Visible to the public Biblio

Filters: Author is Korman, Matus  [Clear All Filters]
Korman, Matus, Välja, Margus, Björkman, Gunnar, Ekstedt, Mathias, Vernotte, Alexandre, Lagerström, Robert.  2017.  Analyzing the Effectiveness of Attack Countermeasures in a SCADA System. Proceedings of the 2Nd Workshop on Cyber-Physical Security and Resilience in Smart Grids. :73–78.

The SCADA infrastructure is a key component for power grid operations. Securing the SCADA infrastructure against cyber intrusions is thus vital for a well-functioning power grid. However, the task remains a particular challenge, not the least since not all available security mechanisms are easily deployable in these reliability-critical and complex, multi-vendor environments that host modern systems alongside legacy ones, to support a range of sensitive power grid operations. This paper examines how effective a few countermeasures are likely to be in SCADA environments, including those that are commonly considered out of bounds. The results show that granular network segmentation is a particularly effective countermeasure, followed by frequent patching of systems (which is unfortunately still difficult to date). The results also show that the enforcement of a password policy and restrictive network configuration including whitelisting of devices contributes to increased security, though best in combination with granular network segmentation.

Välja, Margus, Korman, Matus, Lagerström, Robert.  2017.  A Study on Software Vulnerabilities and Weaknesses of Embedded Systems in Power Networks. Proceedings of the 2Nd Workshop on Cyber-Physical Security and Resilience in Smart Grids. :47–52.

In this paper we conduct an empirical study with the purpose of identifying common software weaknesses of embedded devices used as part of industrial control systems in power grids. The data is gathered about the devices and software of 6 companies, ABB, General Electric, Schneider Electric, Schweitzer Engineering Laboratories, Siemens and Wind River. The study uses data from the manufacturersfi online databases, NVD, CWE and ICS CERT. We identified that the most common problems that were reported are related to the improper input validation, cryptographic issues, and programming errors.