Uncovering industrial control systems vulnerabilities by examining SCADA virtual packages and their communication protocols

W. J. Seo, E. Sitnikova

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

40 Downloads (Pure)

Abstract

Supervisory Control and Data Acquisition (SCADA) is the centralized computer system that controls and monitors the Industrial Control Systems (ICS) that are connected to it. SCADA is used in various industries and the military, and it is essential to many critical infrastructures. However, in most nations SCADA was introduced a few decades ago, as one of their security measures. With rapid technology advancement over the decades, this out-dated security measure could never be on par with the security risks that SCADA systems are facing. It is necessary to investigate the potential vulnerabilities on the structural level and mitigate them. Focusing on the software vulnerabilities, this paper aims to investigate the potential security issues that could cause malfunction of SCADA systems that control critical infrastructures, including electricity, water, gas, traffic, military, and others which causes impact to the survival of a nation. With various SCADA packages available in the market, Citect SCADA from Schneider Electric Corporation has been selected for this research due to their popularity in Australian industry. Several versions of the Citect SCADA are being used in the investigation due to the fact previous versions are still widely used in industry at the time of writing. This paper investigates the structure and functionality of the SCADA packages to uncover their vulnerabilities and proposes recommended countermeasures.

Original languageEnglish
Title of host publicationMODSIM2015
Subtitle of host publication21st International Congress on Modelling and Simulation. Modelling and Simulation Society of Australia and New Zealand
Pages725-731
Number of pages7
DOIs
Publication statusPublished - 4 Dec 2015
Externally publishedYes
Event21st International Congress on Modelling and Simulation: Partnering with Industry and the Community for Innovation and Impact through Modelling, MODSIM 2015 - Held jointly with the 23rd National Conference of the Australian Society for Operations Research and the DSTO led Defence Operations Research Symposium, DORS 2015: Partnering with industry and the community for innovation and impact through modelling - Gold Coast Convention and Exhibition Centre, Broadbeach, Australia
Duration: 29 Nov 20154 Dec 2015
Conference number: 21st
https://www.mssanz.org.au/modsim2015/ (Conference link)

Conference

Conference21st International Congress on Modelling and Simulation: Partnering with Industry and the Community for Innovation and Impact through Modelling, MODSIM 2015 - Held jointly with the 23rd National Conference of the Australian Society for Operations Research and the DSTO led Defence Operations Research Symposium, DORS 2015
Abbreviated titleMODSIM2015
Country/TerritoryAustralia
CityBroadbeach
Period29/11/154/12/15
Internet address

Keywords

  • Critical infrastructure
  • Cyber security
  • SCADA

Fingerprint

Dive into the research topics of 'Uncovering industrial control systems vulnerabilities by examining SCADA virtual packages and their communication protocols'. Together they form a unique fingerprint.

Cite this