TY - JOUR
T1 - A Study on security vulnerabilities assessment and quantification in SCADA systems
AU - Firdaus, Zakuan
AU - Jamil, Norziana
AU - Qassim, Qais Saif
AU - Rusli, Mohd Ezanee
AU - Ja'affar, Norhamadi
AU - Daud, Maslina
AU - Hasan, Hafizah Che
N1 - Publisher Copyright:
© Medwell Journals, 2018.
PY - 2018
Y1 - 2018
N2 - Supervisory Control And Data Acquisition Systems (SCADA) monitor and control industrial and critical infrastructure functions such as electricity, oil, water and natural gas production and distribution processes. Consequently, failure in the intended operation of SCADA system results in catastrophic consequences. With the increased interconnectivity of SCADA systems and the commercial availability of cloud computing, SCADA systems have increasingly adopted Internet of Things (IoT) technologies to significantly reduce infrastructure costs and increase ease of maintenance and integration. As a result, the exposure of these systems to cyber threats has increased enormously. Therefore, there is a necessity to identify, remediate and mitigate system's security vulnerabilities to protect and prevent possible attacks. This study serves two folds; firstly, different types of vulnerabilities in SCADA systems have been identified and reviewed. Secondly, two test cases have been presented to demonstrate the severity of the identified vulnerabilities on SCADA systems. This study draws attention to the impact of threat on SCADA systems and their consequences.
AB - Supervisory Control And Data Acquisition Systems (SCADA) monitor and control industrial and critical infrastructure functions such as electricity, oil, water and natural gas production and distribution processes. Consequently, failure in the intended operation of SCADA system results in catastrophic consequences. With the increased interconnectivity of SCADA systems and the commercial availability of cloud computing, SCADA systems have increasingly adopted Internet of Things (IoT) technologies to significantly reduce infrastructure costs and increase ease of maintenance and integration. As a result, the exposure of these systems to cyber threats has increased enormously. Therefore, there is a necessity to identify, remediate and mitigate system's security vulnerabilities to protect and prevent possible attacks. This study serves two folds; firstly, different types of vulnerabilities in SCADA systems have been identified and reviewed. Secondly, two test cases have been presented to demonstrate the severity of the identified vulnerabilities on SCADA systems. This study draws attention to the impact of threat on SCADA systems and their consequences.
KW - Attack consequences
KW - Protect
KW - Risk assessment
KW - SCADA
KW - Vulnerability assessment
KW - Vulnerability severity
UR - http://www.scopus.com/inward/record.url?scp=85046722290&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85046722290&partnerID=8YFLogxK
U2 - 10.3923/jeasci.2018.1338.1346
DO - 10.3923/jeasci.2018.1338.1346
M3 - Article
AN - SCOPUS:85046722290
SN - 1816-949X
VL - 13
SP - 1338
EP - 1346
JO - Journal of Engineering and Applied Sciences
JF - Journal of Engineering and Applied Sciences
IS - 6
ER -