Abstract
Supervisory Control and Data Acquisition (SCADA) systems are used to control and monitor the critical infrastructure such as electricity, gas, water. SCADA system networks are originally started as local control systems and have expanded to wide-area control systems. The integration of different networks leads to various cyber security vulnerabilities. Many of the SCADA systems are relatively insecure with chronic and pervasive vulnerabilities. Ever-growing threat of cyber terrorism and vulnerability of the SCADA systems is the most common subject for security researchers. With increase in both internal and external threats, it is required to analyze the impact of these attacks on SCADA system in terms of availability and performance. A testbed is needed as it is impractical to conduct any security experiments on a real SCADA system. This paper presents the experimental SCADA testbed using multi-agent framework. Simulation of attacks such as denial of service, man-in-the-middle attacks, and malwares can be conducted on testbed to analyze the impact of these attacks. Experiments have been conducted on SCADA testbed by targeting performance and availability of the system, and the results can be studied using SCADA threat analyzer (STA) and security information and event management (SIEM) tool.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Amanullah MTO, Kalam A, Zayegh A (2005) Network security vulnerabilities in SCADA and EMS. In: Transmission and distribution conference and exhibition: Asia and Pacific, 2005 IEEE/PES. IEEE
Queiroz C et al (2009) Building a SCADA security testbed. In: Third international conference on IEEE network and system security, 2009 NSS’09. IEEE
Venkatesh S, Bindhumadhava B, Bhandari A (2006) Implementation of automated grid software management tool: a mobile agent based approach. IKE
Raghu HV, Saurav SK, Bapu BS (2013) PAAS: Power aware algorithm for scheduling in high performance computing. In: Proceedings of the 2013 IEEE/ACM 6th international conference on utility and cloud computing, IEEE Computer Society
Top 10 Vulnerabilities of Control Systems and Their Associated Mitigations (2007) North American electric reliability council control systems security working group
Weiss J (2008) Key issues for implementing a prudent control system cyber security program, Electric Energy T&D Magazine (March–April 2008)
Mohagheghi S, Stoupis J, Wang Z (2009) Communication protocols and networks for power systems-current status and future trends. In: Power systems conference and exposition, 2009. PSCE’09. IEEE/PES. IEEE
Giani A et al (2008) A testbed for secure and robust SCADA systems. ACM SIGBED Rev 5(2):4
Long M, Wu C-H, Hung JY (2005) Denial of service attacks on network-based control system: impact and mitigation. IEEE Trans Ind Inf 1(2):85–96
Davis CM, Tate JE, Okhravl H, Grier C, Overbye TJ, Nicol D (2006) SCADA cybersecurity test bed development. In: Power symposium, NAPS 2006, pp 483–488
Kalluri R, Mahendra L, Senthil kumar RK, Ganga Prasad GL (2016) Simulation and impact analysis of DoS attacks on power SCADA at NPSC 2016, IIT Bhubaneswar
Abhiram A, Mahendra L, Kalluri R, Senthil kumar RK, Ganga Prasad GL (2015) Transient analysis of cyber-attacks on power SCADA using RTDS. J CPRI 11(1):77–80
Byres EJ, Franz M, Miller D (2004) The use of attack trees in assessing vulnerabilities in SCADA systems. In: Proceedings of the international infrastructure survivability workshop
Zhu B, Joseph A, Sastry S (2011) A taxonomy of cyber attacks on SCADA systems. In: Internet of things (iThings/CPSCom), 2011 international conference on and 4th international conference on cyber, physical and social computing. IEEE
The Volatility Foundation—Open Source Memory Forensics. http://www.volatilityfoundation.org/
Rowe NC (2012) Testing the national software reference library. Dig Investig 9:S131–S138
National Software Reference Library (NSRL) NSRLquery project. http://www.nsrl.nist.gov/
Spreitzenbarth M, Uhrmann J (2015) Mastering python forensics. Packt Publishing Ltd
Coppolino L et al (2011) Integration of a system for critical infrastructure protection with the OSSIM SIEM platform: a dam case study. In: International conference on computer safety, reliability, and security. Springer, Berlin
Coppolino L et al (2012) Enhancing SIEM technology to protect critical infrastructures. In: International workshop on critical information infrastructures security. Springer, Berlin
Lindorfer M, Kolbitsch C, Milani Comparetti P (2011) Detecting environment-sensitive malware. In: International workshop on recent advances in intrusion detection. Springer, Berlin
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Siddharth Rao, M., Kalluri, R., Senthil Kumar, R.K., Ganga Prasad, G.L., Bindhumadhava, B.S. (2018). Impact Analysis of Attacks Using Agent-Based SCADA Testbed. In: Pillai, R., et al. ISGW 2017: Compendium of Technical Papers. Lecture Notes in Electrical Engineering, vol 487. Springer, Singapore. https://doi.org/10.1007/978-981-10-8249-8_4
Download citation
DOI: https://doi.org/10.1007/978-981-10-8249-8_4
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-8248-1
Online ISBN: 978-981-10-8249-8
eBook Packages: EnergyEnergy (R0)