Title: Designing security policies for complex SCADA systems management and protection

Authors: Christophe Feltus; Djamel Khadraoui

Addresses: Luxembourg Institute of Science and Technology (LIST), 5 Avenue des Hauts-Fourneaux, L-4362 Esch-sur-Alzette, Luxembourg ' Luxembourg Institute of Science and Technology (LIST), 5 Avenue des Hauts-Fourneaux, L-4362 Esch-sur-Alzette, Luxembourg

Abstract: Supervisory control and data acquisition systems (SCADA) are required to deal with increasingly sensitive and crucial situations. The management and protection of these systems must constantly evolve towards integrated decisions support and policies driven by cyber security requirements. The current research stream in this area aims to foster the smartness of the field equipments and the management processes. SCADA components are governed by policies which depend on the components function as well as on the evolution of the crisis which also confer to the latter the latitude to react based on their own perception of the situation evolution. Existing work related to crisis management tends to consider that components evolve and are organised in systems but as far as we know, no systemic solution exists which integrates all of the above requirements. This paper proposes an ArchiMate® extension for SCADA with a broaden explanation of the behaviour endorsed in cyber-policy.

Keywords: ArchiMate; metamodels; SCADA; multi-component systems; trust; petroleum supply chains; critical infrastructures; oil supply chains; supply chain management; SCM; security policy design; complex SCADA systems; supervisory control; data acquisition; SCADA management; SCADA protection; cyber security; modelling.

DOI: 10.1504/IJITM.2016.079602

International Journal of Information Technology and Management, 2016 Vol.15 No.4, pp.313 - 332

Received: 04 Jul 2014
Accepted: 28 May 2015

Published online: 05 Oct 2016 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article