SCADA System Testbed for Cybersecurity and Pedagogy

Verified

Added on  2021/04/24

|14
|6136
|47
AI Summary
The assignment provided is related to a SCADA system testbed for cybersecurity and forensic research and pedagogy. It involves referencing various research papers, articles, and sources (18-20) that discuss the security challenges, protocols, and solutions for SCADA systems. The references include publications from 2012 to 2017, covering topics such as IoT security frameworks, smart grid security issues, secure data analytics, and control of technological processes using SCADA. The assignment likely requires students to analyze these sources, identify key points, and present a summary or report on the topic.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
Full Name
Student ID
Subject ITC571 – Emerging Technology and Innovations
Assignment No Final Report
Due Date 30-May-2018
Lecturer’s Name Malka N. Halgamuge
SCADA based cyber-security management in IOT
- The paper title could be more specific than general.
Your Name
Your Email
School of Computing and Mathematics, Charles Sturt University, Melbourne, Victoria
Abstract -
The proposed research is a literature based comprehensive & critical analysis of multiple studies conducted
on the subject of 'Security of IOT devices using SCADA control systems'. It aims at studying & analyzing
current & past research works thereby leading to an exhaustive list of threats emerging from IOT devices &
plausible solutions to mitigate them using SCADA systems. The paper explores the fundamentals to
discover how SCADA systems operate and what are they do with the IOT devices. It explores the security
challenges related to the IOT systems and also explored how SCADA-IOT systems can be secured.
1. INTRODUCTION
Significance of the research
The term 'IOT'- 'Internet of things' was first coined by Kevin Ashton as a combined representation of IT,
OT and internet in 1999 when he was working with P&G company. Soon the term became an umbrella for

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
a variety of technologies including smart sensors, smart home appliances, light controllers, and CCTV
cameras that were connected to internet. A large number of SCADA solutions included sensors that worked
remotely with machine to machine connection. The devices are today present in large numbers in the
factories and thus, Industrial IOT has also emerged leading to formation of the term Internet of everything.
It is a very exciting time both for users and vendors.
Literature Review
Supervisory management and knowledge Acquisition (SCADA) systems can be used for a variety of
different applications. SCADA systems do not use TCP/IP but specialist protocols such as Profitbus and
Modbus. They have vendor neutral interfaces ad utilize low level sensors, PLCs and actuators. These
protocols are like gateways for the network. Use of specialist protocols have several advantages such as
reduced pricing for maintenance due to elimination of the need for cabling and accessibility to the mobile
controllers for the operators. Cooperation is supported by the SCADA tools while dealing wit the potential
vulnerabilities and security solutions for COTS. Shodhan program has revealed that there can be thousands
of vulnerabilities that exist in the management systems that make them vulnerable when connected through
a TCP/IP protocol. Some root causes behind these vulnerabilities include technical limitations, ineffective
outsourcing, safety critical concerns, focus of tenders on price reduction instead of risks in supply chain,
and so on.
With the integration of IOT and SCADA, the knowledge acquisition can be optimized. The data that is
stored and retrieved by ICS applications can take the benefit of this optimization for production as well.
Just in Time production can be made possible with this integration between the market demand and
production offers. An example of such an action is the Smart Grid technology that utilizes SCADA for the
creation of the balance between the generation and consumption of power. Digital oilfield is another such
example where distributed resources can be centrally managed from single source.
Convergence of Protocols :
The convergence of ICS and IoT will be copied back to common roots in Machine to Machine (M2M)
protocols. These were developed to use time period DAQ sources and directly well-read several of the
embedded, time period infrastructures that are currently being deployed in IoT enabled domestic products;
as well as ovens, refrigerators and air conditioners. In spite of those common roots, there also are vital
variations between these SCADA techniques and also the rising IoT architectures. As mentioned, several
ICS applications believe the Modbus serial protocol. This builds on a standard client/server model. it had
been originally supposed to support M2M communication between Programmable Logic Controllers. In
Document Page
consequence, the protocol solely supports knowledge varieties that areplace able by PLCs instead of the
discretionary binary objects that are envisaged among IoT architectures. An additional limitation is that
knowledge objects seem to be non-transferable with any meta-data. In alternative words, the linguistics info
required to know associate degreed use an object needs to be embedded among every consumer. This limits
the extensibility of Modbus networks; there are vital overheads related to the introduction of each new
node. Modbus exploits a master/slave model. In alternative words, the master should expressly poll every
of the sector devices. there's no approach for a part to lift associate degree asynchronous alert in response to
exceptional operational conditions. repetitious polling will increase the overheads related to Modbus
deployments. These constraints are exacerbated by address limitations with solely 254 devices permissible
on one electric circuit. Modbus networks on their own cannot support the world property envisaged within
the IoT [2]. partially in consequence, variety of other approaches are developed, as well as those supported
Message Queuing Transport measurement (MQTT). this can be a light-weight protocol extension to
TCP/IP. It avoids several of the overheads related to Modbus by employing a publish-subscribe model.
Nodes should register their interest in receiving info from a publisher by contacting a broker. The protocol
is additionally designed for low information measure networks and devices with restricted process
capability – requiring a little code footprint. MQTT exploits a message queuing model that will increase
resilience within the face of various network latencies – once more this can be applicable for IoT
applications that has to be strong to advanced and dynamic environments. Amazon [3] and also the North
American nation Department of Office of Homeland Security [4] have embedded MQTT among IoT
demonstrators. The DHS applications were supposed to supply high levels of inherent security whereas
sanctioning initial responders to move with a good array of sensor/actuators. Intel give associate degree
illustration of the convergence between IoT and SCADA ideas through their integration of Modbus and
MQTT in their IoT Gateways; “using Modbus as an area interface to manage devices and MQTT as a
worldwide protocol to expand the reach of these devices’ data”. In alternative words, their Linux-based
Gateways act as associate degree interface to traditional SCADA networks victimization Modbus.
knowledge will be translated from the management domain by the entranceway into MQTT and transmitted
across the web to distributed IoT applications. the utilization of TCP/IP among MQTT additionally helps
address the measurability considerations that limit a lot of general application of the SCADA protocol. the
mix of SCADA and IoT technologies among, for example the new generation of Intel Gateways, provides a
foundation for brand spanking new levels of business integration. Layers of Integration it's doable to spot
variety of various layers that are, typically, accustomed structure each IoT and SCADA applications:
Document Page
Business Processes: At the highest-level IoT ideas give SCADA stakeholders with the power to integrate
various business processes through improved cooperative decision-making. IoT architectures have
additionally been influenced by service-oriented architectures that support the impromptu substitution of
method parts [5]. In ICS applications, it's doable to use IoT interfaces, supported the MQTT protocol, to
substitute totally different Modbus networks if production has to be touched between sites.
Applications:
Application level management from remote locations is provided by a blend of commercial systems across
local & wide space network. There is an additional provision of multiple time-period visualisations of
underlying devices & processes for call manufacturers that aids reportage & analysis. Additionally it helps
operational workers to identify & respond to safety considerations remarkably which may not be otherwise
possible if totally different groups depended on manual integration of various knowledge sources.
knowledge Aggregation:
Knowledge aggregation is essential for the availability of application level services. Potential optimizations
can be determined by the process & transformation of sensing knowledge. Later sections may argue that the
Information collected from varied & distributed production processes may be adapted to detect potential
malware. However , currently it is enough to say that integrating SCADA with IoT enables to prepare
substantial knowledge analytics using realtime aggregation of distributed method info [6].
Network Connectivity:
IoT ideas and SCADA systems each rely upon the preparation of network protocols that alter the time
period exchange of information across method parts. the look of those protocols contains a profound impact
on the measurability of the ultimate architectures. It is better to substitute parts or introduce novel
services/devices so that a recipient understands the source of information in an enhanced way. As known,
the event of ICS IoT gateways helps address the measurability issues of protocols that existed in old
SCADA systems. However, they additionally raise a number of security considerations once the ‘air gap’
has been accustomed isolate industrial systems from wider net based mostly applications. Physical Devices
– there are similarities between domestic devices within the IoT and also the industrial parts of SCADA
systems. each build use of embedded processors. each have vital time period properties. However, there are
vital variations too – particularly in terms of the dynamism related to safety issues that arise from potential
errors or from the implications of malware. the subsequent sections build upon this analysis by considering

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
the impact that completely different cyber-threats will have upon the protection of those different layers
within the integration of ICS into the web of Things. 5. Case Studies and Threat eventualities the
convergence of IoT and SCADA technologies will be illustrated good town initiatives – appreciate the
Sino-Singapore port data center taking form in metropolis, China. Municipal authorities are operating with
the suppliers of ancient ICS applications to integrate many alternative infrastructures [7]. These embrace
traffic management systems; CCTV networks; forecasting however additionally power generation and
management, water and heating infrastructures, revenue generation etc. the particular aims of those good
town initiatives vary round the globe [8]. However, this integration of commercial and domestic knowledge
sources will improve air quality, scale back pollution and improve public safety. It can even improve
resilience to the loss of infrastructure parts by police investigation and responding to faulty parts or
degraded modes of operation. shopper knowledge ensures ‘just in time’ production throughout optimized
offer chains. Centralized management rooms give stakeholders with enlarged levels of scenario awareness
that, in turn, supports cooperative decision-making. the mixing of SCADA systems among IoT and good
town offers sizable advantages in terms of cyber security. Organizations should meet minimum standards
of maturity before they'll access common network and repair infrastructures. the event of common
gateways between the SCADA parts and standard IT networks will facilitate to confirm consistent
approaches to security – simplifying the issues of patch management and of cyber scenario awareness.
impromptu solutions to the exchange of digital knowledge between totally different teams of stakeholders
will result in inconsistency and confusion concerning the degree of security offered at every interface. The
bigger property of service-oriented architectures in good town implementations additionally raises vital
considerations. Most SCADA devices were designed associate degreed deployed in an era before cyber
security was an exact concern in system procural. ‘Air gaps’ provided a degree of protection through
isolation. parts were connected over analogue, serial circuits. the dearth of external interfaces meant that
attackers needed physical access to the communications cables in order that they may inject or exfiltrate
serial knowledge. However, the increase of IP-based communication in SCADA environments with
external interfaces, parenthetically through MQTT, implies that there's no got to get direct physical access
to associate degree industrial system. the mixing of SCADA and IOT technologies has created and
extended their mutual attack surface. There are additional considerations concerning individual privacy that
emerge from the inclusion of SCADA applications into good Cities. non-public corporations and state
agencies often gather knowledge from people to suppport applied mathematics summaries. Applied
mathematics speech act management is critical to safeguard individual info that may be extracted from
these aggregations. IoT applications with ICS parts extend the scope of information that may be collected –
parenthetically, watching individual power or water use to spot periods of peak capability. The accidental
Document Page
speech act of this knowledge may alter criminals to focus on properties that weren't being occupied.
Location revealing technologies, as well as the utilization of police work camera, are a customary feature of
good town initiatives to each fight crime and additionally to optimize transportation infrastructures.
However, in addition to face recognition software system there arise varied considerations concerning civil
liberties furthermore because they stop unauthorized access/inferences supported by the information that
techniques of IoT may gather to support SCADA applications [9]. good Cities illustrate the convergence of
SCADA and IoT ideas at a macro level. Airfield Operations Centers (APOCs) illustrate a lot of equivalent
trend at the local stage. They combine traveler and shipment operations with the airside functions that
handle craft arrival and departure [10]. The aim is to is to gather knowledge required by various teams of
stakeholders working together and supporting cooperative decision-making. for example, Heathrow
recently opened a custom-made APOC wherever airlines, the Air Navigation Service supplier (NATS), the
United Kingdom Border Force, the Metropolitan Police and also the Highways Agency share an equivalent
room. APOCs can even mix native transportation corporations, airfield retailers, park management etc.
These various stakeholders work along to optimize the utilization of craft stands, to mitigate the impact of
weather, scale back noise and environmental impact etc. APOCs mix SCADA parts with enterprise info
systems similar to good town initiatives,. Baggage-handling applications, heat and lighting systems
furthermore as air-con plant exploit typical industrial management systems. APOCs use the information
provided by, parenthetically traffic Management applications, to optimize these SCADA functions. like
good Cities, airfield Operations Centers raise variety of cyber-security considerations. A companion paper,
during this volume [10], provides extra details. among associate degree APOC, it's doable to spot variety of
illustrative threat eventualities. For example, activist team's effort against the enlargement of associate
degree airfield may use an attack by spear-phishing on junior airfield management to get knowledge
concerning airfield operations. The team may use this to maximize the impact of objection parenthetically.
associate degree alternate state of affairs involves a sub-contractor unwittingly introducing public software
system libraries into important management systems. Neither ICS protocols, appreciate Modbus, nor IoT
infrastructures, supported MQTT, give express support for the rhetorical analysis of cyber-attacks. In
consequence, there are varied mechanisms that may support cross infection. this might delay the detection,
identification and recovery from future attacks; undermining confidence in these integrated applications.
This integration of IoT and SCADA creates new considerations for cyber security and at an equivalent time
offers new hope to extend the resilience of important infrastructures. each the APOC and good town case
studies support new levels of integration among integrated operations centers. The intention is to support
cooperative decision-making through enlarged scenario awareness. Most existing initiatives concentrate on
the operational enhancements and potency savings that are to be gained through info integration. However,
Document Page
it's clear that this increased scenario awareness may also be supported by the addition of a (cyber) Security
Operations Centre (SOC). the mixing of multiple SCADA networks may facilitate to spot the symptoms of
coordinated or distributed attacks to multiple sub-systems. it would additionally give mechanisms for
tracing the basis reason behind a breach that may solely be apparent through knock-on effects in alternative
systems for example the exfiltration of SCADA production knowledge through MQTT level
interconnects. The opportunities for desegregation SOCs into these initiatives has already been recognized,
for example among Law no 11/2014, establishing the urban center Centre for E-Security [11]. Similarly,
the standard maintenance headed network watching applications that are embedded among existing APOCs
are being extended to supply express support for the creation of airfield SOCs. Proposals have additionally
been created to mechanically feed knowledge concerning potential threats to national and international
SOCs for SCADA threat intelligence [12]. It remains to be seen whether or not such proposals will address
the organization and legal barriers that usually frustrate initiatives to enhance mutual cyber scenario
awareness.
Threat Mitigation :
There are strong similarities between the mitigations that may be accustomed to defend each IoT and
SCADA systems. For example, the below mentioned ‘best’ practices have recently been recommended for
IoT implementations. It is immediately evident that they may additionally improve the cyber security of
ICS applications:
Best apply 1: Every device is issued with a Device Certificates to ascertain, detect and facilitate
authentication to service and alternative devices.
Best apply 2: Sensitive knowledge ought to be encrypted to forestall interception as it travels
through the IoT surrounding. Similarly, information must have transparency and must be flawlessly
encrypted to forestall larceny.
Best apply 3: Code language of firmware/software updates should have digital certificates.
Additionally, all communication with devices within the field must use SSL certificates.
sadly, it's non-trivial to use these IoT recommendations to several existing SCADA networks. PLCs and
sensors usually lack device certification. Protocols appreciate Modbus don't give any default SCADA
secret writing. though this can be done at the appliance level, process and information measure limitations
in several ICS implementations mean that this recommendation is rarely followed in industrial systems,
even after they interface through IoT gateways. The encouragement to use microcode updates and patches
poses explicit challenges in ICS. historically, the air gap meant that isolated PLCs were rarely updated. the

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
sole approach that malware can be transmitted was throughout a microcode update via the associated field
devices. There also are a lot of challenges that IoT networks face. Finally, from a security perspective the
installation of consecutive patches will trigger vital verification and validation prices to confirm that any
changes don't violate previous needs. additional considerations stem from the matter of guaranteeing that
any microcode originates from a trustworthy supply. Weak authentication schemes produce considerations
once safety-critical ICS devices are integrated into IoT architectures. Hash collisions alter potential
attackers to form changes to authentic SCADA microcode while not it essentially being detected before
installation on a target device. variety of mitigations scale back the risks once SCADA systems are exposed
to the IoT.
SCADA supports a large number of applications today because of flexibility it has to offer but initially, the
system was more localized and thus, isolated. It relied more on specialist protocols such as ProfitBus and
Modbus. The interfaces were vendor neutral and used low level sensors, programmable logic controllers,
and actuators. But protocols have changed with new industrial control gateways. These new interfaces are
able to monitor distributed resources remotely. Cost of maintenance is less and there are other human
factors that are beneficial. Mobile controllers can now be used flexibility for control and the controller need
to stick to a single desk for monitoring.
Challenges with SCADA and IOT Integration
Enterprise tools can be informed using real time processes such as data collaboration but cyber security is
not so sophisticated to handle the potential vulnerabilities when they are integrated with the COTS
networks. Cyber security recommendations have been given by a study conducted by International \society
of Automation based on many vulnerabilities faced by tcp/ip networks. Some root causes were identified in
the process including technical limitations.
Shodhan search engines have revealed such vulnerabilities and their root causes that may not be because of
technical limitations of the network but limitation of the experience of the people who are outsourced the
management work. \they are more concerned about saving costs. \These factors make changes in industrial
connectivities and affect the development of the internet of things including physical objects that contain
embedded sensors with processing capabilities and are interfaced through a network. \a more centralized
focus is there in the local system and it can only be addressed in the local network. \such integration of
scada are actually based on the earlier developments such as traditional Data Acquisition (DAQ) techniques
Document Page
for data sampling for production processes optimization, data restoration for information storage and
retrieval, and so on.
However, in the last decade the scale of integration has opened up such as smart grid technologies use
digital networks for decentralization of the power and in the next generation manufacturing companies,
supply and demand integration can be seen with distributed networks centralized. The ics and iot
conversions have the common roots of the machine to machine protocols that can be used for the
development of real time sources that can be embedded in the real time infrastructures through iot. \real
time infrastructure components include normal electronic devices such as air conditioners, ovens, and
refrigerators as well. All of these devices have the common roots yet the scada techniques and the
architecture of IOT could be different which can pose challenges. ICS applications are built over traditional
client-server model and support Machine-to-Machine communication that happens between the
programmable logic controllers. As a result, the protocol can only support the data types that PLCs can
recognise which can exclude the binary data that is generated in the iot architecture.
Another limitation is that when the data objects are transferred through the SCADA network, no meta-
information gets transferred which may be needed to explore what is embedded inside the client object.
This puts the restrictions on the Modbus networks such as introduction of the overheads for every new node
that is introduced in the network.
Message Queuing Transport Telemetry (MQTT)
ModBus is based on the 'master-slave model'. This means that the master device has to explicitly poll the
other devices as a result of which an asynchronous alert will not be raised in exceptional conditions. If
iterative polling is used, it would have the overheads in Modbus deployments. Also, on one data link, there
are only 254 devices allowed so these networks cannot work with globally connected devices. Alternative
approaches to solve this problem have been used such as Message Queuing Transport Telemetry (MQTT).
MQTT is a kind of extension to the earlier TCP/IP model. This model can avoid the overheads of Modbus
by utilizing publish-subscribe model. THis model needs nodes to register their interested information that
they want to get from a publisher through the broker. Besides the reduction of overheads, there is also a
benefit of ability to work in a low bandwidth network as well as with the devices that have very limited
processing capabilities. MQTT use message queuing model and thus, the resilience of the network latencies
is enhanced.
Document Page
Integration of Modus and MQTT can illustrate the convergence of SCADA with IOT. Modus can be used
an a local interface that can manage the IOT devices while MQTT serves as a global protocol. An example
of such an integrated would be the Linux based gateway which acts as a conventional SCADA network.
This gateway can translate the data from the control domain to the MQTT format so that it can be
distributed to the IOT applications. The scalability issues can also be addressed with the use of this protocol
along with the traditional TCP/IP for the SCADA control applications.
Research gap
The current studies that are conducted on the commercial systems associate degreed use of SCADA
principally explore the everyday threats that may be resolved with the utilization of SCADA and also the
specific kind of device that poses security threats in an IOT network. However, there's no unified analysis
could be found that had explored the commercial devices and their settings comprehensively enough to
offer a deeper insight on how SCADA can be used for enhancing the protection of an Industrial
organization.
2. MATERIAL & METHODS
Decision on the choice of a research methodology is influenced by the character of information and
therefore the act of knowing. analysis information is formed through actions and interactions
between folks. A reflective inquiry begins with a problematic scenario associated an action is dispensed to
resolve the matter. There are 2 major philosophical ideas that embrace philosophy that outline nature of
information and metaphysics that defines act of knowing.
The nature of information or reality decides the shape or assortment of analysis that may be utilized
in associate investigation. most typical forms embrace positivist, instructive, and demanding. Positivist
orientation believes within the existence of a truth that may be discovered and measured. Thus,
positivists take a look at theories victimization empirical investigation. Investigators believe construction of
an information or truth through interpretations regarding the fact by totally
different folks specified there's no single testable reality.
A third kind of analysis is crucial inquiry that analysis goes on the far side the interpretations of
individuals on the thought. within the crucial inquiry, common notions are challenged and therefore
the analysis intends to bring out the modification. there's another epistemic perspective that

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
may be accustomed outline a pursuit methodology. This can be genre read suggests that each
rationalization of associate understood truth truly may be a story and there are multiple truths that
exist specified the approaches to know the reality can be extremely experimental.
As the objective of this analysis is perceive the fact of the impact of termination on the development sector
in Asian nation. The understanding of the positive associated negative impacts is
very an instructive development as completely different users have different views on the impact and so,
the analysis would be supported the interpretivist.
RESULTS
The operational field ought to be physically isolated from company info systems. Securing the gateways
between ICS and a lot of typical enterprise info systems prevents malicious code from spreading.
There are varied techniques that may be applied – as well as the utilization of uni-directional knowledge
diodes. method knowledge will be fed into decision-making tools however cyber-threats cannot be
transmitted from business info systems into a lot of vulnerable SCADA parts. However, this limits the
utility of biface management over massively distributed systems. The purpose in distinctive advanced
optimizations victimization Real time knowledge aggregation is, consequence management actions
necessary to manually communicate with every underlying management systems.
There are some typical threats that IOT devices face that can be addressed by the use of SCADA systems
such as
Mobile devices: Mobile devices can face threats in the situations of loss of device, connection through
non-secure channels and unattended unlocked device. Threats that are faced in such situations can be
network compromise, channel compromise, rogue access through Wi-Fi and so on. Best way to overcome
or avoid such threats is perform testing using SCADA remote systems. These tests can be done for a
number of assessments including permissions, password protection, code obfuscation, native coding,
authentication methods, operational correctness, sensitive data handling, XML parser configuration, SSL
configuration, backend APIs, and so on.
Industrial Automation: With the use of SCADA with industrial IOT systems, industrial automation and
collaboration can be achieved. IOT gateway can be implemented for supporting the SCADA operated
protocols such as Modbus such that the communication efficiencies of the system are improved between
the two systems. The SCADA-IOT solution can be secured using encryption.
DMZ: A firewall can be installed between the DMZ and the SCADA system such that unwant3ed traffic is
Document Page
prevented from entering into SCADA. Critical infrastructure protection is provided by using a secure
infrastructure and addressing the vulnerabilities of the system such as cross-site scripting and malicious
linkage. Some of the ways these problems can be addressed and the SCADA system can be made more
secure. These include use of strong authentication and using a networked camera.
Smart Grids: Smart grids are the grids of IOT devices that together perform activities that are give power
to a huge area through production and distribution of power. In ordered to secure these smart grids,
cybersecurity reliability standards may be used as it can be useful in selecting more hardened technology.
Integrated systems; In SCADA integrated IOT systems, protection can be achieved by using proactive
methods such as encryption and authentication, Further, e-controllers can ensure that the control is
maintained without the loss of any data or capabilities.
4. DISCUSSION
A lot of versatile approach is to use logical separation. Development and maintenance groups make sure
that SCADA interfaces with IoT/IP traffic is logically separated from company communications which
attackers cannot exploit any potential backdoors. Logical separation will embrace the utilization of buffer
networks – wherever SCADA systems are prevented from creating any direct communication with the
external net. If physical parts of a company or IoT network – as well as routers and switches, should
support the transport layer in associate degree ICS then SCADA communications ought to then be
encrypted and routed through VPN tunnels. among any IP-based SCADA interface to IoT applications, it's
vital to disable any inessential services and so the check that they continue to be disabled. Role based
access controls and authentication will limit the privileges of devices and applications to the resources they
need and also the principle of least privilege ought to contain the impact of any potential breaches. Deep
packet scrutiny techniques are also needed for protocol specific filtering to confirm that associate degree
attack doesn't exploit vulnerabilities among SCADA networks. There are a number of security solutions
that can be used with the SCADA operated IOT networks.
5. CONCLUSIONS
IOT networks also face security threats now that critical infrastructure is also connected to the internet
posing bigger risks to organizations. SCADA is a 'Supervisory Control and Data Acquisition' system that
allows organizations to establish control over industrial processes remotely so that remote monitoring is
possible and an interaction can happen between the controller and the IOT devices directly such that events
of IOT can be directly recorded into the log files. Thus, SCADA system can be a very useful way to control
Document Page
and mitigate the security threats that are faced by the IOT devices in the industrial settings today. Thus, the
SCADA system makes an important area of study for industrial organizations that are running on system
connected IOT devices in their industrial units.
REFERENCES
1. A. Sajid, H. Abbas and K. Saleem, "Cloud-Assisted IoT-Based SCADA Systems Security: A Review of the
State of the Art and Future Challenges", IEEE Access, vol. 4, pp. 1375-1384, 2016.
2. C. Johnson, "Securing Safety-Critical SCADA in the Internet of Things," University of Glasgow, Glasgow,
2016.
3. H. Ning and H. Liu, "Cyber-Physical-Social Based Security Architecture for Future Internet of Things",
Advances in Internet of Things, vol. 02, no. 01, pp. 1-7, 2012.
4. I. Ahmed, V. Roussev, W. Johnson, S. Senthivel and S. Sudhakaran, "A SCADA System Testbed for
Cybersecurity and Forensic Research and Pedagogy," in Annual Industrial Control System Security
Workshop, Los Angeles, CA, USA , 2016.
5. J. Pacheco and S. Hariri, "IoT Security Framework for Smart Cyber Infrastructures", 2016 IEEE 1st
International Workshops on Foundations and Applications of Self* Systems (FAS*W), 2016.
6. H. Suo, J. Wan, C. Zou and J. Liu, "Security in the Internet of Things: A Review", 2012 International
Conference on Computer Science and Electronics Engineering, 2012.
7. A. Sadeghi, C. Wachsmann and M. Waidner, "Security and privacy challenges in industrial internet of
things", Proceedings of the 52nd Annual Design Automation Conference on - DAC '15, 2015.
8. M. Chiang and T. Zhang, "Fog and IoT: An Overview of Research Opportunities", IEEE Internet of Things
Journal, vol. 3, no. 6, pp. 854-864, 2016.
9. R. Mahmoud, T. Yousuf, F. Aloul and I. Zualkernan, "Internet of things (IoT) security: Current status,
challenges and prospective measures", 2015 10th International Conference for Internet Technology and
Secured Transactions (ICITST), 2015.
10. C. Bekara, "Security Issues and Challenges for the IoT-based Smart Grid", Procedia Computer Science,
vol. 34, pp. 532-537, 2014.
11. T. Fatima and S. Nausheen, "Secure Data Analytics for Cloud-Integrated Internet of Things Applications,"
International Journal of Computer Engineering and Applications, vol. XI, no. IX, pp. 16-27, 2017.
12. Y. Saleem, N. Crespi, M. H. Rehmani and R. Copeland, "Internet of Things-aided Smart Grid:
Technologies, Architectures, Applications, Prototypes, and Future Research Directions," COMSATS

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
Institute of Information Technology, WahCantt, Pakistan, 2016.
13. T. Pyavchenko, "CONTROL OF TECHNOLOGICAL PROCESSES BASED ON SCADA", Polythematic
Online Scientific Journal of Kuban State Agrarian University, 2017.
14. "Substation Automation System for Energy Monitoring and Control Using SCADA", International Journal
of Recent Trends in Engineering and Research, vol. 3, no. 4, pp. 32-38, 2017.
15. "PROCESS FLOW CONTROL USING SCADA AND PLC", International Journal of Recent Trends in
Engineering and Research, vol. 3, no. 8, pp. 178-186, 2017
16. Abbas, "Future SCADA challenges and the promising solution: the agent-based SCADA", International
Journal of Critical Infrastructures, vol. 10, no. 34, p. 307, 2014
17. R. Singla and A. Khosla, "Intelligent Security System for HMI in SCADA Applications", International
Journal of Modeling and Optimization, pp. 444-448, 2012.
18. K. Munro, "SCADA – A critical situation", Network Security, vol. 2008, no. 1, pp. 4-6, 2008.
19. T. Turc, "Using WEB Services in SCADA Applications", Procedia Technology, vol. 19, pp. 584-590,
2015.
20. H. Abbas, "Future SCADA challenges and the promising solution: the agent-based SCADA", International
Journal of Critical Infrastructures, vol. 10, no. 34, p. 307, 2014.
1 out of 14
circle_padding
hide_on_mobile
zoom_out_icon
[object Object]

Your All-in-One AI-Powered Toolkit for Academic Success.

Available 24*7 on WhatsApp / Email

[object Object]