Security strategies for SCADA networks

IFIP International Federation for Information Processing

Volumn 253, Issue , 2007, Pages 117-131

  Chandia, Rodrigo ^a   Gonzalez, Jesus ^b   Kilpatrick, Tim ^a   Papa, Mauricio ^a   Shenoi, Sujeet ^a  

^a UNIVERSITY OF TULSA   (United States)

^b CITGO Petroleum   (United States)

Author keywords

Forensics; SCADA networks; Security services

Indexed keywords

EID: 36249028736     PISSN: 15715736     EISSN: None     Source Type: Book Series    
DOI: 10.1007/978-0-387-75462-8_9     Document Type: Conference Paper

References (21)

1. American Gas Association, Cryptographic Protection of SCADA Communications; Part 1: Background, Policies and Test Plan, AGA Report No. 12 (Part 1), Draft 5, Washington, DC (www.gtiservices.org/security/ AGA12Draft5r3.pdf), 2005.
2. American Gas Association, Cryptographic Protection of SCADA Communications; Part 2: Retrofit Link Encryption for Asynchronous Serial Communications, AGA Report No. 12 (Part 2), Draft, Washington, DC (www.gtiservices.org/security/aga-12p2-draft-0512.pdf), 2005.
3. American Petroleum Institute, API 1164: SCADA Security, Washington, DC, 2004.
4. M. Berg and J. Stamp, A reference model for control and automation systems in electric power, Technical Report SAND2005-1000C, Sandia National Laboratories, Albuquerque, New Mexico, 2005.
5. British Columbia Institute of Technology, Good Practice Guide on Firewall Deployment for SCADA and Process Control Networks, National Infrastructure Security Co-ordination Centre, London, United Kingdom, 2005.
6. E. Byres, J. Carter, A. Elramly and D. Ho.man, Worlds in collision: Ethernet on the plant floor, Proceedings of the ISA Emerging Technologies Conference, 2002.
7. E. Byres, M. Franz and D. Miller, The use of attack trees in assessing vulnerabilities in SCADA systems, Proceedings of the International Infrastructure Survivability Workshop, 2004.
8. E. Byres and T. Nguyen, Using OPC to integrate control systems from competing vendors, Proceedings of the Canadian Pulp and Paper Association Technical Conference, 2000.
9. D. Davis and R. Swick, Network security via private key certificates, Operating Systems Review, vol. 24, pp. 64-67, 1990.
10. J. Graham and S. Patel, Security considerations in SCADA communication protocols, Technical Report TR-ISRL-04-01, Intelligent System Research Laboratory, Department of Computer Engineering and Computer Science, University of Louisville, Louisville, Kentucky, 2004.
11. Instrumentation Systems and Automation Society, Security Technologies for Manufacturing and Control Systems (ANSI/ISA-TR99.00.01-2004), Research Triangle Park, North Carolina, 2004.
12. Instrumentation Systems and Automation Society, Integrating Electronic Security into the Manufacturing and Control Systems Environment (ANSI/ ISA-TR99.00.02-2004), Research Triangle Park, North Carolina, 2004.
13. D. Kilman and J. Stamp, Framework for SCADA security policy, Technical Report SAND2005-1002C, Sandia National Laboratories, Albuquerque, New Mexico, 2005.
14. T. Kilpatrick, J. Gonzalez, R. Chandia, M. Papa and S. Shenoi, An architecture for SCADA network forensics, in Advances in Digital Forensics II, M. Olivier and S. Shenoi (Eds.), Springer, New York, pp. 273-285, 2006.
15. K. Mandia, C. Prosise and M. Pepe, Incident Response and Computer Forensics, McGraw-Hill/Osborne, Emeryville, California, 2003.
16. Modbus IDA, MODBUS Application Protocol Specification v1.1a, North Grafton, Massachusetts (www.modbus.org/specs.php), 2004.
17. National Institute of Standards and Technology, System Protection Profile - Industrial Control Systems v1.0, Gaithersburg, Maryland, 2004.
18. K. Shanmugasundaram, H. Bronnimann and N. Memon, Integrating digital forensics in network architectures, in Advances in Digital Forensics M. Pollitt and S. Shenoi (Eds.), Springer, New York, pp. 127-140, 2005.
19. K. Shanmugasundaram, N. Memon, A. Savant and H. Bronnimann, Fornet: A distributed forensics system, Proceedings of the Second International Workshop on Mathematical Methods, Models and Architectures for Computer Network Security, 2003.
20. M. Smith and M. Copps, DNP3 V3.00 Data Object Library Version 0.02, DNP Users Group, Pasadena, California, 1993.
21. K. Stouffer, J. Falco and K. Kent, Guide to Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems Security - Initial Public Draft, National Institute of Standards and Technology, Gaithersburg, Maryland, 2006.