Towards implementing scalable and reconfigurable SCADA security testbed in power system environment

Qais Saif Qassim, Norziana Jamil, Maslina Daud, Hafizah Che Hasan

Research output: Contribution to journalArticle

Abstract

The Stuxnet appears to be the very first cyber-attack upon industrial control systems. It has forced cybersecurity providers to put a lot of attention on outdated and obsolete security countermeasures of existing critical infrastructure systems due to the poor protection and security. Investigation of the effect of an attack upon the actual system is neither recommended due to the unintended consequences nor feasible on a replicated system, mainly due to the cost and the effort involved. Therefore, the SCADA cybersecurity researchers mostly rely on developing realistic SCADA testbeds for cybersecurity exercises. With that, this paper serves three goals; first, to present an overview of the electrical power grid SCADA system, as well as to describe the potential vulnerabilities and threats. Second, this paper pinpoints varied testbed research application areas, implementation requirements, and design approaches. Lastly, a scalable and reconfigurable SCADA testbed is proposed for cybersecurity practices.

Original languageEnglish
Pages (from-to)91-120
Number of pages30
JournalInternational Journal of Critical Infrastructures
Volume15
Issue number2
DOIs
Publication statusPublished - 01 Jan 2019

Fingerprint

Testbeds
electrical power
control system
Critical infrastructures
SCADA systems
vulnerability
infrastructure
cost
Control systems
Costs
effect

All Science Journal Classification (ASJC) codes

  • Safety, Risk, Reliability and Quality
  • Environmental Science(all)
  • Energy(all)

Cite this

@article{b2610859e9c84f708efbc497988745c5,
title = "Towards implementing scalable and reconfigurable SCADA security testbed in power system environment",
abstract = "The Stuxnet appears to be the very first cyber-attack upon industrial control systems. It has forced cybersecurity providers to put a lot of attention on outdated and obsolete security countermeasures of existing critical infrastructure systems due to the poor protection and security. Investigation of the effect of an attack upon the actual system is neither recommended due to the unintended consequences nor feasible on a replicated system, mainly due to the cost and the effort involved. Therefore, the SCADA cybersecurity researchers mostly rely on developing realistic SCADA testbeds for cybersecurity exercises. With that, this paper serves three goals; first, to present an overview of the electrical power grid SCADA system, as well as to describe the potential vulnerabilities and threats. Second, this paper pinpoints varied testbed research application areas, implementation requirements, and design approaches. Lastly, a scalable and reconfigurable SCADA testbed is proposed for cybersecurity practices.",
author = "{Saif Qassim}, Qais and Norziana Jamil and Maslina Daud and {Che Hasan}, Hafizah",
year = "2019",
month = "1",
day = "1",
doi = "10.1504/IJCIS.2019.098834",
language = "English",
volume = "15",
pages = "91--120",
journal = "International Journal of Critical Infrastructures",
issn = "1475-3219",
publisher = "Inderscience Enterprises Ltd",
number = "2",

}

Towards implementing scalable and reconfigurable SCADA security testbed in power system environment. / Saif Qassim, Qais; Jamil, Norziana; Daud, Maslina; Che Hasan, Hafizah.

In: International Journal of Critical Infrastructures, Vol. 15, No. 2, 01.01.2019, p. 91-120.

Research output: Contribution to journalArticle

TY - JOUR

T1 - Towards implementing scalable and reconfigurable SCADA security testbed in power system environment

AU - Saif Qassim, Qais

AU - Jamil, Norziana

AU - Daud, Maslina

AU - Che Hasan, Hafizah

PY - 2019/1/1

Y1 - 2019/1/1

N2 - The Stuxnet appears to be the very first cyber-attack upon industrial control systems. It has forced cybersecurity providers to put a lot of attention on outdated and obsolete security countermeasures of existing critical infrastructure systems due to the poor protection and security. Investigation of the effect of an attack upon the actual system is neither recommended due to the unintended consequences nor feasible on a replicated system, mainly due to the cost and the effort involved. Therefore, the SCADA cybersecurity researchers mostly rely on developing realistic SCADA testbeds for cybersecurity exercises. With that, this paper serves three goals; first, to present an overview of the electrical power grid SCADA system, as well as to describe the potential vulnerabilities and threats. Second, this paper pinpoints varied testbed research application areas, implementation requirements, and design approaches. Lastly, a scalable and reconfigurable SCADA testbed is proposed for cybersecurity practices.

AB - The Stuxnet appears to be the very first cyber-attack upon industrial control systems. It has forced cybersecurity providers to put a lot of attention on outdated and obsolete security countermeasures of existing critical infrastructure systems due to the poor protection and security. Investigation of the effect of an attack upon the actual system is neither recommended due to the unintended consequences nor feasible on a replicated system, mainly due to the cost and the effort involved. Therefore, the SCADA cybersecurity researchers mostly rely on developing realistic SCADA testbeds for cybersecurity exercises. With that, this paper serves three goals; first, to present an overview of the electrical power grid SCADA system, as well as to describe the potential vulnerabilities and threats. Second, this paper pinpoints varied testbed research application areas, implementation requirements, and design approaches. Lastly, a scalable and reconfigurable SCADA testbed is proposed for cybersecurity practices.

UR - http://www.scopus.com/inward/record.url?scp=85063972654&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85063972654&partnerID=8YFLogxK

U2 - 10.1504/IJCIS.2019.098834

DO - 10.1504/IJCIS.2019.098834

M3 - Article

AN - SCOPUS:85063972654

VL - 15

SP - 91

EP - 120

JO - International Journal of Critical Infrastructures

JF - International Journal of Critical Infrastructures

SN - 1475-3219

IS - 2

ER -