Supervisory control and data acquisition (SCADA) systems are used in critical infrastructure to control vital sectors such as smart grids, oil pipelines, water treatment, chemical manufacturing plants, etc. Any malicious or accidental intrusion could cause dramatic human, material and economic damages. Thus, the security of the SCADA is very important, not only to keep the continuity of services (i.e., availability) against hostile and cyber-terrorist attacks, but also to ensure the resilience and integrity of processes and actions. Dealing with this issue, this paper discusses SCADA vulnerabilities and security threats, with a focus on recent ones. Then, we define a holistic methodology to derive the suitable security mechanisms for this kind of critical systems. Our methodology starts by identifying the security needs and objectives, specifying the security policies and models, deriving the adapted architecture and, finally, implementing the security mechanisms that satisfy the needs and cover the risks. We focus on the modelling step by proposing the new CI-OrBAC model . In this paper, we focused on securing communication and protecting SCADA against both internal and external threats while satisfying the self-healing, intrusion tolerance, integrity, scalability and collaboration needs. (C) 2020 Elsevier B.V. All rights reserved.
展开▼