Secure SCADA framework for the protection of energy control systems

Concurrency and Computation: Practice and Experience

Volumn 23, Issue 12, 2011, Pages 1431-1442

  Alcaraz, Cristina ^a   Lopez, Javier ^a   Zhou, Jianying ^b   Roman, Rodrigo ^a  

^a UNIVERSITY OF MÁLAGA   (Spain)

^b INSTITUTE FOR INFOCOMM RESEARCH   (Singapore)

Author keywords

energy distribution and control systems; ICT systems; mobile ad hoc networks; SCADA systems; the Internet; wireless sensor networks

Indexed keywords

MOBILE AD HOC NETWORKS; MOBILE SECURITY; SCADA SYSTEMS; WIRELESS SENSOR NETWORKS;

ENERGY DISTRIBUTIONS; ICT SYSTEMS; MAIN TASKS; MONITOR AND CONTROL; SCADA SECURITY; STATE-OF-THE-ART TECHNOLOGY; SUPERVISORY CONTROL AND DATA ACQUISITION; WIRELESS TECHNOLOGIES;

NETWORK SECURITY;

EID: 80051531036     PISSN: 15320626     EISSN: 15320634     Source Type: Journal    
DOI: 10.1002/cpe.1679     Document Type: Article

References (34)

1. Peerenboom J, Fisher R,. Analyzing cross-sector interdependencies. HICSS '07: Proceedings of the 40th Annual Hawaii International Conference on System Sciences. IEEE Computer Society: Silver Spring, MD, 2007; 112-119.
2. Alcaraz C, Fernandez G, Roman R, Balastegui A, Lopez J,. Secure management of SCADA networks, new trends in network management. CEPIS UPGRADE, Novática, vol. IX (6), 2008; 22-28.
3. U.S. Department of Energy. 21 Steps to improve Cyber security of SCADA networks. White Paper, 2005.
4. Rahkonen T, Cegrell T,. A study on techniques for and user requirements on systems integration in SCADA/EMS. Royal Institute of Technology, Power Industry Computer Application Conference. IEEE, 1995; 357-362.
5. Khatib A, Dong X, Qiu B, Liu Y,. Thoughts on future internet based power system information network architecture. Virginia Tech, Power Engineering Society Summer Meeting, vol. 1. IEEE: Seattle, WA, U.S.A., 2000; 155-160.
6. ZigBee Alliance. Available at: http://www.zigbee.org/ [March 2010].
7. HART Communication Foundation. Available at: http://www.hartcomm2.org/ hart\-protocol/wireless\-hart/hart7\-overview.html [March 2010 ].
8. ISA100. Wireless Systems for Automation. Available at: http://www.isa.org/Content/NavigationMenu/Technical\-Information/ASCI/ISA100\ -Wireless\-Compliance\-Institute/ISA100\-Wireless\-Compliance\-Institute.htm [March 2010 ].
9. IEC 60870-5-101. Part 5-101: Transmission protocols - Companion standard for basic telecontrol tasks (2nd edn), International Electrotechnical Commission, 2003-02.
10. Modbus-IDA, the architecture for distributed automation. Available at: http://www.modbus.org/ [March 2010 ].
11. DNP3. DNP Users Group. Available at: http://www.dnp.org [March 2010 ].
12. IEC 60870-5-104. Part 5-104: Transmission protocols - Network access for IEC 60870-5-101 using standard transport profiles (2nd edn); 2006.
13. IEC 60870-6. Telecontrol equipment and systems. International Electrotechnical Commission. Available at: http://www.iec.ch [March 2010 ].
14. IEC-62351. Power Systems Management and Associated Information Exchange. Data and Communication Security, International Electrotechnical Commission. Available at: http://www.iec.ch [March 2010 ].
15. EPRI. DNP Security Development, Evaluation and Testing Project Opportunity. Electric Power Research Institute. Available at: http://mydocs.epri.com/docs/public/000000000001016988.pdf [March 2010 ].
16. ISO New England. DRI Project: DNP Secure Authentication. Available at: http://www.iso-ne.com/committees/comm\-wkgrps/othr/dritwg/mtrls/iso-ne\-dri\ -project\-\-dnp\-secure\-authentication\-recommendation.pdf [March 2010 ].
17. European Technology Platform. SmartGrids - Strategic Development Document for Europe's Electricity Networks of the Future, Directorate-general for Research Corporation, Energy European Commission, 2007.
18. Cardenas A, Amin S, Sastry S,. Research challenges for the security of control systems. Third USENIX Workshop on Hot Topics in Security (HotSec'08), San Jose, U.S.A., 2008.
19. BCIT. British Columbia Institute of Technology, 2009. Available at: [October 2010 ].
20. CERT. Carnegie Mellon Software Engineering Institute, CERT/CC Statistics, 1988-2009. Available at: http://www.cert.org/stats/vulnerability\-remediation. html [October 2010 ].
21. Chikuni E, Dondo M,. Investigating the security of electrical power systems SCADA. AFRICON, Windhoek 2007; 1-7.
22. Dacey R,. Critical infrastructure protection: Challenges in securing control systems, Information security issues. U.S. General Accounting Office, 2003.
23. Bialek J,. Critical interrelations between ICT and electricity system. Electricity Security in the Cyber Age: Managing the Increasing Dependence of the Electricity Infrastructure on ICT (NGInfra), Utrecht, the Netherlands, 2009.
24. NERC Power Industry Policies. IEEE Industry Applications Magazine, 2004.
25. Riptech. Understanding SCADA system security vulnerabilities. WhitePaper, Riptech, Inc., 2001.
26. Choong S,. Deregulation of the power industry in Singapore. Advances in Power System Control, Operation and Management (APSCOM), Vol. 1. IEEE, 2000; 11-32.
27. Pollet J,. Developing a solid SCADA security strategy. Sensors for Industry Conference. ISA/IEEE, 2002; 148-156.
28. Barkakati N, Wilshusen G,. Deficient ICT controls Jeorpardize systems supporting the electricity grid - A case study. Electricity Security in the Cyber Age: Managing the Increasing Dependence of the Electricity Infrastructure on ICT (NGInfra), Utrecht, The Netherlands, 2009.
29. Lopez J, Alcaraz C, Roman R,. On the protection and technologies of critical information infrastructures. On Foundations of Security Analysis and Design IV (Lecture Notes in Computer Science, vol. 4677). Springer: Berlin, 2007; 160-182.
30. Smith M,. Web-based monitoring and control for oil/gas industry, SCADA's next step forward. Pipeline and Gas Journal 2001.
31. Roman R, Lopez J,. Integrating wireless sensor networks and the Internet: A security analysis. Internet Research 2009; 19 (2): 246-256.
32. Lopez J, Montenegro J, Roman R,. Service-oriented security architecture for CII based on sensor networks. International Workshop on Security Privacy and Trust in Pervasive and Ubiquitous Computing (SecPerU'06), Lyon, France, 2006; 1-6. (Pubitemid 46028604)
33. Chang S, Chua K, Siew C, Tan T,. Power quality initiatives in Singapore. CIRED2001, Singapore, 2001.
34. Yoon K, Teo D,. Controlling and monitoring Singapore's underground grid. Computer Applications in Power 1999; 12 (4): 23-29. (Pubitemid 30524306)