Securing communications for SCADA and critical industrial systems

摘要

Secure communications within the electric power system are critical to ensuring safe and reliable electric power. Additionally, secure communications are critical to the safe flow of oil and natural gas. Around the globe, automation and communications networks face a growing number of threats that can result in malicious acts, such as unauthorized access and espionage. Most industrial sectors are in transition from legacy protocols to Internet Protocol-based (IP-based) communications. An unintended consequence of adopting IP communications is that supervisory control and data acquisition (SCADA) and industrial control systems (ICSs) have become very popular targets of attack. Access to the devices in these networks must be secured or critical equipment and information face the risk of compromise. In 2013, attacks on the energy sector were the highest percentage of reported security incidents among critical infrastructure. This paper investigates the risks to SCADA and industrial communications and the real-world threats these risks pose. It first discusses basic communications security concepts. It then discusses the methods used by attackers to exploit vulnerabilities in SCADA and ICSs, in addition to the state of real threats to the security and stability of electric power systems. Lastly, the paper describes how to mitigate each threat with the appropriate application of countermeasures and new technologies to keep systems secure.