Title: Assessing the cyber-security of the IEC 60870-5-104 protocol in SCADA system

Authors: Qais Saif Qassim; Norziana Jamil; Muhammad Reza Z'aba; Wan Azlan Wan Kamarulzaman

Addresses: Institute of Informatics and Computing in Energy, Universiti Tenaga Nasional, Malaysia; Information Technology Department, Ibri College of Technology, Oman ' Institute of Informatics and Computing in Energy, Universiti Tenaga Nasional, Malaysia; College of Computer Science and Information Technology, Universiti Tenaga Nasional, Malaysia ' Faculty of Computer Science and Information Technology, University of Malaya, Malaysia ' Grid Solution Expertise Department, Grid Division, Tenaga Nasional Berhad, Malaysia

Abstract: Supervisory control and data acquisition (SCADA) system is the heart of almost every critical infrastructure system, whereby SCADA is generally employed in order to control and to monitor both the physical and industrial processes within these systems. It is, thus, of vital importance that any vulnerabilities of SCADA system to be identified and mitigated to prevent unplanned incidents, malicious activities, and cyber-attacks. The IEC 60870-5-104 refers to an international standard applied for tele-control in electrical engineering and power SCADA systems, which appears to be a significant principal protocol in electrical power system automation. Major industrial control vendors employ this protocol to monitor and to manage power utility devices. Nonetheless, IEC 60870-5-104 suffers from several designs and implementation weaknesses in terms of security aspects. As such, this study briefly presents this protocol and summarises its security vulnerabilities. Furthermore, it highlights the potential cyber-attacks based on the identified vulnerabilities. Additionally, the paper depicts several possible countermeasures to tighten the security of the SCADA systems.

Keywords: supervisory control and data acquisition; SCADA; power system; IEC 60870; cyber attack; security vulnerabilities; encryption; authentication.

DOI: 10.1504/IJCIS.2020.10029063

International Journal of Critical Infrastructures, 2020 Vol.16 No.2, pp.91 - 106

Received: 03 Nov 2018
Accepted: 08 May 2019

Published online: 11 May 2020 *

Full-text access for editors Access for subscribers Purchase this article Comment on this article