SCADA Vulnerabilities and Existing Security Approaches Towards Industrial Protection
Daniel José Franco1, Abdullah Muhammed2, Shamala K. Subramaniam3, Azizol Abdullah4
1Daniel José Franco*, Department of Communication Technology and Network, University Putra Malaysia, Serdang, Malaysia.
2Abdullah Muhammed, Department of Communication Technology and Network, University Putra Malaysia, Serdang, Malaysia.
3Shamala K. Subramaniam, Department of Communication Technology and Network, University Putra Malaysia, Serdang, Malaysia.
4Azizol Abdullah, Department of Communication Technology and Network, University Putra Malaysia, Serdang, Malaysia.
Manuscript received on August 14, 2020. | Revised Manuscript received on August 24, 2020. | Manuscript published on September 10, 2020. | PP: 258-264 | Volume-9 Issue-11, September 2020 | Retrieval Number: 100.1/ijitee.J76340891020 | DOI: 10.35940/ijitee.J7634.0991120
Open Access | Ethics and Policies | Cite | Mendeley
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: Attackers, spread all around the world, have become a major threat to SCADA systems, since they started using opened-standard networks, integrated to corporate networks and accessing the Internet. It is true that there are also many different security solutions and techniques available, such as firewalls, encryption, network traffic analysis and a few others, though, intruders still managed to gain access and control delicate systems. Pointed as a non-invasive solution, intrusion detection systems (IDS) are able to monitor and report activities of any anomaly or strange patterns. However, due to the lack of SCADA network traffic data, such IDS solutions are still primitive and based on just well-known vulnerabilities and attacks, where a dedicated IDS is necessary to properly protect SCADA in water distribution systems. This study highlights SCADA vulnerabilities and security issues, through a qualitative approach, using known attacks and examples in security as case studies and aiming to present scenarios on this issue, as well, an overview of today’s SCADA vulnerabilities and main threats. Results show that the identification of Intrusion Detection Systems (IDS), with their approaches and types, also widely implemented in regular IT networks, help on providing a higher security level and identifying abnormal traffic data. Such systems have indeed shown a good success rate on identifying malicious traffic in SCADA networks, mainly because of their evolution to Ethernet and open communication protocols. Based on these singular characteristics, studying SCADA networks and their communication protocols is seen as a major factor to properly develop robust security mechanisms and tolls.
Keywords: Intrusion Detection Systems, SCADA Networks, SCADA Security Tools, Variabilities, SCADA Communication Protocols, SCADA for Water Distribution Systems.