This paper focuses on securing wind power Supervisory Control And Data Acquisition(SCADA) systems that utilize commercial-off-the-shelf Information Technology (IT). The useof IT within SCADA systems provides the benefits of low implementation cost and ease ofinteroperability, but introduces the potential for new security vulnerabilities. To address thesenew vulnerabilities in wind power SCADA systems, we apply lessons learned from our SCADAassessment activities, design and implementation experience in secure communication systems,and knowledge of wind power operations. We present a SCADA security policy framework andprovide two IT “best practices” examples. We also list several typical SCADA/ITvulnerabilities. To provide further reading into the many facets of securing SCADA/IT, anextensive list of references has been provided.
展开▼
