks. / Ismail, Suhaila; Sitnikova, Elena; Slay, Jill.

ICT Systems Security and Privacy Protection: 29th IFIP TC 11 International Conference, SEC 2014 Marrakech, Morocco, June 2-4, 2014 Proceedings. ed. / Nora Cuppens-Boulahia; Frédéric Cuppens; Sushil Jajodia; Anas Abou El Kalam; Thierry Sans. Springer New York LLC, 2014. p. 242-249 (IFIP Advances in Information and Communication Technology; Vol. 428).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Towards Developing SCADA Systems Security Measures for Critical Infrastructures against Cyber-Terrorist Attacks

AU - Ismail, Suhaila

AU - Sitnikova, Elena

AU - Slay, Jill

PY - 2014

Y1 - 2014

N2 - Security is essential in protecting confidential data, especially in Supervisory Control and Data Acquisition (SCADA) systems which monitor and control national critical infrastructures, such as energy, water and communications. Security controls are implemented to prevent attacks that could destroy or damage critical infrastructures. Previous critical infrastructure surveys point out the gaps in knowledge, including the lack of coordination between sectors, inadequate exchange of information, less awareness and engagement in government critical infrastructure protection (CIP) programs. Consequently, private sector and government organizations feel less prepared. This paper highlights existing vulnerabilities, provides a list of previous attacks, discusses existing cyber security methodologies and provides a framework aiming to improve security in SCADA systems to protect them against cyber-attacks.

AB - Security is essential in protecting confidential data, especially in Supervisory Control and Data Acquisition (SCADA) systems which monitor and control national critical infrastructures, such as energy, water and communications. Security controls are implemented to prevent attacks that could destroy or damage critical infrastructures. Previous critical infrastructure surveys point out the gaps in knowledge, including the lack of coordination between sectors, inadequate exchange of information, less awareness and engagement in government critical infrastructure protection (CIP) programs. Consequently, private sector and government organizations feel less prepared. This paper highlights existing vulnerabilities, provides a list of previous attacks, discusses existing cyber security methodologies and provides a framework aiming to improve security in SCADA systems to protect them against cyber-attacks.

KW - Critical Infrastructure

KW - Cyber Security

KW - SCADA

KW - SCADA vulnerabilities

KW - Security Assessment

UR - http://www.scopus.com/inward/record.url?scp=84926509647&partnerID=8YFLogxK

U2 - 10.1007/978-3-642-55415-5_20

DO - 10.1007/978-3-642-55415-5_20

M3 - Conference contribution

AN - SCOPUS:84926509647

SN - 9783642554148

T3 - IFIP Advances in Information and Communication Technology

SP - 242

EP - 249

BT - ICT Systems Security and Privacy Protection

A2 - Cuppens-Boulahia, Nora

A2 - Cuppens, Frédéric

A2 - Jajodia, Sushil

A2 - Kalam, Anas Abou El

A2 - Sans, Thierry

PB - Springer New York LLC

T2 - 29th IFIP TC 11 International Conference, SEC 2014

Y2 - 2 June 2014 through 4 June 2014

ER -

Ismail S, Sitnikova E, Slay J. Towards Developing SCADA Systems Security Measures for Critical Infrastructures against Cyber-Terrorist Attacks. In Cuppens-Boulahia N, Cuppens F, Jajodia S, Kalam AAE, Sans T, editors, ICT Systems Security and Privacy Protection: 29th IFIP TC 11 International Conference, SEC 2014 Marrakech, Morocco, June 2-4, 2014 Proceedings. Springer New York LLC. 2014. p. 242-249. (IFIP Advances in Information and Communication Technology). doi: 10.1007/978-3-642-55415-5_20

Towards Developing SCADA Systems Security Measures for Critical Infrastructures against Cyber-Terrorist Attacks

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this