ABSTRACT
The SCADA infrastructure is a key component for power grid operations. Securing the SCADA infrastructure against cyber intrusions is thus vital for a well-functioning power grid. However, the task remains a particular challenge, not the least since not all available security mechanisms are easily deployable in these reliability-critical and complex, multi-vendor environments that host modern systems alongside legacy ones, to support a range of sensitive power grid operations. This paper examines how effective a few countermeasures are likely to be in SCADA environments, including those that are commonly considered out of bounds. The results show that granular network segmentation is a particularly effective countermeasure, followed by frequent patching of systems (which is unfortunately still difficult to date). The results also show that the enforcement of a password policy and restrictive network configuration including whitelisting of devices contributes to increased security, though best in combination with granular network segmentation.
- Rikard Blom, Matus Korman, Robert Lagerström, and Mathias Ekstedt. 2016. Analyzing attack resilience of an advanced meter infrastructure reference model. In Cyber-Physical Security and Resilience in Smart Grids (CPSR-SG), Joint Workshop on. IEEE, 1--6. Google ScholarCross Ref
- Hasan Cavusoglu, Huseyin Cavusoglu, and Jun Zhang. 2008. Security patch management: Share the burden or share the damage? Management Science 54, 4 (2008), 657--670. Google ScholarDigital Library
- Mathias Ekstedt, Pontus Johnson, Robert Lagerström, Dan Gorton, Joakim Nydrén, and Khurram Shahzad. 2015. Securi cad by foreseeti: A cad tool for enterprise cyber security management. In Enterprise Distributed Object Computing Workshop (EDOCW), 2015 IEEE 19th International. IEEE, IEEE, 152--155. Google ScholarDigital Library
- Hannes Holm, Khurram Shahzad, Markus Buschle, and Mathias Ekstedt. 2015. P2CySeMoL: Predictive, Probabilistic Cyber Security Modeling Language. IEEE Transactions on Dependable and Secure Computing 12 (Nov.-Dec 2015), 626--639. Google ScholarCross Ref
- Dawid Machnicki Jaime Martín Pérez. 2013. D5.3 -- Description of developed tools and data. Technical Report. ValueSec. http://www.valuesec.eu/sites/default/files/D5.3_Description_of_developed_tools_and_data.pdfGoogle Scholar
- Matus Korman, Robert Lagerström, and Mathias Ekstedt. 2016. Modeling Enterprise Authorization: A Unified Metamodel and Initial Validation. Complex Systems Informatics and Modeling Quarterly 7 (2016), 1--24. Google ScholarCross Ref
- Matus Korman, Robert Lagerström, Margus Välja, Mathias Ekstedt, and Rikard Blom. 2016. Technology management through architecture reference models: A smart metering case. In Management of Engineering and Technology (PICMET), 2016 Portland International Conference on. IEEE, IEEE, 2338--2350. Google ScholarCross Ref
- Ralph Langner. 2011. Robust Control System Networks: How to Achieve Reliable Control After Stuxnet. Momentum Press. Google ScholarCross Ref
- Laurens Lemaire, Jorn Lapon, Bart De Decker, and Vincent Naessens. 2014. A SysML Extension for Security Analysis of Industrial Control Systems. In Proceedings of the 2Nd International Symposium on ICS & SCADA Cyber Security Research 2014 (ICS-CSR 2014). BCS, UK, 1--9. Google ScholarDigital Library
- E. LeMay, M. D. Ford, K. Keefe, W. H. Sanders, and C. Muehrcke. 2011. Model-based Security Metrics Using ADversary VIew Security Evaluation (ADVISE). In Proc. Eighth Int. Conf. Quantitative Evaluation of SysTems. 191--200. Google ScholarDigital Library
- Ibrahim N.Alateeq. 2005. Design Secure Network Segmentation Approach. Technical Report. SANS Institute. https://www.sans.org/reading-room/whitepapers/hsoffice/design-secure-network-segmentation-approach-1645Google Scholar
- U.S. Department of Homeland Security. 2016. Recommended Practice: Improving Industrial Control System Cybersecurity with Defense-in-Depth Strategies. (September 2016). https://ics-cert.us-cert.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdfGoogle Scholar
- R. S. Sandhu and P. Samarati. 1994. Access control: principle and practice. IEEE Communications Magazine 32, 9 (Sept. 1994), 40--48. Google ScholarDigital Library
- Teodor Sommestad, Mathias Ekstedt, and Hannes Holm. 2013. The Cyber Security Modeling Language: A Tool for Assessing the Vulnerability of Enterprise System Architectures. Systems Journal, IEEE 7, 3 (Sept 2013), 363--373. Google ScholarCross Ref
- US-CERT. 2014. CSET: Cyber Security Evaluation Tool. Technical Report. US Dept. of Homeland Security. https://ics-cert.us-cert.gov/sites/default/files/FactSheets/ICS-CERT_FactSheet_CSET_S508C.pdfGoogle Scholar
- An Hoa Vu, Nils Ole Tippenhauer, Binbin Chen, David M. Nicol, and Zbigniew Kalbarczyk. 2014. CyberSAGE: A Tool for Automatic Security Assessment of Cyber-Physical Systems. In Quantitative Evaluation of Systems. Springer.Google Scholar
Recommendations
A Meta Language for Threat Modeling and Attack Simulations
ARES '18: Proceedings of the 13th International Conference on Availability, Reliability and SecurityAttack simulations may be used to assess the cyber security of systems. In such simulations, the steps taken by an attacker in order to compromise sensitive system assets are traced, and a time estimate may be computed from the initial step to the ...
GVScan: Scanning Networks for Global Vulnerabilities
ARES '13: Proceedings of the 2013 International Conference on Availability, Reliability and SecurityA global vulnerability is a set of vulnerabilities in one or several nodes of an ICT infrastructure. These vulnerabilities enable some attacks that may be sequentialized so that the privileges that each attack requires are acquired through the previous ...
Reasoning about Moving Target Defense in Attack Modeling Formalisms
MTD'22: Proceedings of the 9th ACM Workshop on Moving Target DefenseSince 2009, Moving Target Defense (MTD) has become a new paradigm of defensive mechanism that frequently changes the state of the target system to confuse the attacker. This frequent change is costly and leads to a trade-off between misleading the ...
Comments