Most Read Research Articles


Warning: Creating default object from empty value in /var/www/html/sandbox.ijcaonline.org/public_html/modules/mod_mostread/helper.php on line 79

Warning: Creating default object from empty value in /var/www/html/sandbox.ijcaonline.org/public_html/modules/mod_mostread/helper.php on line 79

Warning: Creating default object from empty value in /var/www/html/sandbox.ijcaonline.org/public_html/modules/mod_mostread/helper.php on line 79

Warning: Creating default object from empty value in /var/www/html/sandbox.ijcaonline.org/public_html/modules/mod_mostread/helper.php on line 79

Warning: Creating default object from empty value in /var/www/html/sandbox.ijcaonline.org/public_html/modules/mod_mostread/helper.php on line 79
Call for Paper - May 2015 Edition
IJCA solicits original research papers for the May 2015 Edition. Last date of manuscript submission is April 20, 2015. Read More

A Concise Model to Evaluate Security of SCADA Systems based on Security Standards

Print
PDF
 
Download Full Text
International Journal of Computer Applications
© 2015 by IJCA Journal
Volume 111 - Number 14
Year of Publication: 2015
Authors:
Nasser Aghajanzadeh
Alireza Keshavarz-haddad
10.5120/19603-1450

Nasser Aghajanzadeh and Alireza Keshavarz-haddad. Article: A Concise Model to Evaluate Security of SCADA Systems based on Security Standards. International Journal of Computer Applications 111(14):1-9, February 2015. Full text available. BibTeX

@article{key:article,
	author = {Nasser Aghajanzadeh and Alireza Keshavarz-haddad},
	title = {Article: A Concise Model to Evaluate Security of SCADA Systems based on Security Standards},
	journal = {International Journal of Computer Applications},
	year = {2015},
	volume = {111},
	number = {14},
	pages = {1-9},
	month = {February},
	note = {Full text available}
}

Abstract

SCADA systems are essential for the critical infrastructures, such as electric power, oil, and gas production and distribution systems. Hence, incapacitation or destruction of SCADAs would have a debilitating impact on the defence or economic security of organizations and states. In this paper, we study fifteen SCADA cyber security standards and also assess the security of ten widely-used SCADA systems. Our investigation leads to a comprehensive categorized list of security solutions for SCADAs. This list is used to evaluate and compare security of the SCADA systems; also it will be used as model to improve the security of new SCADA systems.

References

  • A. Shahzad and S. Musa, "Cryptography and Authentication Placement to Provide Secure Channel for SCADA Communication", International Journal of Security (IJS), Volume 6, Issue 3, 2012.
  • K. Lynch, "Improving Security for SCADA Control Systems ", Interdisciplinary Journal of Information Knowledge and Management, Volume 3, 2008.
  • P. Ralston, J. Graham, J. Hieb, "Cyber security risk assessment for SCADA and DCS networks", ISA Transactions 46, April 2007.
  • A. Cagalaban, Y. So, S. Kim," SCADA Network Insecurity: Securing Critical Infrastructures through SCADA Security Exploitation", Journal of Security Engineering, Vol. 6, No. 6, 2009.
  • C. Valli "SCADA Security – Slowly Circling A Disaster Area", WORLDCOMP 2009, Security and Management Conference 2009. (pp. 613-617) Las Vegas, USA.
  • J. Ahokas, T. Guday, T. Lyytinen"Secure and Reliable Communications for SCADA Systems" INTERNATIONAL JOURNAL OF COMPUTERS AND COMMUNICATIONS, Issue 3, Volume 6, 2012.
  • R. Kumar, "Recent Advances in SCADA alarm System", International Journal of Smart Home, Vol. 4, No. 4, October, 2010.
  • J. Nordlander, " WHAT IS SPECIAL ABOUT SCADA SYSTEM CYBER SECURITY", Master Thesis, Stockholm, Sweden 2009
  • American Gas Association (AGA). Cryptographic Protection of SCADA Communications Part 1: Background, Policies and Test Plan (AGA 12, Part 1). AGA, March 2006
  • CPNI. About CPNI. CPNI, http://www. cpni. gov. uk/aboutcpni188. aspx [Accessed 17 December 2008]
  • DHS Security. History. DHS, http://www. dhs. gov/xabout/history/ [Accessed 17 December 2008]
  • DHS Cyber Security Procurement Language for Control Systems version 1. 8. DHS, February 2008
  • Department of Homeland Security (DHS) Catalog of Control Systems Security: Recommendations for Standards Developers. DHS, January 2008
  • DOE. History. DOE, http://www. energy. gov/about/history. htm [Accessed 17 December 2008]
  • Office of Energy Assurance, U. S. Department of Energy. 21 steps to Improve Cyber Security of SCADA Networks. Office of Energy Assurance, U. S. Department of Energy
  • GAO. GAO at a Glance. GAO, http://www. gao. gov/about/gglance. html [Accessed 18 December 2008]
  • GAO. Technology Assessment - Cybersecurity for Critical Infrastructure Protection. GAO, May 2004
  • IEEE. About IEEE. IEEE, http://www. ieee. org/web/aboutus/home/index. html [Accessed 17 December2008]
  • IEEE. IEEE Mission and Vision. IEEE, http://www. ieee. org/web/aboutus/visionmission. html [Accessed 17 December 2008]
  • IEEE. IEEE Standard for Substation Intelligent Electronic Devices (IEDs) Cyber Security Capabilities. IEEE, December 2007
  • IEEE. IEEE Guide for Electric Power Substation Physical and Electronic Security. IEEE, January 2000
  • International Society of Automation (ISA). ANSI/ISA–99. 00. 01–2007 Security for Industrial Automation and Control Systems Part 1: Terminology, Concepts, and Models. ISA, October 2007
  • ISA. ANSI/ISA-TR99. 00. 01-2007 Security Technologies for Industrial Automation and Control Systems. ISA, October 2007
  • ISA. ANSI/ISA—TR99. 00. 02—2004 Integrating Electronic Security into the Manufacturing and Control Systems Environment. ISA, October 2004
  • International Organization for Standardization (ISO) About ISO. ISO, http://www. iso. org/iso/about. htm [Accessed 17 December 2008]
  • ISO Information technology — Security techniques — Code of practice for information security management Final Draft. ISO, 2005
  • North American Electric Reliability Corporation (NERC). , NERC CIP-001-1 - CIP-009-1. NERC, 2006