TY - GEN
T1 - A practical SCADA testbed in electrical power system environment for cyber-security exercises
AU - Jamil, Norziana
AU - Qassim, Qais
AU - Daud, Maslina
AU - Abidin, Izham Zainal
AU - Jaaffar, Norhamadi
AU - Kamarulzaman, Wan Azlan Wan
N1 - Publisher Copyright:
© 2018 Penerbit Universiti All rights reserved.
PY - 2018
Y1 - 2018
N2 - The impact from Stuxnet worm to SCADA systems in 2010 has been one of the most significant signals of a well-coordinated cyber-Attack is now towards disrupting national critical infrastructures such as power grid governed by SCADA system. The discovery of this worm has put a lot of attention on the strength and security level of security countermeasures of existing critical infrastructure systems such as SCADA that has been long used as a legacy system. One way to assess the strength and security level of a system is through penetration testing and vulnerability assessment that would help in determining weaknesses, loopholes and potential breaches for exploitation in system defences. However, performing a real penetration test and vulnerability assessment in a real critical infrastructure system is infeasible and unlikely to happen because an unintended consequence that might occur can propagate its effect to a wider scale. On the other hand, a replicated system is also infeasible due to the high cost and huge effort required. Therefore, developing a realistic SCADA testbed is the best available option for the cyber-security exercise to take place. This paper describes in-detail a scalable and reconfigurable SCADA testbed for cyber-security analysis.
AB - The impact from Stuxnet worm to SCADA systems in 2010 has been one of the most significant signals of a well-coordinated cyber-Attack is now towards disrupting national critical infrastructures such as power grid governed by SCADA system. The discovery of this worm has put a lot of attention on the strength and security level of security countermeasures of existing critical infrastructure systems such as SCADA that has been long used as a legacy system. One way to assess the strength and security level of a system is through penetration testing and vulnerability assessment that would help in determining weaknesses, loopholes and potential breaches for exploitation in system defences. However, performing a real penetration test and vulnerability assessment in a real critical infrastructure system is infeasible and unlikely to happen because an unintended consequence that might occur can propagate its effect to a wider scale. On the other hand, a replicated system is also infeasible due to the high cost and huge effort required. Therefore, developing a realistic SCADA testbed is the best available option for the cyber-security exercise to take place. This paper describes in-detail a scalable and reconfigurable SCADA testbed for cyber-security analysis.
KW - Electric power grid
KW - SCADA security
KW - Scada testbed
KW - Vulnerability assessment
UR - http://www.scopus.com/inward/record.url?scp=85054529092&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85054529092&partnerID=8YFLogxK
M3 - Conference contribution
AN - SCOPUS:85054529092
SN - 9789834406967
T3 - Proceedings of the 6th International Cryptology and Information Security Conference 2018, CRYPTOLOGY 2018
SP - 176
EP - 188
BT - Proceedings of the 6th International Cryptology and Information Security Conference 2018, CRYPTOLOGY 2018
A2 - Min, Goi Bok
A2 - Said, Mohamad Rushdan Md.
A2 - Kamarulhaili, Hailiza
A2 - Huay, Heng Swee
A2 - Mohamad, Moesfa Soeheila
A2 - Ariffin, Muhammad Rezal Kamel
PB - Institute for Mathematical Research (INSPEM)
T2 - 6th International Cryptology and Information Security Conference 2018, CRYPTOLOGY 2018
Y2 - 9 July 2018 through 11 July 2018
ER -