Securing SCADA Critical Network Against Internal and External Threats

Short Paper
  • Mounia El AnbalEmail author
  • Anas Abou El Kalam
  • Siham Benhadou
  • Fouad Moutaouakkil
  • Hicham Medromi
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10242)


Supervisory control and data acquisition systems (SCADA) constitute the sensitive part of the critical infrastructures. Any successful malicious incident could cause material, human and economic damages. Thus, the security of the SCADA networks became an emergency requirement to keep the continuity of services against hostile and cyber terrorist security risks. Several studies were conducted to secure SCADA networks against internal or external threats. In this paper, we focused on protection against both internal and external threats by adopting security mechanisms as access control, availability, authentication and integrity using a secure communication protocol ModbusSec and an intelligent firewall . We adopt also the self-healing and the intrusion tolerance techniques so in case of an intrusion in the system; it will have no impact on the continuity of service and the network safety.


SCADA Threat Malicious Abnormal Authentication Availability Access control Integrity Protection Intrusion tolerance  Self-healing 


  1. 1.
    Gao, J., Liu, J., Rajan, B., Nori, R., Fu, B., Xiao, Y., Philip Chen, C.L.: SCADA communication and security issues. Sec. Commun. Netw. 7(1), 175–194 (2014)CrossRefGoogle Scholar
  2. 2.
    Psaier, H., Dustdar, S.: A survey on self-healing systems: approaches and systems. Computing 91(1), 43–73 (2011)CrossRefGoogle Scholar
  3. 3.
    Shahzad, A., Musa, S., Aborujilah, A., Irfan, M.: Secure cryptography testbed implementation for SCADA protocols security. In: 2013 International Conference on Advanced Computer Science Applications and Technologies (ACSAT), pp. 315–320. IEEE, December 2013Google Scholar
  4. 4.
    Shahzad, A., Xiong, N., Irfan, M., Lee, M., Hussain, S., Khaltar, B.: A SCADA intermediate simulation platform to enhance the system security. In: 2015 17th International Conference on Advanced Communication Technology (ICACT), pp. 368–373. IEEE, July 2015Google Scholar
  5. 5.
    Kim, B.K., Kang, D.H., Na, J.C., Chung, T.M.: Detecting abnormal behavior in SCADA networks using normal traffic pattern learning. In: Park, J., Stojmenovic, I., Jeong, H., Yi, G. (eds.) Computer Science and its Applications. Lecture Notes in Electrical Engineering, vol. 330, pp. 121–126. Springer, Heidelberg (2015). Google Scholar
  6. 6.
    Pramod, T.C., Sunitha, N.R.: An approach to detect malicious activities in SCADA systems. In: 2013 Fourth International Conference on Computing, Communications and Networking Technologies (ICCCNT), pp. 1–7. IEEE, July 2013Google Scholar
  7. 7.
    Sousa, P., Bessani, A.N., Dantas, W.S., Souto, F., Correia, M., Neves, N.F.: Intrusion-tolerant self-healing devices for critical infrastructure protection. In: IEEE/IFIP International Conference on Dependable Systems & Networks, DSN 2009, pp. 217–222. IEEE, June 2009Google Scholar
  8. 8.
    Hayes, G., El-Khatib, K.: Securing modbus transactions using hash-based message authentication codes and stream transmission control protocol. In: 2013 Third International Conference on Communications and Information Technology (ICCIT), pp. 179–184. IEEE, June 2013Google Scholar
  9. 9.
    Chen, Q., Abdelwahed, S.: Towards realizing self-protecting SCADA systems. In: Proceedings of the 9th Annual Cyber and Information Security Research Conference, pp. 105–108. ACM, April 2014Google Scholar
  10. 10.
    Blangenois, J., Guemkam, G., Feltus, C., Khadraoui, D.: Organizational security architecture for critical infrastructure. In: 2013 Eighth International Conference on Availability, Reliability and Security (ARES), pp. 316–323. IEEE, September 2013Google Scholar
  11. 11.
    Ghosh, D., Sharman, R., Raghav Rao, H., Upadhyaya, S.: Self-healing systems—survey and synthesis. Decis. Support Syst. 42(4), 2164–2185 (2007)CrossRefGoogle Scholar
  12. 12.
    Panja, B., Oros, J., Britton, J., Meharia, P., Pati, S.: Intelligent gateway for SCADA system security: a multi-layer attack prevention approach. In: 2015 IEEE International Conference on Computational Intelligence and Virtual Environments for Measurement Systems and Applications (CIVEMSA), pp. 1–6. IEEE, June 2015Google Scholar
  13. 13.
    Ameziane El Hassani, A., Abou El Kalam, A., Bouhoula, A., Abbassi, R., Ait Ouahman, A.: Integrity-OrBAC: a new model to preserve critical infrastructures integrity. Int. J. Inf. Secur. 14(4), 369–385 (2014). Google Scholar
  14. 14.
    Abou El Kalam, A., Baina, A., Deswarte, Y., Kaaniche, M.: PolyOrBAC: a security framework for critical infrastructures. Int. J. Crit. Infrastruct. Prot. (IJCIP) 2(4), 154–169 (2009). CrossRefGoogle Scholar
  15. 15.
    Veríssimo, P., Neves, Nuno F., Correia, M., Deswarte, Y., Abou El Kalam, A., Bondavalli, A., Daidone, A.: The CRUTIAL architecture for critical information infrastructures. In: de Lemos, R., Di Giandomenico, F., Gacek, C., Muccini, H., Vieira, M. (eds.) WADS 2007. LNCS, vol. 5135, pp. 1–27. Springer, Heidelberg (2008). CrossRefGoogle Scholar
  16. 16.
    Deswarte, Y.: Comment peut-on tolérer les Intrusions sur Internet? Revue de l’électricité et de l’électronique 8, 83–90 (2003)CrossRefGoogle Scholar
  17. 17.
    Huitsing, P., Chandia, R., Papa, M., Shenoi, S.: Attack taxonomies for the modbus protocol. Int. J. Crit. Infrastruc. Prot. 1, 37–44 (2008)CrossRefGoogle Scholar
  18. 18.
    Bhatia, S., et al.: Practical modbus flooding attack and detection. In: 2014 Proceedings of the ACSW-AISC, pp. 20–13 (2014)Google Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Mounia El Anbal
    • 1
    • 2
    Email author
  • Anas Abou El Kalam
    • 3
  • Siham Benhadou
    • 1
  • Fouad Moutaouakkil
    • 1
  • Hicham Medromi
    • 1
  1. 1.Systems architectures TeamHassan II University, ENSEM CasablancaCasablancaMorocco
  2. 2.IPI Paris, IGS GroupParisFrance
  3. 3.ENSA - UCAMarrakeshMorocco

Personalised recommendations