제어 시스템 보안을 위한 해외 테스트 베드 구축 현황

  • 박동규 (순천향대학교 정보통신공학과)
  • Published : 2012.08.31

Abstract

제어 시스템 보안을 위하여 보안 적합성 확인과 유효성 검사 및 사고 발생 시 제어 시스템의 피해 상황 및 영향 범위에 대해 실제의 제어 시스템 구성 요소를 분석하는 환경이 필요하며, 실제 기기와 시뮬레이션을 이용하여 취약성을 검증하기 위한 환경 및 제어 시스템 구성 요소의 취약성을 발견하는 도구가 필요하다. 본 논문에서는 제어 시스템 보안 및 국내 제어 시스템 테스트 베드 구축을 위하여 선진국들의 제어 시스템 테스트 베드 구축 현황 및 사례에 대하여 설명하고자 한다.

Keywords

References

  1. Common Cyber Security Vulnerabilities Observed in Control System Assessments by the INL NSTB Program. Idaho National Laboratory. IdahoFalls, Idaho 83415. November 2008. http://www.inl.gov/scada/publications/d/inl_nstb_ common_vulnerabilities.pdf
  2. Fink, R. Spencer, D., and Wells, R. Lessons Learned from Cyber Security Assessments of SCADA and Energy Management Systems. Idaho National Laboratory. Idaho Falls, Idaho 83415. September 2006. http://www.inl.gov/scada/publications/d/nstb_lessons_learned_from_cyber_security_assessments.pdf.
  3. Wireless Procurement Language in Support of Advanced Metering Infrastructure Security. Idaho National Laboratory. Idaho Falls, Idaho 83415. August 2009. http://www.inl.gov/scada/publications/d/inl-ext-09-15658_ami_proc_language.pdf.
  4. ESTEC Project. http://www.estec-project.eu/.
  5. Industrial Instrumentation Process Lab. http://www.bcit.ca/appliedresearch/tc/facilities/industrial.shtml.
  6. SCNI ACTION - IPSC - Europa ipsc.jrc.ec.europa.eu/fileadmin/.../JRC54499.pdf.
  7. "2010年度 制御システムの情報セキュリティ動向に関する調査報告書", IPA, 2011. http://www.ipa.go.jp/security/fy22/reports/ics_sec/index.html.
  8. "制御システムセキュリティ検討タスクフォース報告書". 経済産業省, 2012. http://www.meti.go.jp/committee/kenkyukai/shoujo/controlsystem_security/report01.html.
  9. Reaves, B., Morris, T., Discovery, Infiltration, and Denial of Service in a Process Control System Wireless Network. IEEE eCrime Researchers Summit. October 20-21, 2009. Tacoma, WA.
  10. T. Morris, A. Srivastava, B. Reaves, W. Gao, K. Pavurapu, R. Reddi, A control system testbed to validate critical infrastructure protection concepts, International Journal of Critical Infrastructure Protection (IJCIP), Volume 4, Issue 2, August 2011, Pages 88-103. https://doi.org/10.1016/j.ijcip.2011.06.005
  11. C. Davis, J. Tate, H. Okhravi, C. Grier, T. Overbye, and D. Nicol, "SCADA Cyber Security Testbed Development," in Power Symposium, 2006. NAPS 2006. 38th North American, pp. 483-488, 2006.
  12. Annarita Giani, Gabor Karsai, Tanya Roosta, Aakash Shah, Bruno Sinopoli, and Jon Wiley, "A testbed for secure and robust SCADA systems," in 14th IEEE real-time and embedded technology and applications symposium (RTAS '08) WIP session, 2008.
  13. C. Queiroz, A. Mahmood, Jiankun Hu, Z. Tari, and Xinghuo Yu, "Building a SCADA Security Testbed," in Network and System Security, 2009. NSS '09. Third International Conference on, pp. 357-364, 2009.
  14. I. Fovino, M. Masera, L. Guidi, and G. Carpi, "An experimental platform for assessing SCADA vulnerabilities and countermeasures in power plants," in Human System Interactions (HSI), 2010 3rd Conference on, pp. 679-686, 2010.
  15. A. Hahn et al., "Development of the Power Cyber SCADA security testbed," in Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research - CSIIRW '10, p. 1, 2010.
  16. Rohan Chabukswar, Bruno Sinpoli, Gabor Karsai, Annarita Giani, Himanshu Neema, and Andrew Davis, "Simulation of Network Attacks on SCADA Systems," in First Workshop on Secure Control Systems, 2010.
  17. Bergman, David C., "Power grid simulation, evaluation, and test framework," Master's, University of Illinois, 2010.
  18. Jim Montague, "Simulation Breaks Out," Control Global, pp. 52-61, Sep-2010.