실시간 분산 제어시스템 보안

  • 발행 : 2014.10.31

초록

최근, 에너지, 정보통신, 방위산업, 정부, 금융 등 국가기반시설(national critical infrastructures)들에 대한 사이버 보안 위협이 급격히 증가하고 있으며 이에 대응하기 위해 미국을 비롯한 주요 국가에서는 감시제어 및 데이터 취득 시스템(SCADA: Supervisory Control and Data Acquisition)에 대한 사이버 보안에 많은 노력을 기울이고 있다. 특히, 주요 국가 기반시설은 다양한 실시간 분산 제어시스템 및 네트워크를 통해 사이버 세계(cyber world)와 물리적 세계(physical world)를 연계한다. 하지만 이 같은 역동성(dynamic), 확장성(scalability), 다양성(diversity)으로 특징지어질수 있는 실시간 분산 제어시스템간의 상호연결과 연동을 통해 구성되는 해당시설은 기존의 보안기술 적용을 통해 보안성향상을 기대할 수 없다. 따라서 본고에서는 실시간 분산 제어시스템과 다양한 네트워크로 구성되는 기반시설들을 대상으로 하는 여러 가지 보안 위협 및 특징을 소개하고 이에 대응하기 위한 전략 및 연구기술 동향을 간략히 서술한다.

키워드

참고문헌

  1. J. Eisenhauer, P. Donnelly, M. Ellis, and M. O'Brien, "Roadmap to Secure Control Systems in the Energy Sector," Energetics Incorporated, sponsored by the U.S. Department of Energy and the U.S. Department of Homeland Security, January 2006.
  2. U. S. G. A. Office, Critical infrastructure protection: Multiple efforts to secure control systems are under way, but challenges remain, Technical Report GAO-07-1036, Report to Congressional Requesters, 2007.
  3. R. J. Turk, Cyber incidents involving control systems, Technical Report INL/EXT-05-00671,Idaho National Laboratory, October 2005.
  4. L. Lamport, R. Shostak, and M. Pease, "The Byzantine Generals Problem," ACM Trans. Programming Languages and Systems 4(3), 382-401, July 1982. https://doi.org/10.1145/357172.357176
  5. J. Sykes, K. Koellner, W. Premerlani, B. Kasztenny, and M. Adamiak, "Synchrophasors: A primer and practical applications," Power Systems Conference: Advanced Metering, Protection, Control, Communication, and Distributed Resources, 2007. PSC 2007, pp.213-240, March 13-16, 2007.
  6. S. Amin, A. Cardenas, and S. Sastry, "Safe and Secure Networked Control Systems Under Denial-of-Service Attacks," Hybrid Systems: Computation and Control, Lecture Notes in Computer Science. Springer Berlin/Heidelberg, 30, pp. 31-45, April 2009.
  7. "The Smart Grid: An Introduction," prepared for the U.S. Department of Energy by Litos Strategic Communication under contract No. DE-AC26-04NT41817, Subtask 560.01.04, http://www.oe.energy.gov/DocumentsandMedia/DOE_SG_Book_Single_Pages.pdf(checked 9/21/2009).
  8. IEEE 100, The Authoritative Dictionary of IEEE Standards Terms, Seventh Edition, IEEE, 2000.
  9. M. Jamshidi, Large-Scale Systems, Series Volume 9, North-Holland Series in System Science and Engineering, Elsevier Science Publishing, Inc., pp. 103-104, 1983.
  10. H. J. Reekie and R. J. McAdam, A Software Architecture Primer, Angophora Press, Sydney, Australia, 2006.
  11. "Top 10 Vulnerabilities of Control Systems and their Associated Mitigations-2006," North American Electric Reliability Council, Control Systems Security Working Group, U.S. Department of Energy, National SCADA Test Bed Program, March 16, 2006.
  12. K. Stouffer et al., "Guide to Industrial Control Systems (ICS) Security," National Institute of Standards and Technology, U.S. Dept. of Commerce, Special Publication 800-82, Draft, September 2008.
  13. Common Cybersecurity Vulnerabilities Observed in Control System Assessments by the INLNSTB Program, INL/EXT-08-13979, Idaho National Laboratory, November 2008.
  14. R. Kisner et al., Design Practices for Communications and Workstations in Highly Integrated Control Rooms, NUREG/CR-6991, September 2009.
  15. L. Xie et al., "Data Mapping and the Prediction of Common Cause Failure Probability," IEEE Trans. on Reliability 54(2), June 2005.
  16. J. C. Cunha et al., "A Study of Failure Models in Feedback Control Systems," The International Conference on Dependable Systems and Networks (DSN), Göteborg, Sweden, 1-4 July 2001.
  17. T. Fleury et al., "Towards a Taxonomy of Attacks Against Energy Control Systems," Proceedings of the IFIP International Conference on Critical Infrastructure Protection, March 2008.
  18. P. Marti et al., "Jitter Compensation for Real-Time Control Systems," Real-Time Systems Symposium, 2001 (RTSS 2001) Proceedings, 22nd IEEE, Dec. 3-6, 2001.
  19. P. Marti et al., "An Integrated Approach to Real-time Distributed Control Systems Over Fieldbuses," pp. 177-182 in 8th IEEE International Conference on Emerging Technologies and Factory Automation, 2001 Proceedings, Vol. 1, 2001.
  20. R. Kisner et al., Design Practices for Communications and Workstations in Highly Integrated Control Rooms, NUREG/CR-6991, September 2009.