Abstract
Most of the national critical key infrastructure, such as power, piped gas and water supply facilities, or the high-speed railroad, is run on the SCADA (Supervisory Control and Data Acquisition) system. Recently, concerns have been raised about the possibility of these facilities being attacked by cyber terrorists, hacking, or viruses. Thus, it is time to adopt the relevant security management techniques.
This study analyzes the vulnerabilities of SCADA systems through scenarios, designs a test-bed to prove such vulnerabilities, and suggests security devices..
Keyword: SCADA Test-bed, SCADA Security Device, Modbus Serial Communication
1. Introduction
The rapid development of information-communication technology in recent years has allowed large-scale facilities such as a railway, a power system, and a power plant to be operated by control systems. A control system is a computer-based system adopted by a number of infrastructure facilities and industries in order to monitor or control delicate processes as well as physical functions. The system collects data from the field and sensors, displays information, and executes sequential commands of local/remote devices. Such large- scale plant networks, based on the control systems, are mainly operated by the government and designated as key infrastructure facilities. What they have in common is that every device is connected with each other or with an external device to make possible remote access/control and equipped with the interactive communication environment for operating systems and giving commands. This environment in a broad sense is called SCADA (Supervisory Control and Data Acquisition), a kind of a control system including DCS (Distributed Control System) which is applied to plants executing distributed processes.
Most governments operate SCADA systems in closed networks and use a vendor’s own operation systems/protocols, which makes the systems safe from cyber-attacks. However, when the need for maximum efficiency or external service arises, attempts will be made to connect the systems to the Internet or commercial networks. This allows the public to share all the information operated by the government but the system could be vulnerable to fatal damage [1] inflicted by hackers.
The previous operation of key infrastructure facilities was safe from hackers because of local control, exclusive lines, real-time operation systems, private protocols, terminal PLC, and so on. Yet, more efficient management may need to introduce centralized remote control, TCP/IP network-based protocols, and PCs with common operation systems, which increases security problems [2]. Table 1 shows the comparison of control and information networks.
The SCADA systems have been operated for infrastructure based on closed networks. However, if aging systems are replaced by new internet worked units, it may cause serious vulnerabilities to threats of hackers.
Recent cyber threats tend to increasingly focus on SCADA systems, and once the system is attacked, the damage affects a multitude of people and national reputation is severely impaired. As hacking skills become more intelligent, preventive security measures shall be highlighted even more. For example, Gartner’s report [3] released in January 2004 pointed out serious vulnerabilities of major infrastructure facilities such as railway, power system networks, a power plant and a dam. That is, development of IP technology increases security threats to SCADA systems, making them a major target of cyber attacks since 2005. Originally, SCADA systems are operated in closed networks, safe from hackers who attempt remote access, but business rationalization calls for use of the Internet and common controllers using TCP/IP, exposed to fatal damage that hacking tools may incur [4].
Thus, this study is aimed to analyze the vulnerabilities of SCADA systems through virtual scenarios, design a test-bed to verify such vulnerabilities, and suggest security devices.
Sungmo Jung, Jae-gu Song, Seoksoo Kim
Department of multimedia, Hannam University, Korea SungmoJ@Gmail.com, bhas9@paran.com, sskim@hnu.kr
No comments:
Post a Comment