SCADA networks are an essential part of monitoring and controlling physical infrastructures, such as the power grid. Recent news item show that tampering with the data exchanged in a SCADA network occurs and has severe consequences. A possible way of improving the security of SCADA networks is to use intrusion detection systems. By monitoring and analysing the traffic, it is possible to detect whether information has a legitimate source or was tampered with. However, in many cases the knowledge of just the traffic is not enough. Detecting intrusions could be improved by including awareness about the physical processes that are controlled. This paper shows a simple analysis of a small scenario of a power distribution system, to illustrate the benefits of including the knowledge about the process in detecting breaches in SCADA.
|Title of host publication||Proceedings of the Joint Workshop on Cyber-physical Security and Resilience in Smart Grids (CPSR-SG 2016)|
|Place of Publication||USA|
|Number of pages||6|
|Publication status||Published - 12 Apr 2016|
Chromik, J. J., Remke, A. K. I., & Haverkort, B. R. H. M. (2016). What's under the hood? Improving SCADA security with process awareness. In Proceedings of the Joint Workshop on Cyber-physical Security and Resilience in Smart Grids (CPSR-SG 2016) (pp. -). USA: IEEE. https://doi.org/10.1109/CPSRSG.2016.7684100