kth.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Analyzing the effectiveness of attack countermeasures in a SCADA system
KTH, School of Electrical Engineering (EES), Network and Systems engineering.ORCID iD: 0000-0001-7386-7471
KTH, School of Electrical Engineering (EES), Network and Systems engineering.ORCID iD: 0000-0003-1464-6163
KTH, School of Electrical Engineering (EES), Electric Power and Energy Systems.
KTH, School of Electrical Engineering (EES), Network and Systems engineering.ORCID iD: 0000-0003-3922-9606
Show others and affiliations
2017 (English)In: Proceedings - 2017 2nd Workshop on Cyber-Physical Security and Resilience in Smart Grids, CPSR-SG 2017 (part of CPS Week), Association for Computing Machinery, Inc , 2017, p. 73-78Conference paper (Refereed)
Abstract [en]

The SCADA infrastructure is a key component for power grid operations. Securing the SCADA infrastructure against cyber intrusions is thus vital for a well-functioning power grid. However, the task remains a particular challenge, not the least since not all available security mechanisms are easily deployable in these reliability-critical and complex, multi-vendor environments that host modern systems alongside legacy ones, to support a range of sensitive power grid operations. This paper examines how effective a few countermeasures are likely to be in SCADA environments, including those that are commonly considered out of bounds. The results show that granular network segmentation is a particularly effective countermeasure, followed by frequent patching of systems (which is unfortunately still difficult to date). The results also show that the enforcement of a password policy and restrictive network configuration including whitelisting of devices contributes to increased security, though best in combination with granular network segmentation.

Place, publisher, year, edition, pages
Association for Computing Machinery, Inc , 2017. p. 73-78
Keywords [en]
Cyber security, SCADA system, Security controls, Threat modeling, Vulnerability assessment, Electric power system security, Electric power transmission networks, Legacy systems, SCADA systems, Smart power grids, Multi-vendor environment, Network configuration, Network segmentation, Power grid operations, Vulnerability assessments, Network security
National Category
Computer Systems
Identifiers
URN: urn:nbn:se:kth:diva-216532DOI: 10.1145/3055386.3055393Scopus ID: 2-s2.0-85019036296ISBN: 9781450349789 (print)OAI: oai:DiVA.org:kth-216532DiVA, id: diva2:1160937
Conference
2nd Workshop on Cyber-Physical Security and Resilience in Smart Grids, CPSR-SG 2017, 21 April 2017
Note

QC 20171128

Available from: 2017-11-28 Created: 2017-11-28 Last updated: 2022-06-26Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records

Korman, MatusVälja, MargusBjörkman, GunnarEkstedt, MathiasVernotte, AlexandreLagerström, Robert

Search in DiVA

By author/editor
Korman, MatusVälja, MargusBjörkman, GunnarEkstedt, MathiasVernotte, AlexandreLagerström, Robert
By organisation
Network and Systems engineeringElectric Power and Energy Systems
Computer Systems

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 797 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf