The number of reported cybersecurity incidents on SCADA (Supervisory Control and Data Acquisition) systems increased significantly in the past few years. One contributing factor is the fact that security testing of live SCADA systems is not practical as such systems are expected to be operational 24/7. Also and most importantly, conducting live security testing on these types of systems is generally costly. A practical and cost-effective solution is to carry out security testing on a simulated version of the physical setting. The main contribution of this paper is to present a SCADA simulation environment (SCADA-SST) suitable for security testing. The simulation environment is generic, easy to setup (comes with a detailed manual), and supports hybrid architectures (involving simulated as well as physical components). We show how SCADA-SST can be used to simulate two realistic settings, namely, Water distribution and Electrical power grid. Finally, for the sake of security testing example, we show how SCADASST can be used to assess the resilience of common SCADA nodes to DOS attacks.
|Title of host publication||2016 World Congress on Industrial Control Systems Security, WCICSS 2016|
|Publisher||Institute of Electrical and Electronics Engineers Inc.|
|Number of pages||6|
|State||Published - 20 Mar 2017|
|Name||2016 World Congress on Industrial Control Systems Security, WCICSS 2016|
Bibliographical noteFunding Information:
This research was supported by The National Science, Technology and Innovation Plan (NSTIP) grant, NSTIP 13-INF281-04 at King Fahd University of Petroleum and Minerals.
© 2016 IEEE.
- Industrial Control Systems
- Network attacks
- Security testing
ASJC Scopus subject areas
- Control and Systems Engineering
- Control and Optimization
- Artificial Intelligence
- Computer Networks and Communications
- Industrial and Manufacturing Engineering
- Safety, Risk, Reliability and Quality