A Study on security vulnerabilities assessment and quantification in SCADA systems

Zakuan Firdaus, Norziana Jamil, Qais Saif Qassim, Mohd Ezanee Rusli, Norhamadi Ja'affar, Maslina Daud, Hafizah Che Hasan

Research output: Contribution to journalArticle

Abstract

Supervisory Control And Data Acquisition Systems (SCADA) monitor and control industrial and critical infrastructure functions such as electricity, oil, water and natural gas production and distribution processes. Consequently, failure in the intended operation of SCADA system results in catastrophic consequences. With the increased interconnectivity of SCADA systems and the commercial availability of cloud computing, SCADA systems have increasingly adopted Internet of Things (IoT) technologies to significantly reduce infrastructure costs and increase ease of maintenance and integration. As a result, the exposure of these systems to cyber threats has increased enormously. Therefore, there is a necessity to identify, remediate and mitigate system's security vulnerabilities to protect and prevent possible attacks. This study serves two folds; firstly, different types of vulnerabilities in SCADA systems have been identified and reviewed. Secondly, two test cases have been presented to demonstrate the severity of the identified vulnerabilities on SCADA systems. This study draws attention to the impact of threat on SCADA systems and their consequences.

Original languageEnglish
Pages (from-to)1338-1346
Number of pages9
JournalJournal of Engineering and Applied Sciences
Volume13
Issue number6
DOIs
Publication statusPublished - 01 Jan 2018

Fingerprint

SCADA systems
Critical infrastructures
Cloud computing
Security systems
Natural gas
Electricity
Availability

All Science Journal Classification (ASJC) codes

  • Engineering(all)

Cite this

Firdaus, Zakuan ; Jamil, Norziana ; Qassim, Qais Saif ; Rusli, Mohd Ezanee ; Ja'affar, Norhamadi ; Daud, Maslina ; Hasan, Hafizah Che. / A Study on security vulnerabilities assessment and quantification in SCADA systems. In: Journal of Engineering and Applied Sciences. 2018 ; Vol. 13, No. 6. pp. 1338-1346.
@article{12f7ac27e04845b9a06e065c9bff4276,
title = "A Study on security vulnerabilities assessment and quantification in SCADA systems",
abstract = "Supervisory Control And Data Acquisition Systems (SCADA) monitor and control industrial and critical infrastructure functions such as electricity, oil, water and natural gas production and distribution processes. Consequently, failure in the intended operation of SCADA system results in catastrophic consequences. With the increased interconnectivity of SCADA systems and the commercial availability of cloud computing, SCADA systems have increasingly adopted Internet of Things (IoT) technologies to significantly reduce infrastructure costs and increase ease of maintenance and integration. As a result, the exposure of these systems to cyber threats has increased enormously. Therefore, there is a necessity to identify, remediate and mitigate system's security vulnerabilities to protect and prevent possible attacks. This study serves two folds; firstly, different types of vulnerabilities in SCADA systems have been identified and reviewed. Secondly, two test cases have been presented to demonstrate the severity of the identified vulnerabilities on SCADA systems. This study draws attention to the impact of threat on SCADA systems and their consequences.",
author = "Zakuan Firdaus and Norziana Jamil and Qassim, {Qais Saif} and Rusli, {Mohd Ezanee} and Norhamadi Ja'affar and Maslina Daud and Hasan, {Hafizah Che}",
year = "2018",
month = "1",
day = "1",
doi = "10.3923/jeasci.2018.1338.1346",
language = "English",
volume = "13",
pages = "1338--1346",
journal = "Journal of Engineering and Applied Sciences",
issn = "1816-949X",
publisher = "Medwell Journals",
number = "6",

}

A Study on security vulnerabilities assessment and quantification in SCADA systems. / Firdaus, Zakuan; Jamil, Norziana; Qassim, Qais Saif; Rusli, Mohd Ezanee; Ja'affar, Norhamadi; Daud, Maslina; Hasan, Hafizah Che.

In: Journal of Engineering and Applied Sciences, Vol. 13, No. 6, 01.01.2018, p. 1338-1346.

Research output: Contribution to journalArticle

TY - JOUR

T1 - A Study on security vulnerabilities assessment and quantification in SCADA systems

AU - Firdaus, Zakuan

AU - Jamil, Norziana

AU - Qassim, Qais Saif

AU - Rusli, Mohd Ezanee

AU - Ja'affar, Norhamadi

AU - Daud, Maslina

AU - Hasan, Hafizah Che

PY - 2018/1/1

Y1 - 2018/1/1

N2 - Supervisory Control And Data Acquisition Systems (SCADA) monitor and control industrial and critical infrastructure functions such as electricity, oil, water and natural gas production and distribution processes. Consequently, failure in the intended operation of SCADA system results in catastrophic consequences. With the increased interconnectivity of SCADA systems and the commercial availability of cloud computing, SCADA systems have increasingly adopted Internet of Things (IoT) technologies to significantly reduce infrastructure costs and increase ease of maintenance and integration. As a result, the exposure of these systems to cyber threats has increased enormously. Therefore, there is a necessity to identify, remediate and mitigate system's security vulnerabilities to protect and prevent possible attacks. This study serves two folds; firstly, different types of vulnerabilities in SCADA systems have been identified and reviewed. Secondly, two test cases have been presented to demonstrate the severity of the identified vulnerabilities on SCADA systems. This study draws attention to the impact of threat on SCADA systems and their consequences.

AB - Supervisory Control And Data Acquisition Systems (SCADA) monitor and control industrial and critical infrastructure functions such as electricity, oil, water and natural gas production and distribution processes. Consequently, failure in the intended operation of SCADA system results in catastrophic consequences. With the increased interconnectivity of SCADA systems and the commercial availability of cloud computing, SCADA systems have increasingly adopted Internet of Things (IoT) technologies to significantly reduce infrastructure costs and increase ease of maintenance and integration. As a result, the exposure of these systems to cyber threats has increased enormously. Therefore, there is a necessity to identify, remediate and mitigate system's security vulnerabilities to protect and prevent possible attacks. This study serves two folds; firstly, different types of vulnerabilities in SCADA systems have been identified and reviewed. Secondly, two test cases have been presented to demonstrate the severity of the identified vulnerabilities on SCADA systems. This study draws attention to the impact of threat on SCADA systems and their consequences.

UR - http://www.scopus.com/inward/record.url?scp=85046722290&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85046722290&partnerID=8YFLogxK

U2 - 10.3923/jeasci.2018.1338.1346

DO - 10.3923/jeasci.2018.1338.1346

M3 - Article

VL - 13

SP - 1338

EP - 1346

JO - Journal of Engineering and Applied Sciences

JF - Journal of Engineering and Applied Sciences

SN - 1816-949X

IS - 6

ER -