{"title":"SCADA- sst: SCADA安全测试平台","authors":"Asem Ghaleb, Sami Zhioua, Ahmad Almulhem","doi":"10.1109/WCICSS.2016.7882610","DOIUrl":null,"url":null,"abstract":"The number of reported cybersecurity incidents on SCADA (Supervisory Control and Data Acquisition) systems increased significantly in the past few years. One contributing factor is the fact that security testing of live SCADA systems is not practical as such systems are expected to be operational 24/7. Also and most importantly, conducting live security testing on these types of systems is generally costly. A practical and cost-effective solution is to carry out security testing on a simulated version of the physical setting. The main contribution of this paper is to present a SCADA simulation environment (SCADA-SST) suitable for security testing. The simulation environment is generic, easy to setup (comes with a detailed manual), and supports hybrid architectures (involving simulated as well as physical components). We show how SCADA-SST can be used to simulate two realistic settings, namely, Water distribution and Electrical power grid. Finally, for the sake of security testing example, we show how SCADASST can be used to assess the resilience of common SCADA nodes to DOS attacks.","PeriodicalId":182326,"journal":{"name":"2016 World Congress on Industrial Control Systems Security (WCICSS)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"18","resultStr":"{\"title\":\"SCADA-SST: a SCADA security testbed\",\"authors\":\"Asem Ghaleb, Sami Zhioua, Ahmad Almulhem\",\"doi\":\"10.1109/WCICSS.2016.7882610\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The number of reported cybersecurity incidents on SCADA (Supervisory Control and Data Acquisition) systems increased significantly in the past few years. One contributing factor is the fact that security testing of live SCADA systems is not practical as such systems are expected to be operational 24/7. Also and most importantly, conducting live security testing on these types of systems is generally costly. A practical and cost-effective solution is to carry out security testing on a simulated version of the physical setting. The main contribution of this paper is to present a SCADA simulation environment (SCADA-SST) suitable for security testing. The simulation environment is generic, easy to setup (comes with a detailed manual), and supports hybrid architectures (involving simulated as well as physical components). We show how SCADA-SST can be used to simulate two realistic settings, namely, Water distribution and Electrical power grid. Finally, for the sake of security testing example, we show how SCADASST can be used to assess the resilience of common SCADA nodes to DOS attacks.\",\"PeriodicalId\":182326,\"journal\":{\"name\":\"2016 World Congress on Industrial Control Systems Security (WCICSS)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"18\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 World Congress on Industrial Control Systems Security (WCICSS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/WCICSS.2016.7882610\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 World Congress on Industrial Control Systems Security (WCICSS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/WCICSS.2016.7882610","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
The number of reported cybersecurity incidents on SCADA (Supervisory Control and Data Acquisition) systems increased significantly in the past few years. One contributing factor is the fact that security testing of live SCADA systems is not practical as such systems are expected to be operational 24/7. Also and most importantly, conducting live security testing on these types of systems is generally costly. A practical and cost-effective solution is to carry out security testing on a simulated version of the physical setting. The main contribution of this paper is to present a SCADA simulation environment (SCADA-SST) suitable for security testing. The simulation environment is generic, easy to setup (comes with a detailed manual), and supports hybrid architectures (involving simulated as well as physical components). We show how SCADA-SST can be used to simulate two realistic settings, namely, Water distribution and Electrical power grid. Finally, for the sake of security testing example, we show how SCADASST can be used to assess the resilience of common SCADA nodes to DOS attacks.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
