Journal of the Korean Institute of Illuminating and Electrical Installation Engineers (조명전기설비학회논문지)

The Korean Institute of IIIuminating and Electrical Installation Engineers (한국조명전기설비학회)
권호 표지
DOI QR코드

DOI QR Code

A SCADA Testbed Implementation Architecture for Security Assessment

SCADA 시스템의 보안성 평가를 위한 테스트베드 구성

  • Received : 2010.11.03
  • Accepted : 2010.01.26
  • Published : 2010.04.30
Download PDF
⟨ Previous Next ⟩

Abstract

Supervisory Control and Data Acquisition Systems (SCADAs) is real-time monitor and control systems. SCADA systems are used to monitor or control chemical and transportation processes, in municipal water supply systems, electric power generation, transmission and distribution, gas and oil pipelines, and other distributed processes. SCADA refers to a large-scale distributed system. The supervisory control system is placed on top of a real time control system to control external processes. Emerging security technologies and security devices are decreasing the vulnerability of the power system against cyber threats. Dealing with these threats and analyzing vulnerabilities is an important task for equipment such as RTU, IED and FEP. To reduce such risks, we develop such a SCADA testbed. This paper presents the development of a testbed designed to assess the vulnerabilities SCADA networks(including serial communication).

집중 원격감시 제어 또는 감시제어 데이터 수집 시스템인 SCADA(Supervisory Control And Data Acquisition) 는 기존의 국지적인 산업용 네트워크 기반의 제어시스템이 정보통신 기술의 발전으로 광역화되면서 전력, 가스, 상하수도, 교통시스템 등 주요 기반시설에 적용되어 분산제어와 공정제어 시스템으로 사용되고 있다. SCADA 시스템의 중요성과 사고시 미치는 파급효과를 고려하여 구성 장치 및 통신 설비들에 대한 사이버 보안(cyber security) 인식이 점차 높아지고 있으며, SCADA 시스템의 취약성 분석과 보안성 확보에 대한 연구가 이루어지고 있다. 본 논문에서는 현장에서 운용중인 상용 SCADA 시스템의 계층구조와 통신 사양 및 규약을 고려하여 보안성 평가를 위한 테스트베드를 제안하고자 한다. 특히 계측 제어 명령을 수행하는 RTU, IED와 같은 단말 장치의 직렬통신 구간에서 보안성 평가를 수행하기 위한 물리적 접속과 평가 절차를 제시하였다.

Keywords

References

  1. Gordon Clarke, Deon Reynders, “PRACTICAL MODERN SCADA PROTOCOLS”, Newnes, 1 edition, September 2004.
  2. Krutz, R., “Securing SCADA Systems”, Wiley Publishing, Indianapolis, Indiana, 2006.
  3. National Infrastructure Security Coordination Centre, “The electronic Attack (eA) Threat to Supervisory Control and Data Acquisition(SCADA) Control & Automation Systems”, “NISCC Briefing 02/04, 2004.
  4. Hugh Njemanze, “SCADA Security Protections Are On The Increase”, Pipeline & Gas Journal, February 2007.
  5. 이철원, “주요 제어시설의 사이버 보안 동향”, 국가보안 기술연구소, 2007년 4월.
  6. 이철수, “원방감시제어자료수집(SCADA) 시스템 보안성 강화 방안”, 국가사이버안전센터, 사이버 시큐리티, pp.8-17, 2005년 12월호.
  7. Erik Johansson, Teodor Sommestad, Mathias Ekstedt, “SECURITY ISSUES FOR SCADA SYSTEMS. WITHIN POWER DISTRIBUTION”,.
  8. U.S. Separtment of Energy, Office of Energy Assurance, “21 Steps to Improve Cyber Security of SCADA Networks”, 2003.
  9. Information of Tenable Network Security, Inc., “Protecting Critical Infrastructure SCADA Network Security Monitoring”, August 1, 2008.
  10. Idaho National Engineering and Environmental Laboratory, Control Systems Security and Test Center, “A Comparison of Oil and Gas Segment Cyber Security Standards”, U.S. Department of Homeland Security, November 3, 2004.
  11. Centre for the Protection of National Infrastructure, PA Consulting Group, “PROCESS CONTROL AND SCADA SECURITY - GUIDE 2. IMPLEMENT SECURE ARCHITECTURE”.
  12. Julio Rodriguez, “SCADA-EMS Test Bed - INL Case Study on Current Vendor Partnerships”, Idaho National Laboratory, May 23, 2007.
  13. Annarita Giani, Gabor Karsai, Tanya Roosta, Aakash Shah, Bruno Sinopoli, Jon Wiley, “A Testbed for Secure and Robust SCADA Systems”, Special issue on the the 14th IEEE real-time and embedded technology and applications symposium (RTAS'08), Volume 5, Issue 2, Article No. 4, July 2008.
  14. C. M. Davis, J. E. Tate, H. Okhravi, C. Grier, T. J. Overbye, and D. Nicol, “SCADA Cyber Security Testbed Development”, Power Symposium, 2006. NAPS 2006. 38th North American, pp 483-488, Sept. 2006.
  15. P.A.S. Ralston, J.H. Graham, J.L. Hieb, “Cyber security risk assessment for SCADA and DCS networks”, ISA Trans. Volume 46, Issue 4, pp 583-594, October 2007. https://doi.org/10.1016/j.isatra.2007.04.003
  16. Ray Parks, Jason Hills, Sammy Smith, Tom Davis, Ana Baros, Patricia Cordeiro, “Network Security Infrastructure Testing”, Sandia National Laboratories’ Center for SCADA Security, October 12, 2005.

Cited by

  1. An Inquire into Test Bed Compositions in Assessing the Security of a Soft Redundancy Sub-Station System with Auto-Restoration vol.26, pp.7, 2012, https://doi.org/10.5207/JIEIE.2012.26.7.099