Authors: Qian Chen; Madhulika Trivedi; Sherif Abdelwahed; Thomas Morris; Frederick Sheldon
Addresses: Department of Engineering: Computer Science Technology, Savannah State University, Savannah, GA 31404, USA ' DefiNet Contact, Nashville, TN 37212, USA ' Electrical and Computer Engineering Department, Mississippi State University, Starkville, MS 39762, USA ' Department of Electrical and Computer Engineering, University of Alabama in Huntsville, Huntsville, AL 35899, USA ' Department of Computer Science, University of Idaho, Moscow, ID 83844, USA
Abstract: Supervisory control and data acquisition (SCADA) systems, widely used in monitoring and controlling critical infrastructure systems, are highly vulnerable to cyber attacks. Current security solutions can protect SCADA systems from known cyber assaults, but most require human intervention. This paper presents a model-based autonomic security management (ASM) approach that monitors SCADA system performance and proactively predicts upcoming cyber attacks that may disrupt physical processes. We also discuss the feasibility of intrusion detection systems for laboratory-scale known and unknown attack detection. The ASM approach provides the most appropriate countermeasure recommendations, which may be deployed (semi-) autonomously based on an adaptive feedback mechanism. We present a gas pipeline case study and carry out function code scanning and malicious parameter injection attacks to validate the self-protection feature. Experimental results show that the ASM approach strengthens the SCADA system security, reduces protection time delays and toward achieving normal operations with little or no human intervention.
Keywords: autonomic computing; self-protection; SCADA security; supervisory control; data acquisition; cyber attacks; model-based security management; cyber-physical infrastructures; cyber-physical systems; CPS; critical infrastructures; intrusion detection systems; IDS; unknown attack detection; adaptive feedback; gas pipelines.
International Journal of Critical Infrastructures, 2016 Vol.12 No.4, pp.273 - 294
Received: 11 May 2015
Accepted: 19 Jan 2016
Published online: 29 Dec 2016 *