Visible to the public Analyzing the Effectiveness of Attack Countermeasures in a SCADA System

TitleAnalyzing the Effectiveness of Attack Countermeasures in a SCADA System
Publication TypeConference Paper
Year of Publication2017
AuthorsKorman, Matus, Välja, Margus, Björkman, Gunnar, Ekstedt, Mathias, Vernotte, Alexandre, Lagerström, Robert
Conference NameProceedings of the 2Nd Workshop on Cyber-Physical Security and Resilience in Smart Grids
Conference LocationNew York, NY, USA
ISBN Number978-1-4503-4978-9
Keywordscompositionality, CPS Resilience, cyber security, Human Behavior, Networked Control Systems Security, pubcrawl, resilience, Resiliency, SCADA system, SCADA systems, security, security controls, threat modeling, vulnerability assessment

The SCADA infrastructure is a key component for power grid operations. Securing the SCADA infrastructure against cyber intrusions is thus vital for a well-functioning power grid. However, the task remains a particular challenge, not the least since not all available security mechanisms are easily deployable in these reliability-critical and complex, multi-vendor environments that host modern systems alongside legacy ones, to support a range of sensitive power grid operations. This paper examines how effective a few countermeasures are likely to be in SCADA environments, including those that are commonly considered out of bounds. The results show that granular network segmentation is a particularly effective countermeasure, followed by frequent patching of systems (which is unfortunately still difficult to date). The results also show that the enforcement of a password policy and restrictive network configuration including whitelisting of devices contributes to increased security, though best in combination with granular network segmentation.

Citation Keykorman_analyzing_2017