A Survey on Security Challenges and Research Opportunities in Smart Grid based SCADA Systems
A. W. Mir1 , K. R. Ram Kumar2
Section:Survey Paper, Product Type: Journal Paper
Volume-7 ,
Issue-3 , Page no. 689-706, Mar-2019
CrossRef-DOI: https://doi.org/10.26438/ijcse/v7i3.689706
Online published on Mar 31, 2019
Copyright © A. W. Mir, K. R. Ram Kumar . This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
View this paper at Google Scholar | DPI Digital Library
How to Cite this Paper
- IEEE Citation
- MLA Citation
- APA Citation
- BibTex Citation
- RIS Citation
IEEE Style Citation: A. W. Mir, K. R. Ram Kumar, “A Survey on Security Challenges and Research Opportunities in Smart Grid based SCADA Systems,” International Journal of Computer Sciences and Engineering, Vol.7, Issue.3, pp.689-706, 2019.
MLA Style Citation: A. W. Mir, K. R. Ram Kumar "A Survey on Security Challenges and Research Opportunities in Smart Grid based SCADA Systems." International Journal of Computer Sciences and Engineering 7.3 (2019): 689-706.
APA Style Citation: A. W. Mir, K. R. Ram Kumar, (2019). A Survey on Security Challenges and Research Opportunities in Smart Grid based SCADA Systems. International Journal of Computer Sciences and Engineering, 7(3), 689-706.
BibTex Style Citation:
@article{Mir_2019,
author = {A. W. Mir, K. R. Ram Kumar},
title = {A Survey on Security Challenges and Research Opportunities in Smart Grid based SCADA Systems},
journal = {International Journal of Computer Sciences and Engineering},
issue_date = {3 2019},
volume = {7},
Issue = {3},
month = {3},
year = {2019},
issn = {2347-2693},
pages = {689-706},
url = {https://www.ijcseonline.org/full_paper_view.php?paper_id=3903},
doi = {https://doi.org/10.26438/ijcse/v7i3.689706}
publisher = {IJCSE, Indore, INDIA},
}
RIS Style Citation:
TY - JOUR
DO = {https://doi.org/10.26438/ijcse/v7i3.689706}
UR - https://www.ijcseonline.org/full_paper_view.php?paper_id=3903
TI - A Survey on Security Challenges and Research Opportunities in Smart Grid based SCADA Systems
T2 - International Journal of Computer Sciences and Engineering
AU - A. W. Mir, K. R. Ram Kumar
PY - 2019
DA - 2019/03/31
PB - IJCSE, Indore, INDIA
SP - 689-706
IS - 3
VL - 7
SN - 2347-2693
ER -
VIEWS | XML | |
431 | 232 downloads | 117 downloads |
Abstract
Supervisory Control and Data Acquisition (SCADA) systems have emerged as critical systems of national importance in the recent times due to their deployments at critical infrastructures. Since SCADA systems are of critical importance and being high value targets, these systems attract large interest for being target for security fissures. SCADA systems security exemplifies a critical challenge in present world. High profile cyber security threats are the recent phenomenon, yet the systems running critical industrial processes are typically a generation older. There are many legacy systems that may be vulnerable to cyber-attack because cyber security was simply not a consideration at the time of initial design and implementation stages. The security of even recently deployed systems may also pose a challenge. This paper explores and discusses the security challenges, publication trends in terms of graphical representation, and research opportunities in the SCADA system.
Key-Words / Index Term
SCADA, Smart Grid, Publication Trends, Security Challenges, Threats
References
[1]. Khurana, H., Hadley, M., Lu, N., & Frincke, D. A. (2010), ‘Smart-grid security issues’. IEEE Security & Privacy, vol. 8, no. 1.
[2]. Delgado, V., Martins, J. F., Lima, C., & Borza, P. N. (2015), ‘Smart grid security issues’, Proceedings of IEEE 9th International Conference on Compatibility and Power Electronics, pp. 534-538.
[3]. Sullivan, D., Luiijf, E., & Colbert, E. J. (2016), ‘Components of industrial control systems’, Advances in Information Security, Springer International Publishing, vol. 66, pp. 15-28.
[4]. Tan, S., De, D., Song, W. Z., Yang, J., & Das, S. K. (2017), ‘Survey of Security Advances in Smart Grid: A Data Driven Approach’. IEEE Communications Surveys & Tutorials, vol. 19, no. 1, pp. 397-422.
[5]. Mo, Y., Kim, T. H. J., Brancik, K., Dickinson, D., Lee, H., Perrig, A., & Sinopoli, B. (2012), ‘Cyber–physical security of a smart grid infrastructure’, Proceedings of the IEEE, vol. 100, no. 1, pp. 195-209.
[6]. Wang, W., & Lu, Z. (2013), ‘Cyber security in the Smart Grid: Survey and challenges’, Computer Networks, vol. 57, no. 5, pp. 1344-1371.
[7]. Bekara, C. (2014), ‘Security issues and challenges for the iot-based smart grid’, Procedia Computer Science, vol. 34, pp. 532-537.
[8]. Cherdantseva, Y., Burnap, P., Blyth, A., Eden, P., Jones, K., Soulsby, H., & Stoddart, K. (2016), ‘A review of cyber security risk assessment methods for SCADA systems’, Computers & Security, vol. 56, no. 1, pp. 1-27.
[9]. McBride, A. J., & McGee, A. R. (2012), ‘Assessing smart grid security’, Bell Labs Technical Journal, vol. 17, no. 3, pp. 87-103.
[10]. Safa, H. H., Souran, D. M., Ghasempour, M., & Khazaee, A. (2016), ‘Cyber security of smart grid and SCADA systems, threats and risks’, Proceedings of CIRED Workshop, pp. 245.
[11]. Korman, M., Välja, M., Björkman, G., Ekstedt, M., Vernotte, A., & Lagerström, R. (2017). ‘Analyzing the Effectiveness of Attack Countermeasures in a SCADA System’, Proceedings of ACM 2nd Workshop on Cyber-Physical Security and Resilience in Smart Grids, pp. 73-78.
[12]. Gao, J., Liu, J., Rajan, B., Nori, R., Fu, B., Xiao, Y., & Philip Chen, C. L. (2014), ‘SCADA communication and security issues’, Security and Communication Networks, vol. 7, no. 1, pp. 175-194.
[13]. Stefanov, A., Liu, C. C., Govindarasu, M., & Wu, S. S. (2015), ‘SCADA modeling for performance and vulnerability assessment of integrated cyber–physical systems’, International Transactions on Electrical Energy Systems, vol. 25, no. 3, pp. 498-519.
[14]. Kim, H. (2012), ‘Security and vulnerability of SCADA systems over IP-based wireless sensor networks’, International Journal of Distributed Sensor Networks, vol. 12, no. 268478.
[15]. Line, M. B. (2014), ‘Why securing smart grids is not just a straightforward consultancy exercise’, Security and Communication Networks, vol. 7, no. 1, pp. 160-174.
[16]. Yan, Y., Qian, Y., Sharif, H., & Tipper, D. (2013), ‘A survey on smart grid communication infrastructures: Motivations, requirements and challenges’, IEEE communications surveys & tutorials, vol. 15, no. 1, pp. 5-20.
[17]. Tawde, R., Nivangune, A., & Sankhe, M. (2015), ‘Cyber security in smart grid SCADA automation systems’, Proceedings of IEEE Innovations in Information, Embedded and Communication Systems (ICIIECS), pp. 1-5.
[18]. Ashok, A., Hahn, A., & Govindarasu, M. (2014), ‘Cyber-physical security of Wide-Area Monitoring, Protection and Control in a smart grid environment’, Journal of advanced research, vol. 5, no. 4, pp. 481-489.
[19]. Stefanov, A., & Liu, C. C. (2014), ‘Cyber-physical system security and impact analysis’, Proceedings of the 19th World Congress the International Federation of Automatic Control, vol. 47, no. 3, pp. 11238-11243.
[20]. Hawk, C., & Kaushiva, A. (2014), ‘Cybersecurity and the smarter grid’, The Electricity Journal, vol. 27, no. 8, pp. 84-95.
[21]. Rice, E. B., & AlMajali, A. (2014), ‘Mitigating the risk of cyber attack on smart grid systems’, Procedia Computer Science, vol. 28, pp. 575-582.
[22]. Sajid, A., Abbas, H., & Saleem, K. (2016), ‘Cloud-assisted IoT-based SCADA systems security: A review of the state of the art and future challenges’, IEEE Access, vol. 4, pp. 1375-1384.
[23]. Ciancamerla, E., Fresilli, B., Minichino, M., Patriarca, T., & Iassinovski, S. (2014), ‘An electrical grid and its SCADA under cyber attacks: Modelling versus a Hybrid Test Bed’, Proceedings of IEEE International Carnahan Conference on Security Technology (ICCST), pp. 1-6.
[24]. Dondossola, G., & Terruggia, R. (2015), ‘Cyber security of smart grid communications: Risk analysis and experimental testing’, Springer Berlin Heidelberg, pp. 169-193.
[25]. Zhang, Y., Wang, L., Xiang, Y., & Ten, C. W. (2015), ‘Power system reliability evaluation with SCADA cybersecurity considerations’, IEEE Transactions on Smart Grid, vol. 6, no. 4, pp. 1707-1721.
[26]. Kuzlu, M., Pipattanasompom, M., & Rahman, S. (2017), ‘A comprehensive review of smart grid related standards and protocols’, Proceedings of IEEE 5th International Smart Grid and Cities Congress and Fair (ICSG), pp. 12-16.
[27]. Ajayi, A. O., Alese, B. K., Fadugba, S. E., & Owoeye, K. (2014), ‘Sensing the Nation: Smart Grid’s Risks and Vulnerabilities’, International Journal of Communications, Network and System Sciences, vol. 7, no. 05, pp. 151-163.
[28]. Asghar, M. R., & Miorandi, D. (2012), ‘A holistic view of security and privacy issues in smart grids’, Springer, Berlin, Heidelberg, pp. 58-71.
[29]. Ionica, D., Pop, F., Popescu, N., Popescu, D., & Dobre, C. (2018). SCADA Security: Concepts and Recommendations. In International Symposium on Cyberspace Safety and Security, pp. 85-98. Springer, Cham.
[30]. Igure, V. M., Laughter, S. A., & Williams, R. D. (2006), ‘Security issues in SCADA networks’, Computers & Security, vol. 25, no. 7, pp. 498-506.
[31]. Sebastio, S., Scala, A., & D’Agostino, G. (2016), ‘Availability Study of the Italian Electricity SCADA System in the Cloud’, Springer, Cham, pp. 201-212.
[32]. Leverett, E. P. (2011), ‘Quantitatively assessing and visualising industrial system attack surfaces’. University of Cambridge, Darwin College, vol. 7.
[33]. Gold, S. (2009), ‘The SCADA challenge: securing critical infrastructure’, Network Security, vol. 09, no. 8, pp. 18-20.
[34]. Igure, V. M., Laughter, S. A., & Williams, R. D. (2006), ‘Security issues in SCADA networks’, Computers & Security, vol. 25, no. 7, pp. 498-506.
[35]. Chen, T. (2010), ‘Stuxnet, the real start of cyber warfare?’, IEEE Network, vol. 24, no. 6, pp. 2-3.
[36]. Cherdantseva, Y., Burnap, P., Blyth, A., Eden, P., Jones, K., Soulsby, H., & Stoddart, K. (2016), ‘A review of cyber security risk assessment methods for SCADA systems’, Computers & Security, vol. 56, pp. 1-27.
[37]. Idaho National Laboratory, (2011). ‘Vulnerability Analysis of Energy Delivery Control Systems’. [Online] Available at: http://energy.gov/oe/downloads/ vulnerability-analysis-energy-delivery-control-systems [Accessed 12 August 2017].
[38]. Dán, G., Sandberg, H., Ekstedt, M., & Björkman, G. (2012), ‘Challenges in power system information security’, IEEE Security & Privacy, vol. 10, no. 4, pp. 62-70.
[39]. SCADA Systems Made Simple. (2019). [online] Schneider Electric, pp. 4-11. Available at: https://www.schneider-electric.com/en/download/document/998-2095-01-19-12AR0_EN/ [Accessed 23 Jan. 2019].
[40]. Lenzini, G., Oostdijk, M., Teeuw, W., Hulsebosch, B., Wegdam, M., & Enschede, N. (2009). Trust, security, and privacy for the advanced metering infrastructure.
[41]. SCADAguardian. (2019). Retrieved from https://www.nozominetworks.com/ products/ scadaguardian/
[42]. Cherdantseva, Y., Burnap, P., Blyth, A., Eden, P., Jones, K., Soulsby, H. and Stoddart, K.. (2016). A review of cyber security risk assessment methods for SCADA systems. Computers & security, Elsevier, 56, pp.1-27.
[43]. Babu, B., Ijyas, T., Muneer, P. and Varghese, J. (2017). Security issues in SCADA based industrial control systems. In Anti-Cyber Crimes (ICACC), 2nd International Conference on (pp. 47-51). IEEE.
[44]. Fillatre, L., Nikiforov, I. and Willett, P. (2017). Security of SCADA systems against cyber–physical attacks. IEEE Aerospace and Electronic Systems Magazine, 32(5), pp.28-45.
[45]. Rosa, L., Cruz, T., Simões, P., Monteiro, E. and Lev, L. (2017). Attacking SCADA systems: a practical perspective. In Integrated Network and Service Management (IM), IFIP/IEEE Symposium, pp.741-746. IEEE.
[46]. Antón, S.D., Fraunholz, D., Lipps, C., Pohl, F., Zimmermann, M. and Schotten, H.D. (2017). Two decades of SCADA exploitation: A brief history. In Application, Information and Network Security (AINS) Conference, pp. 98-104. IEEE.
[47]. Ali, S., Al Balushi, T., Nadir, Z. and Hussain, O.K. (2018). ICS/SCADA System Security for CPS. In Cyber Security for Cyber Physical Systems, pp. 89-113. Springer, Cham.
[48]. Sun, C.C., Hahn, A. and Liu, C.C. (2018). Cyber security of a power grid: State-of-the-art. International Journal of Electrical Power & Energy Systems, vol. 99, pp. 45-56.
[49]. Hahn, A., Sun, C.C. and Liu, C.C. (2016). Cybersecurity of SCADA within Substations. Smart Grid Handbook, Wiley, pp.1-17.
[50]. Korman, M., Välja, M., Björkman, G., Ekstedt, M., Vernotte, A. and Lagerström, R. (2017). Analyzing the Effectiveness of Attack Countermeasures in a SCADA System. In Proceedings of the 2nd Workshop on Cyber-Physical Security and Resilience in Smart Grids, pp. 73-78. ACM.
[51]. El Anbal, M., El Kalam, A.A., Benhadou, S., Moutaouakkil, F. and Medromi, H. (2016). Securing SCADA Critical Network Against Internal and External Threats. In International Conference on Critical Information Infrastructures Security, pp. 328-339. Springer, Cham.
[52]. Honkus, F. (2016). Responding to Attacks on Industrial Control Systems and SCADA Systems. In Cyber-security of SCADA and Other Industrial Control Systems, pp. 305-322. Springer, Cham.
[53]. Duka, A.V., Genge, B., Haller, P. and Crainicu, B. (2017). Enforcing end-to-end security in SCADA systems via application-level cryptography. In International Conference on Critical Infrastructure Protection, pp. 139-155. Springer, Cham.
[54]. Ahmed, I., Roussev, V., Johnson, W., Senthivel, S. and Sudhakaran, S. (2016). A SCADA system testbed for cybersecurity and forensic research and pedagogy. In Proceedings of the 2nd Annual Industrial Control System Security Workshop, pp. 1-9. ACM.
[55]. Kleinmann, A., Amichay, O., Wool, A., Tenenbaum, D., Bar, O. and Lev, L. (2017). Stealthy deception attacks against SCADA systems. In Computer Security, pp. 93-109. Springer, Cham.
[56].Nazir, S., Patel, S. and Patel, D. (2017). Assessing and augmenting SCADA cyber security: A survey of techniques. Computers & Security, Elsevier, vol. 70, pp. 436-454.
[57].Tesfahun, A. and Bhaskari, D.L., (2016). A SCADA testbed for investigating cyber security vulnerabilities in critical infrastructures. Automatic Control and Computer Sciences, Springer, vol. 50(1), pp.54-62.
[58].Industrial Control System Cyber Emergency Response Team (ICS-CERT). (2019). [online] Available at: https://cset.inl.gov/SitePages/Home.aspx [Accessed 10 Jan. 2019].