Cyber Targets Water Management

  • Pieter BurghouwtEmail author
  • Marinus Maris
  • Sjaak van Peski
  • Eric Luiijf
  • Imelda van de Voorde
  • Marcel Spruit
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10242)


Water management is a critical infrastructure activity in The Netherlands. Many organizations, ranging from local municipalities to national departments are involved in water management by controlling the water level to protect the land from flooding and to allow inland shipping. Another important water management task is the purification of waste water and sewage. To fulfill these tasks, such organizations depend on information and communication technologies, ranging from standard office IT facilities to Industrial Control Systems (ICS), for example to control excess water pumps and locks, as well as to monitor and control water purification plants. The worldwide increase of both volume and sophistication of cyber attacks made the Dutch government decide to sponsor a project to determine a cyber security posture of the water management organizations by benchmarking the cyber security state of their water management installations and processes. In this paper we present our benchmark approach to the security of ICS. Moreover, we discuss the major results of the benchmark as well as a cyber security simulator that was developed to raise awareness and develop further knowledge on the ICS-specific issues.


Critical infrastructure protection Water management Cyber security Industrial Control System SCADA Cyber resilience Benchmark Simulator 



The Dutch government funds research by universities which aim to generate knowledge which needs to flow to both the education of next generation students and to organizations. This funding scheme is called ‘Regionale Aandacht en Actie voor Kenniscirculatie’, abbreviated RAAK which translates into English as on tar-get.


  1. 1.
    Almalawi, A., Tari, Z., Khalil, I., Fahad, A.: SCADAVT-A framework for SCADA security testbed based on virtualization technology. In: 2013 IEEE 38th Conference on Local Computer Networks (LCN), pp. 639–646. IEEE (2013)Google Scholar
  2. 2.
    Amin, S., Schwartz, G.A., Hussain, A.: In quest of benchmarking security risks to cyber-physical systems. IEEE Netw. 27(1), 19–24 (2013)CrossRefGoogle Scholar
  3. 3.
  4. 4.
    ISO: ISO/IEC 27005:2011: Information technology - security techniques - information security risk management. Technical report, ISO (2011)Google Scholar
  5. 5.
    Karnouskos, S.: Stuxnet worm impact on industrial cyber-physical system security. In: IECON 2011–37th Annual Conference on IEEE Industrial Electronics Society, pp. 4490–4494. IEEE (2011)Google Scholar
  6. 6.
    Kivity, A., Kamay, Y., Laor, D., Lublin, U., Liguori, A.: KVM: The linux virtual machine monitor. In: Proceedings of the Linux symposium, vol. 1, pp. 225–230 (2007)Google Scholar
  7. 7.
    Luiijf, E., Ali, M., Zielstra, A.: Assessing and improving SCADA security in the dutch drinking water sector. Int. J. Crit. Infrastruct. Prot. 4(3), 124–134 (2011)CrossRefGoogle Scholar
  8. 8.
    Luiijf, H.: SCADA Security Good Practices for the Drinking Water Sector. TNO, Den Haag (2008)Google Scholar
  9. 9.
    Luiijf, H., te Paske, B.J.: Cyber security of industrial control systems. Technical report, TNO (2015)Google Scholar
  10. 10.
    Macaulay, T., Singer, B.L.: Cybersecurity for industrial control systems: SCADA, DCS, PLC, HMI, and SIS. CRC Press, Boca Raton (2011)CrossRefGoogle Scholar
  11. 11.
    Mattioli, R., Moulinos, K.: Analysis of ICS-SCADA cyber security maturity levels in critical sectors. Technical report, ENISA (2015)Google Scholar
  12. 12.
    Mirkovic, J., Benzel, T.: Teaching cybersecurity with deterlab. IEEE Secur. Priv. 10(1), 73–76 (2012)CrossRefGoogle Scholar
  13. 13.
    O’Gorman, J., Kearns, D., Aharoni, M.: Metasploit: The Penetration Tester’s Guide. No Starch Press, San Francisco (2011)Google Scholar
  14. 14.
    Pfaff, B., Pettit, J., Amidon, K., Casado, M., Koponen, T., Shenker, S.: Extending networking into the virtualization layer. In: Hotnets (2009)Google Scholar
  15. 15.
    Roesch, M., et al.: Snort: Lightweight intrusion detection for networks. In: Proceedindgs of the 13th USENIX Large Installation Systems Administration Conference, LISA 1999, vol. 99, pp. 229–238. USENIX Association (1999)Google Scholar
  16. 16.

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Pieter Burghouwt
    • 1
    Email author
  • Marinus Maris
    • 1
  • Sjaak van Peski
    • 1
  • Eric Luiijf
    • 2
  • Imelda van de Voorde
    • 2
  • Marcel Spruit
    • 1
  1. 1.The Hague University of Applied SciencesThe HagueThe Netherlands
  2. 2.Netherlands Organisation for Applied Scientific Research TNOThe HagueThe Netherlands

Personalised recommendations