Professional Documents
Culture Documents
Systems
Bijoy Babu1, Thafasal Ijyas2, Muneer. P2, Justin Varghese3
1
Department of Computer Engineering, King Khalid University, Saudi Arabia
2
Department of Electrical Engineering, King Khalid University, Saudi Arabia
3
Department of Computer Science, King Khalid University, Saudi Arabia
bbabu@kku.edu.sa, ithafasal@kku.edu.sa, mparayangat@kku.edu.sa, justin_var@yahoo.com
AbstractOngoing research and developments in architectures like distributed control systems (DCS),
modern information and communication technologies have supervisory control and data acquisition systems (SCADA),
revolutionized the design of industrial control systems (ICS). programmable logic controllers (PLC), industrial automation
There is a major domain transition from traditional and control systems (IACS) etc. In ICS, the combined activities
electromechanical systems to network based digital systems, of all the physical control elements (electromechanical,
which has indeed created a powerful interface between state-of
the-art computing technologies/paradigms and physical
hydraulic, pneumatic) result in the accomplishment of diverse
processes sought to be controlled. ICS play a critical role in the industrial goals[2]. A typical ICS comprises of remote
industrial and manufacturing sector. Major infrastructures like troubleshooting facilities, maintenance tools, a human machine
petrochemical industries, waste water treatment facilities, interface (HMI), and various control loop configurations. All
nuclear power plants, pharmaceuticals, food and beverage these are designed to work with standard network protocols.
industries etc. cannot run properly without ICS. Real-time The critical nature of ICS systems with the accompanying
processing, reliability and advanced distributed intelligence are networking and communication features demand the
some of the core characteristics of ICS which are incorporated deployment of adequate security mechanisms[4].
with the help of state-of-the-art internet communication and
computing technologies. The complex embedded coupling of
hardware and software components such as actuators, sensors
SCADA based control systems makes use of a
and the physical processes are all monitored and manipulated centralized data acquisition mechanism to supervise the field
by the communication and network protocol based controllers targets which are distributed unevenly. The integration of
like supervisory control and data acquisition (SCADA) systems, precise data acquisition, data transmission and HMI software
programmable logic controllers (PLC), distributed control aids provide monitoring and centralized control over numerous
systems (DCS) etc. The integration of these technologies makes physical processes in the field, which in fact makes SCADA
the access to ICS from the external world much easier. On the systems the most popular choice from among the ICS
other hand, this has led to many critical cyber-security issues configurations. SCADA systems are widely used in waste
also. These issues are of such a nature that they may sometimes water treatment plants, petrochemical pipelines, electrical
pose a serious threat to the safety of humans and the
environment as well. Unless managed properly, these can have
transmission lines and public transportation systems including
adverse implications for the national economy also, in terms of railways[6-9].
production losses. In this paper, we attempt to give a
comprehensive review of the unique aspects of cyber-security
issues in ICS. Specifically, we delve upon the issues of security II.SECURITY CONCERNS IN INDUSTRIAL CONTROL SYSTEMS
assessment and architectural reviewing of ICS. We also give a
brief survey on different threat attacks on ICS. An ICS may be characterized by many different
types of security issues. The operation of an ICS requires
Keywords Industrial Control; Cyber-attacks; SCADA;
transfer of critical data over the internet. Here, we encounter
many issues. One is the capability of legacy control systems to
deal with the sophisticated cyber threats of our times[3]. Many
I.INTRODUCTION of the systems have been developed and installed without
Current industrial control systems (ICS) are the giving adequate concern to these recent security issues. Also,
result of augmenting several state-of-the-art information it is difficult to incorporate the necessary security mechanisms
technology and telecommunication features to ordinary in these systems. To characterize the security model for a
electromechanical physical systems [1]. This has led to the SCADA-based ICS it is necessary to first identify the different
emergence of 'smart trends' like smart buildings, smart types of security threats that are relevant to such systems.
transportation systems, smart production lines etc. ICS is a One important characteristic of cyber attacks in
generic term for many control system configurations and general is that the techniques of attack become more