Modeling cyber attacks on a critical infrastructure scenario

摘要

Critical infrastructures, such as electrical grids, are monitored and controlled by SCADA (Supervisory Control And Data Acquisition) systems. Cyber attacks against SCADA might put CI and in turn industrial production, environment integrity and human safety at risk. Here, with reference to an actual case study, constituted by an electrical grid, its SCADA system and a corporate network, we discuss how cyber threats, vulnerabilities and attacks might degrade the functionalities of SCADA and corporate network and, in turn, lead to outages of the electrical grid. We represent SCADA and corporate network under malware propagation, Denial of Service and Man In The Middle attacks, and predict their consequent functionalities. Particularly, we use Netlogo to identify possible malware propagation in relation to SCADA & corporate security policies adopted from the utility and NS2 simulator to compute the consequences of such cyber attacks on SCADA and in turn on electrical grid functionalities.