• Convergence Security Journal
• /
• v.19 no.5
• /
• pp.55-61
• /
• 2019

This paper studied security measures to protect the SCADA network from the increasingly sophisticated threats. Currently, SCADA system security uses methods that are almost like regular IT security systems. While there may be some common security techniques, security techniques are needed only for SCADA systems that are different from typical IT systems. Therefore, this paper will explore the security techniques currently used in SCADA systems, and the problems that arise when the current security techniques are used will be identified through the damage cases resulting from attacks in SCADA systems. Finally, as a new solution to ensure the availability and integrity required for current SCADA systems, we proposed linking Blockchain and SCADA systems.

• Proceedings of the KIEE Conference
• /
• 2007.11b
• /
• pp.46-47
• /
• 2007

SCADA (Supervisory Control and Data Acquisition) system has been used fur remote measurement and control on the critical infrastructures as well as modem industrial facilities. As cyber attacks increase on communication networks. SCADA network has been also exposed to cyber security problems. Especially, SCADA systems of energy industry such as electric power, gas and oil are vulnerable to targeted cyber attack and terrorism. Recently, many research efforts to solve the problems have made progress on SCADA network security. In this paper, we introduce recent security issue of SCADA network and propose the application of encryption method to Korea SCADA network.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.6
• /
• pp.1351-1364
• /
• 2019

When SCADA is exposed to cyber threats and attacks, serious disasters can occur throughout society. This is because various security threats have not been considered when building SCADA. The bigger problem is that it is difficult to patch vulnerabilities quickly because of its availability. Digital forensics procedures and techniques need to be used to analyze and investigate vulnerabilities in SCADA systems in order to respond quickly against cyber threats and to prevent incidents. This paper addresses SCADA forensics taxonomy and research trends for effective digital forensics investigation on SCADA system. As a result, we have not been able to find any research that goes far beyond traditional digital forensics on procedures and methodologies. But it is meaningful to develop an approach methodology using the characteristics of the SCADA system, or an exclusive tool for SCADA. Analysis techniques mainly focused on PLC and SCADA network protocol. It is because the cyber threats and attacks targeting SCADA are mostly related to PLC or network protocol. Such research seems to continue in the future. Unfortunately, there is lack of discussion about the 'Evidence Capability' such as the preservation or integrity of the evidence extracting from SCADA system in the past researches.

• International Journal of Internet, Broadcasting and Communication
• /
• v.4 no.2
• /
• pp.17-21
• /
• 2012

As an acronym for Supervisory Control and Data Acquisition, SCADA is a concept that is used to refer to the management and procurement of data that can be used in developing process management criteria. The use of the term SCADA varies, depending on location. Conventionally, SCADA is connected only in a limited private network. In current times, there are also demands of connecting SCADA through the internet. The internet SCADA facility has brought a lot of advantages in terms of control, data generation and viewing. With these advantages, come the security issues regarding web SCADA. In this paper, we discuss web SCADA and its connectivity along with the issues regarding security and suggests a web SCADA security solution using asymmetric-key encryption.

• Proceedings of the KIEE Conference
• /
• 2008.07a
• /
• pp.1861-1862
• /
• 2008

전력계통 SCADA시스템은 그 목적상 실시간의 대규모 측정정보 취득을 목적으로 한다. 취득정보는 RTU(Remote Terminal Unit)를 통해서 SCADA시스템에 전해진 후, 필요에 따라 상위 시스템으로 다시 전송된다. 이때 RTU에서 SCADA 시스템에 취득 포인트 정보는 DNP(Distribute Network Protocol) 프로토콜을 이용해서 전송하며, RTU는 측정값의 변동에 상관없이 데이터를 SCADA 시스템에 전송한다. SCADA 시스템을 구축하기 위해서는 우선 RTU에 감시 선로 정보를 입력하고 이 정보를 다시 SCADA 시스템의 DB에 포인트 정보와 매핑을 수행해야한다. 따라서 SCADA 시스템을 구축하는데 비용과 시간이 많이 소요되고 운영 시에는 불필요한 데이터 요청과 응답이 발생하여 네트워크 트래픽을 유발한다. IEC에서 제안하는 GID 표준인터페이스를 사용할 경우에는 좀더 효과적인 데이터 교환이 가능하다. 본 논문은 GID 표준인터페이스를 이용한 효과적인 SCADA 메시지 교환에 관해 기술하였다.

• The KIPS Transactions:PartC
• /
• v.16C no.1
• /
• pp.37-50
• /
• 2009

The SCADA(Supervisory Control And Data Acquisition) system is a control system for infrastructure of nation. In the past, the SCADA system was designed without security function because of its closed operating environment. However, the security of the SCADA system has become an issue with connection to the open network caused by improved technology. In this paper we review the constraints and security requirements for SCADA system and propose advanced key management architecture for secure SCADA communications. The contributions of the present work are that our scheme support both message broadcasting and secure communications, while the existing key management schemes for SCADA system don't support message broadcasting. Moreover, by evenly spreading much of the total amount of computation across high power nodes (MTU or SUB-MTU), our protocol avoids any potential performance bottleneck of the system while keeping the burden on low power (RTU) nodes at minimal.

• Industry Promotion Research
• /
• v.2 no.2
• /
• pp.1-6
• /
• 2017

SCADA (Supervisory Control and Data Acquisition) System was first introduced to the Seoul Electricity Authority, which manages the transportation part among the three business fields that produce, transport and supply electric power in Korea. Has been using the data link with 1200 bps and 9600 bps in 5 protocols such as HARRIS 6000, BSC, HDLC, L & N and Toshiba by configuring 3 layers of EMS, SCADA and RTU computer equipments in 1: N radial form. This paper presents the OSI standard network packet flow, analyzing DataLink and Network Layer, and presents a KEPCO SCADA network model composed of X.25 high - speed communication network using 3 layers of network. We proposed a future SCADA communication structure that improved the current SCADA communication structure, defined the SCADA DB structure, introduced the concept of the remote SCADA gateway to the SCADA functional structure, applied the standard communication protocol, Multiplexing of surveillance and control in other local facilities and ensuring communication openness.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.6
• /
• pp.145-152
• /
• 2009

SCADA(Supervisory Control And Data Acquisition) systems are widely used for control and monitoring of critical infrastructures including electricity, gas and transportation. Any compromise in the security of SCADA systems could result in massive chaos and disaster at a national level if a malicious attacker takes the control of the system. Therefore, sound countermeasures must be provided when the SCADA systems are being developed as well as when they are being operated. Unlike general information processing system, SCADA systems have different service responses, communication protocols and network architectures and therefore a different approach should be applied to each SCADA systems that takes into consideration of each system's security characteristics and architectures. In addition, legal basis should be established to ensure the nationwide management of the systems security. This paper examines the vulnerabilites of SCADA systems and proposes action plans to protect the systems against cyber attacks.

• 제어로봇시스템학회:학술대회논문집
• /
• 1996.10b
• /
• pp.992-995
• /
• 1996

The major roles of Power SCADA System are continuous monitoring of electrical equipments state, real-time data processing and dispatching. Especially, SCADA system demands fast response time in heavy load condition, high reliability, fault tolerance, expansion capacity for the future. According to developing computer system technology, SCADA system is changing system configuration from centralized processing system to distributed processing system. This paper describes operational benefits, problems and improvement (which is studying in theory) in the application of Open System Architecture SCADA which has been installed since 1994, Seoul regional control center in KEPCO.

• International Journal of Internet, Broadcasting and Communication
• /
• v.4 no.1
• /
• pp.3-7
• /
• 2012

Traditionally SCADA is connected only in a limited private network. With new technology and facilities, there are also demands of connecting SCADA though the internet. The internet SCADA facility has brought a lot of advantages in terms of control, data viewing and generation. Aside from connecting SCADA to the internet, there are also operators who want to connect their system wirelessly. This can save budget for communication lines. Along with the advantages it brings, are security issues regarding wireless internet SCADA. In this paper, we discuss internet SCADA, its connection through wireless communication and the security issues surrounding it. To answer the security issues, a symmetric-key encryption for internet SCADA is proposed.