Tuesday, June 28, 2011

SMART ANTENNA BASE STATION OPEN ARCHITECTURE FOR SDR NETWORKS

ABSTRACT
Software-defined radio system architecture must be openly structured to various system standards. It should also provide capability for distributed processing, object-oriented design, and software controllability. This implies that the software to be used in the SDR system should be independent of a given hardware platform. In order to achieve these goals, the proposed SDR system utilizes modularization to maximize hardware reuse and design flexibility, which provides the system reconfigurability. The objective of this article is to provide an open architecture of a smart antenna base station (SABS) operating in the SDR with architecture that is object-oriented and software-controlled. For this purpose, the software and hardware of a SABS is first modularized and partitioned into modules, respectively. Then the interface among the modules is specified to determine the smart antenna
application programming interface proper for the SDR network. The suitability of the proposed open architecture of SABS is verified through a design example of SABS implemented in accordance with the proposed architecture. The performance of the proposed system is shown in practical signal environments of CDMA2000 1X with commercial handsets operating at various data rates ranging from 9.6 to 153.6 kb/s in terms of frame error rate and signal- to-Interference-plus-noise ratio, which is dramatically improved through the nicely shaped beam pattern.

INTRODUCTION
The objective of developing software-defined 
radio ( SDR) technology is to realize plural system 
standards on a single hardware platform 
that is implemented mainly with high-speed programmable 
digital signal processing devices [1]. 
A desired system standard can be selected by 
choosing a proper software module. 
This article addresses the problem of designing 
the hardware and software architecture of a smart 
antenna base station (SABS) that operates in an 
SDR network. A design example of SABS architecture 
that satisfies the requirements of SDR 
functionalities is also provided in this article. We  
propose a hardware platform employing the open 
architecture of SABS, with which one can implement 
the multimode SDR system by selecting the
mo dularized software. Note that the hardware 
platform itself remains unchanged while selecting 
a desired system standard among several different  
standards [2].

The SDR technology includes the design of 
both hardware and software modules. The hardware 
module is reconfigured by the software 
module, which means that a given hardware  
platform is converted into a specific system standard 
or special-purpose communication system 
depending on the changes in the software module.  I
t is key to SDR technology that a system 
update or an addition/deletion/modification of 
services can be performed extremely easily without 
changing the existing hardware [3].
In this article we present an open architecture 
of SABS that is suitable to the SDR network 
and allows one to fully exploit the merits of 
both smart antenna and SDR technologies. The 
proposed architecture has been applied to implement 
a system of SABS, which includes the modulation 
and demodulation parts of the SABS 
together with the interfaces with the SDR network, 
as well as that among the modules within 
the SABS. The suitability of the proposed open 
architecture is demonstrated through a quantitative 
analysis obtained through various experimental 
measurements provided from the design 
example of SABS.

The main contributions of this article can be 
summarized as follows. First, SABS has been partitioned 
into small modules in accordance with 
the function of each module. The interconnections 
among modules are specified such that the 
clock/control signals and command data buses 
between all connected modules operate properly. 
Second, a new SABS open architecture (SABS 
OA) together with a smart antenna application 
programming interface (SA API) are presented 
such that the required features of the SDR system 
are fully satisfied in the SABS. Third, the 
SABS OA and SA API presented in this article 
have been developed in such a way that the 
vari
ous beamforming algorithms are applicable to the
roposed OA. This means that one can receive 
any of the beamforming algorithms suitable to a 
given signal environment from the SDR network 
through the software download procedure. Finally, 
utilizing the OA proposed in this article, we 
present an example of SDR-based SABS to experimentally 
show the feasibility of the proposed 
SABS OA in a practical signal environment.





NAMKYU RYU, YUSUK YUN, AND SEUNGWON CHOI, HANYANG UNIVERSITY, SEOUL, KOREA
RAMESH CHEMBIL PALAT AND JEFFREY H. REED,
VIRGINIA POLYTECHNIC INSTITUTE AND STATE UNIVERSITY
Posted by Wawan Setiyawan at 4:39 PM 0 comments
Labels: ,

THE UBISENSE SMART SPACE PLATFORM

Abstract. Ubisense has developed a platform for building Smart Space applications. The platform addresses the key requirements for building Smart Spaces: accurate 3D positioning, scalable realtime performance, development and deployment tools. This paper deepens the key requirements and describes how the Ubisense platform components meets them. The demonstration exemplifies the smart space platform by tracking players in a game application.

The Ubisense Smart Space Platform
Ubisense has developed a platform for building Smart Space applications. Our platform addresses
the key requirements for building Smart Spaces:
􀁸 Accurate 3D positioning supports applications that can perceive the physical relationships
between people and objects in the environment
􀁸 Scalable real-time performance enables arbitrary numbers of applications, used by arbitrary
numbers of people over an arbitrarily-large area
􀁸 Development and deployment tools make it easy to design, implement, and manage Smart
Space applications.
The demonstration shows a Smart Space containing applications that integrate with external
software (a simple game that users control by moving around), and devices (a PTZ camera that
keeps users in shot while they are playing the game) 

This paper describes the components of the Ubisense platform and how they relate to the
requirements above.


Pete Steggles, Stephan Gschwind1

Posted by Wawan Setiyawan at 3:54 PM 0 comments
Labels: ,

Context-aware Dynamic Access Control for Pervasive Applications

Abstract
As computing technology becomes more pervasive and mobile services are deployed, applications will need flexible access control mechanisms. Unlike traditional approaches for access control, access decisions for these applications will depend on the combination of the required credentials of users and the context and state of the system. In this paper, we extend the role-based access control model to provide dynamic context-aware access control for pervasive applications. The operation of the presented model is illustrated.

Keywords: security, access control, context-aware, pervasive computing, role based.

Introduction
Pervasive computing and communication technologies are rapidly weaving themselves into the fabrics of everyday life and have the potential for fundamentally redefining the way we interact with information, each other, and the world around us. The proliferation of smart gadgets, mobile devices, PDAs and sensors has enabled the construction of pervasive computing environments, transforming regular physical spaces into intelligent spaces [4]. Such intelligent spaces provide services and resources that users can access and interact with via personal portable devices such as a PDA using short-range wireless communications such as Bluetooth or IEEE 802.11. The resulting anytime-anywhere access infrastructures is enabling a new generation of applications that can leverage this pervasive information Grid to continuously manage, adapt and optimize. One example of such an application is the Aware Home project at Georgia Institute of Technology [7]. Sensors in the home can capture, process and store a variety of information about its residents and their activities, enabling the Aware Home application
to detect and respond to events in the room. Another application is the Intelligent Room project at MIT. In this application, computers are embedded in a room so that people can interact with computers the way they do with other people, using speech, gesture, movement and context [9].
Other applications are described in [2, 6]. Such pervasive applications are characterized by continuous pervasive access to information, resources and services and ad hoc, dynamic interactions between participating entities, and lead to significant research challenges.
One key challenge in pervasive applications is managing security and access control. Access Control List (ACL) is a very commonly used access control mechanism. In this approach, permission to access resources or services is moderated by checking for membership in the access control list associated with each object. However, this strategy is inadequate for pervasive applications as it does not consider context information. In a pervasive environment, users are mobile and typically access resources (information, services, sensors, etc.) using mobile devices. As a result the context of a user (i.e. location, time, system resources, network state, network security configuration, etc.) is highly dynamic, and granting a user access without taking the user’s current context into account can compromise security as the user’s access privileges not only depend on “who the user is” but also on “where the user is” and “what is the user’s state and the state of the user’s environment”.
As a result, even an authorized user can damage the system as the system may have different security requirement within different contexts. Traditional access control mechanisms such as access control list break down in such an environments and a fine-grained access control mechanism that changes the privilege of a user dynamically based on context information is required. Although a lot of work has been done in the area of access control, most of this work is user-centric, where only  credentials of the user are considered when granting access permission. Relatively little research has been done to combine
context information with credentials while making access control decisions. The existing research however does not address pervasive applications where context is dynamic and a user’s privileges must continuously adapt based on the context.
This paper presents a dynamic context-aware access control mechanism that dynamically grants and adapts permissions to users according to current context. The proposed mechanism extends the role based access control (RBAC) model [1], while retaining its advantages (i.e. ability to define and manage complex security policies). The model dynamically adjusts Role Assignments  and Permission Assignments  based on context information. In our approach, each user is assigned a role subset (by the authority service) from the entire role set. Similarly the resource has permission subsets for each role that will access the resource. During a secure interaction, state machines are maintained by delegated access control agents at the subject (Role State Machine ) to navigate the role subset, and the object (Permission
State Machine ) to navigate the permission subset for each active role. The state machine consists of state variables (role, permission), which encode its state, and commands, which transform its state. These state machines define the currently active role and its assigned permissions and navigate the role/permission subsets to react to changes in the context.
The rest of this paper is organized as follows: Section 2 presents background and related work. Section 3 outlines a motivating application. Section 4 presents the proposed dynamic context-aware access control model. Section 5 presents a short discussion about the model and its implementation. Section 6 concludes the paper.

Guangsen Zhang, Manish Parashar
The Applied Software Systems Laboratory
Department of Electrical and Computer Engineering,
Rutgers University,
fgszhang,parasharg@caip.rutgers.edu

Posted by Wawan Setiyawan at 3:43 PM 0 comments
Labels: ,

DISTRIBUTION EXPANSION PROBLEM REVISITED. PART 1 CATEGORICAL ANALYSIS AND FUTURE DIRECTIONS

Abstract
In this paper, previous contributions of the past 40 years in the area of distribution expansion planning are categorically analyzed. The primary focus would be the multistage formulations. Shortcomings form a practical point of view, for the techniques and solutions in each category are identified and discussed. Significant shortcomings are summarized and tabulated to serve as goals for future research.
Key words: Power system planning, Distribution expansion, shortcomings, future directions.

Introduction
While growth of electric energy demand has recently slowed, there will continue to be a need to expand facilities for the foreseeable future. Various plans to timely meet this demand growth, are continually studied for all major components of the electrical systems namely, generation, transmission, and finally distribution. In general, the primary goal in any system expansion is to timely meet the growth of demand in the most economical, reliable, and safe manner possible. Of course, safety and reliability introduce certain operational regulations and constraints that are different in distribution systems than other systems, and therefore must be considered in the expansion plans.
This general description of the expansion problems is somewhat independent of many other issues facing the both the suppliers and the users of electrical energy. For example, consider the deregulation issue, which is an attempt to promote better competition among the suppliers by giving more choices to the users. Although deregulation will impact the supplies' planning strategies, it cannot however, contain or limit the growth in demand or the system expansion in the global sense.
To correctly formulate any problem, a precise problem definition is necessary. In fact, solution set for the
problem is greatly reduced and the search algorithm to find it is more intelligently directed once the problem is clearly understood. Design criteria, and assumption statements are equally important element of a good formulation. Once the problem is clearly defined, design criteria has been set, and proper assumptions made, then a choice of an appropriate model, and application to a solution procedure would be in order.
The first paper about distribution planning optimization is attributed to [1] in 1960. Since this paper, there have been numerous publications in this area. References [2-56] are some selected examples of the significant published contributions. We begin with a systematic categorization and identification of common terminology among all previous research. Then, the shortcomings are identified and analyzed which subsequently narrows the focus to a smaller class for consideration. For the sake of completeness, we find it necessary to categorize the previous work along two lines. The first will be based on the optimization methods used, and the second will be based the application for example, the different approaches in problem identification and objectives. Some subdivision in each class will be done as needed to narrow the focus to the particular area of interest.

I - Categorization based on Optimization Methods
In so far as the distribution system expansion is concerned, optimization methods used may be divided in
to two distinct categories.
1 – Mathematical programming methods
2 – Heuristic methods, including expert systems and evolutionary algorithms
It is interesting to note that nearly all of the earlier research (1970s and 1980s) utilized mathematical programming algorithms, where as, almost all of the more recent work has been centered around the heuristic techniques, predominantly the Genetic Algorithms (GA) [13-26].

MOHAMMAD VAZIRI                                    KEVIN TOMSOVIC                                     TURAN GÖNEN
Department of EECS                                         Department of EECS                                    Department of EEE
Washington State University                          Washington State University                      California State University
Pullman WA 99163 USA                                 Pullman WA 99163 USA                             Sacramento CA 95826 USA
mvaziri@eecs.wsu.edu                                      tomsovic@eecs.wsu.edu                             gonen@ecs.csus.edu

Posted by Wawan Setiyawan at 2:48 PM 0 comments
Labels:

INTEGRATION OF PHOTOVOLTAIC POWER SYSTEMS IN HIGH-PENETRATION CLUSTERS FOR DISTRIBUTION NETWORKS AND MINI-GRIDS


 ABSTRACT 
This paper presents the results to date on international experience and measurement campaigns on power quality analyses and the examination of grid stability of electric networks with high penetration of photovoltaic (PV) generation. Field data from participating International Energy Agency (IEA) member countries that are part of R&D collaboration within the IEA Photovoltaic Power Systems (PVPS) implementing agreement are reviewed. Inherent characteristics and network configurations employed worldwide in several grid-connected PV clusters and autonomous PV mini-grids developments are discussed and major observations on power quality impacts are summarized. The focus of the paper is to summarize information on the current knowledge and previous experiments with these systems to identify areas for further investigation and technology enhancement that enable development of high penetration PV networks. In addition, the results from voltage analysis case studies are presented. The studies consider effects of design practices and location selection on rate of change of the voltage caused by load and generation variations in the PV cluster. This supports the work plan of the new IEA PVPS Task group 11 on PV-hybrid systems within mini-grids. 
SOMMAIRE 
Cet article présente les résultats obtenus à ce jour dans le cadre d’expériences internationales portant sur des analyses de la qualité d’onde et de la stabilité des réseaux électriques dans un contexte de haute pénétration de systèmes photovoltaïques sur le réseau de distribution. En particulier, nous avons fait une revue de données recueillies par les membres participant au programme sur les systèmes photovoltaïque (PVPS) de l'Agence international de l’énergie (AIE). Les caractéristiques et configurations des réseaux typiquement utilisés dans de nombreux systèmes PV regroupés ou en mini-réseau autonome sont rapportées et mises en contexte. Le but de cette revue est de faire un sommaire des résultats obtenus à ce jour et d’identifier de nouvelles pistes qui méritent d’être étudiées davantage. De plus, on y présente les résultats d’études de cas sur l’analyse de la tension. Ces études considèrent les effets des pratiques de conception et du choix de l’emplacement sur le taux de changement de la tension causé pas les variations de charge et de génération à l’intérieur d’un secteur comportant une haute concentration de systèmes PV. Cette étude fait partie intégrante du nouveau plan du groupe de travail 11 de l’AIE PVPS qui étudie les systèmes hybrides photovoltaïques dans les mini-réseaux. 


1. INTRODUCTION 
The installed capacity of photovoltaic (PV) generation sources in grid-connected applications in countries participating in the International Energy Agency (IEA) implementation agreement on Photovoltaic Power Systems (PVPS) exceeded 2000 MW in 2005 [1]. Rooftop mounted PV installation on residential houses and building-integrated PV installation for commercial customers are supported by incentives in many countries. 
The experience gained integrating PV into the distribution grid can provide useful guidelines for the integration of other distributed energy resource (DER) technologies in the future. 
The IEA PVPS is one of the collaborative research and development (R&D) implementing agreements within the IEA. It is mainly focused on conducting joint projects in the application of photovoltaic energy conversion systems and investigation of technical/non-technical operating issues of PV systems. The PVPS program has been a pioneer in studying the impact of high penetration levels of PV on the distribution network. Some of the previous projects and collaborative studies that considered high penetration of PV systems are: impact study of increase in power penetration for grid-connected PV systems on voltage profile of the networks [2], probability assessment of islanding occurrence in the grid-connected low voltage networks [3], and analysis of the risk involved in islanding of low voltage networks [4]. 
The recently established IEA PVPS Task 11 working group aims to undertake research and studies on the issues involved in design, control, and implementation of PV hybrid systems within mini-grids, [5]. The mini-grids may operate autonomously (e.g. rural electrification applications), or may interconnect with the utility grid, but have the ability to isolate and operate autonomously. Since PV penetration in mini-grids may be quite high, particularly a significant portion of the load is assumed to be supplied by PV when operating autonomously, Task 11 is interested in the power quality effects of high penetration and the planning and design requirements to mitigate these effects. Table 1 shows the proposed scope of the IEA PVPS Task 11, [5]. Neither the PV cluster nor the remote community mini-grid completely represents the mini-grid of the future, which will operate in both autonomous and utility interconnected modes to supply multiple users. However, experimental knowledge and field demonstration cases for mini-grid systems that operate in both autonomous and utility interconnected mode are very limited. Hence, the study and identification of common operating problems for PV clusters and existing remote mini-grids can build the knowledge-base for the PV mini-grids of the future. 



 Farid Katiraei1, Konrad Mauch2, Lisa Dignard-Bailey
1. CANMET Energy Technology Center-Varennes 
1615 Lionel-Boulet Blvd., P.O. Box 4800, 
Varennes, QC, Canada, J3X 1S6 
*E-mail: farid.katiraei@nrcan.gc.ca 2. KM Technical Services 
Vancouver, BC, 
Canada 
E-mail: konrad.mauch@ieee.org 


Posted by Wawan Setiyawan at 2:37 PM 0 comments
Labels: ,

Design on SCADA Test-bed and Security Device

Abstract
Most of the national critical key infrastructure, such as power, piped gas and water supply facilities, or the high-speed railroad, is run on the SCADA (Supervisory Control and Data Acquisition) system. Recently, concerns have been raised about the possibility of these facilities being attacked by cyber terrorists, hacking, or viruses. Thus, it is time to adopt the relevant security management techniques.
This study analyzes the vulnerabilities of SCADA systems through scenarios, designs a test-bed to prove such vulnerabilities, and suggests security devices..
Keyword: SCADA Test-bed, SCADA Security Device, Modbus Serial Communication 

1. Introduction
The rapid development of information-communication technology in recent years has allowed large-scale facilities such as a railway, a power system, and a power plant to be operated by control systems. A control system is a computer-based system adopted by a number of infrastructure facilities and industries in order to monitor or control delicate processes as well as physical functions. The system collects data from the field and sensors, displays information, and executes sequential commands of local/remote devices. Such large- scale plant networks, based on the control systems, are mainly operated by the government and designated as key infrastructure facilities. What they have in common is that every device is connected with each other or with an external device to make possible remote access/control and equipped with the interactive communication environment for operating systems and giving commands. This environment in a broad sense is called SCADA (Supervisory Control and Data Acquisition), a kind of a control system including DCS (Distributed Control System) which is applied to plants executing distributed processes.
Most governments operate SCADA systems in closed networks and use a vendor’s own operation systems/protocols, which makes the systems safe from cyber-attacks. However, when the need for maximum efficiency or external service arises, attempts will be made to connect the systems to the Internet or commercial networks. This allows the public to share all the information operated by the government but the system could be vulnerable to fatal damage [1] inflicted by hackers.
The previous operation of key infrastructure facilities was safe from hackers because of local control, exclusive lines, real-time operation systems, private protocols, terminal PLC, and so on. Yet, more efficient management may need to introduce centralized remote control, TCP/IP network-based protocols, and PCs with common operation systems, which increases security problems [2]. Table 1 shows the comparison of control and information networks.
The SCADA systems have been operated for infrastructure based on closed networks. However, if aging systems are replaced by new internet worked units, it may cause serious vulnerabilities to threats of hackers.
Recent cyber threats tend to increasingly focus on SCADA systems, and once the system is attacked, the damage affects a multitude of people and national reputation is severely impaired. As hacking skills become more intelligent, preventive security measures shall be highlighted even more. For example, Gartner’s report [3] released in January 2004 pointed out serious vulnerabilities of major infrastructure facilities such as railway, power system networks, a power plant and a dam. That is, development of IP technology increases security threats to SCADA systems, making them a major target of cyber attacks since 2005. Originally, SCADA systems are operated in closed networks, safe from hackers who attempt remote access, but business rationalization calls for use of the Internet and common controllers using TCP/IP, exposed to fatal damage that hacking tools may incur [4].
Thus, this study is aimed to analyze the vulnerabilities of SCADA systems through virtual scenarios, design a test-bed to verify such vulnerabilities, and suggest security devices.

Sungmo Jung, Jae-gu Song, Seoksoo Kim
Department of multimedia, Hannam University, Korea SungmoJ@Gmail.com, bhas9@paran.com, sskim@hnu.kr




Posted by Wawan Setiyawan at 4:06 AM 0 comments
Labels: , , ,

Improving Security for SCADA Control Systems

Executive Summary
The continuous growth of cyber security threats and attacks including the increasing sophistica- tion of malware is impacting the security of critical infrastructure, industrial control systems, and
Supervisory Control and Data Acquisition (SCADA) control systems. The reliable operation of modern infrastructures depends on computerized systems and SCADA systems. Since the emer- gence of Internet and World Wide Web technologies, these systems were integrated with business systems and became more exposed to cyber threats. There is a growing concern about the security and safety of the SCADA control systems. The Presidential Decision Directive 63 document es- tablished the framework to protect the critical infrastructure and the Presidential document of 2003, the National Strategy to Secure Cyberspace stated that securing SCADA systems is a na- tional priority.The critical infrastructure includes telecommunication, transportation, energy, banking, finance, water supply, emergency services, government services, agriculture, and other fundamental systems and services that are critical to the security, economic prosperity, and social well-being of the public. The critical infrastructure is characterized by interdependencies (physi- cal, cyber, geographic, and logical) and complexity (collections of interacting components). Therefore, information security management principles and processes need to be applied to SCADA systems without exception. Critical infrastructure disruptions can directly and indirectly affect other infrastructures, impact large geographic regions, and send ripples throughout the na- tional and global economy. For example, under normal operating conditions, the electric power infrastructure requires fuels (natural gas and petroleum), transportation, water, banking and fi- nance, telecommunication, and SCADA systems for monitoring and control.
In this paper, we provide an analysis of key developments, architecture, potential vulnerabilities, and security concerns including recommendations toward improving security for SCADA control systems. We discuss the most important issues concerningthe security of SCADA systems in- cluding a perspective on enhancing security ofthese systems. We briefly describe the SCADA architecture, and identify the attributes that increase the complexity of these systems including the key developments that mark the evolution of the SCADA control systems along with the growth of potential vulnerabilities and security concerns. Then, we provide recommendations toward an enhanced security for SCADA control systems. More efforts should be planned on reducing the vulnerabilities and improving the security operations of these systems. It is necessary to address
not only the individual vulnerabilities, but thebreadthofrisksthatcaninterfere with critical operations.
We describe key requirements and fea- tures needed to improve the security of the current SCADA control systems. For example, in assessing the risk for SCADA systems, use of general meth- ods for risk analysis including specific conditions and characteristics of a control system needto be applied. Effective risk analysis for SCADA systems requires a unified definition for mishap and identification of potential harm to safety. As computer systems are more integrated, the distinction between security and safety is beginning to disappear. In bridging the gap between these domains, we propose a unified risk framework which combines a new definition of mishap with an expanded definition of hazard to include the security event.
However, methods for risk management that are based on automated tools and intelligent tech- niques are more beneficial to SCADA systems because they require minimum or no human inter- vention in controlling the processes. We also identify a unified security/safety risk framework for control systems. Implementing security features ensures higher security, reliability, and availabil- ity of control systems. Thus organizations need to reassess the SCADA control systems and risk model to achieve in depth defense solutions for these systems. The increasing threats against SCADA control systems indicate that there should be more directions in the development of these systems.Therefore, achieving better quality and more secure SCADA control systems is a high priority.
Information security management principles and processes needto be applied to SCADA systems without exception. We conclude with a thought about the future of SCADA control systems. A strategy to deal with cyber attacks against the nation’s critical infrastructure requires first under- standingthe full natureofthethreat. A depth defense andproactive solutionstoimprovethe se- curity of SCADA control systems ensures the future of control systems and survivability of criti- cal infrastructure.

Keywords: industrial control system, SCADA control system, cyber security, critical infrastruc- ture, requirements, risk management, security framework.

Introduction
Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS), and other smaller control system configurations including skid-mounted Programmable Logic Controllers (PLC) are often found in the industrial sectors and critical infrastructures. These are also known under a general term, Industrial Control System (ICS). A control system is a device or set of devices to manage, command, direct, or regulate the behavior of other devices or systems. ICSs are typically used in industries such as electrical, water, oil and gas, and chemical including experimental and research facilities such as nuclear fusion laboratories. The reliable operation of modern infrastructures depends on computerized systems and SCADA sys- tems.
The Presidential Decision Directive 63 document established the framework to protect the critical infrastructure and the Presidential document of 2003, the National Strategy to Secure Cyberspace statedthat securing SCADA systems is a national priority.
The critical infrastructure includes telecommunication,transportation, energy, banking, finance, water supply, emergency services, government services, agriculture, and other fundamental sys-
tems and services that are critical to the security, economic prosperity, and social well-being of the public. The critical infrastructure is characterized by interdependencies (physical, cyber, geo- graphic, and logical) and complexity (collections of interacting components). Cyber interdepend- encies are a result of the pervasive computerization and automation of infrastructures (Rinaldi, Peerenboom, & Kelly, 2001). The critical infrastructure disruptions can directly and indirectly affect other infrastructures, impact large geographic regions, and send ripples throughout the na- tional and global economy. For example, under normal operating conditions, the electric power infrastructure requires fuels (natural gas and petroleum), transportation, water, banking and fi- nance, telecommunication, and SCADA systems for monitoring and control.
74There is a growing concern about the security and safety of the SCADA control systems in terms of vulnerabilities, lack of protection, and awareness (Byres & Franz, 2005; Byres, Hoffman & Kube, 2006).Therefore, information security management principles and processes need to be appliedto SCADA systems without exception.
This paper provides a relevant analysis of most important issues and a perspective on enhancing security of these systems. The rest of this paper is organized in sections as follows: next section provides an overview ofthe SCADA architecture. Then, in the following section, we describe key developments that mark the evolution of the SCADA control systems along with the increase of potential vulnerabilities and security concerns. In the next section, we provide recommenda- tions toward an enhanced security for SCADA control systems. We describe key requirements and features needed to improve the security of the current SCADA control systems. We conclude with a thought about the future of SCADA control systems.

Mariana Hentea Excelsior College, Albany, NY, USA
mhentea@excelsior.edu

Posted by Wawan Setiyawan at 3:55 AM 0 comments
Labels: , , ,
Subscribe to: Comments (Atom)