There is an increasing concern over the cyber security of Critical Infrastructures (CI) due to the increasing ability of cyber attackers to cause even catastrophic failures. It is mainly due to the pervasiveness of ICT (Information and Communication Technologies) and to the consequent de isolation of SCADA (Supervision, Control and Data Acquisition) system, which represents the nervous system of most CIs. Cyber attacks could block the connection between SCADA Control Centre and its remote devices or insert fake commands/ measurements in the equipment communications. With reference to an actual case study, constituted by a SCADA system controlling a portion of a medium voltage power grid and a corporate network, we discuss how cyber threats, vulnerabilities and attacks might degrade the functionalities of SCADA and corporate network, which, in turn, might lead to outages of the electrical grid. We represent SCADA and corporate network under malware propagation, Denial of Service and Man In The Middle attacks and predict their consequent performance degradation. Particularly, we use NetLogo to identify possible malware propagation in relation to SCADA & corporate security policies adopted from the utility and NS2 simulator to compute the consequences of the attacks on SCADA and in turn on power grid. Copyright © 2013 SCITEPRESS.

Modelling SCADA and corporate network of a medium voltage power grid under cyber attacks

Minichino, M.;Ciancamerla, E.
2013

Abstract

There is an increasing concern over the cyber security of Critical Infrastructures (CI) due to the increasing ability of cyber attackers to cause even catastrophic failures. It is mainly due to the pervasiveness of ICT (Information and Communication Technologies) and to the consequent de isolation of SCADA (Supervision, Control and Data Acquisition) system, which represents the nervous system of most CIs. Cyber attacks could block the connection between SCADA Control Centre and its remote devices or insert fake commands/ measurements in the equipment communications. With reference to an actual case study, constituted by a SCADA system controlling a portion of a medium voltage power grid and a corporate network, we discuss how cyber threats, vulnerabilities and attacks might degrade the functionalities of SCADA and corporate network, which, in turn, might lead to outages of the electrical grid. We represent SCADA and corporate network under malware propagation, Denial of Service and Man In The Middle attacks and predict their consequent performance degradation. Particularly, we use NetLogo to identify possible malware propagation in relation to SCADA & corporate security policies adopted from the utility and NS2 simulator to compute the consequences of the attacks on SCADA and in turn on power grid. Copyright © 2013 SCITEPRESS.
9789898565730
Critical infrastructure protection;Cyber attacks;Electrical grid;Interdependency analysis;SCADA
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: http://hdl.handle.net/20.500.12079/3990
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus ND
social impact