Assessing the cyber-security of the IEC 60870-5-104 protocol in SCADA system

Qassim, Qais Saif and Jamil, Norziana and Z'aba, Muhammad Reza and Kamarulzaman, Wan Azlan Wan (2020) Assessing the cyber-security of the IEC 60870-5-104 protocol in SCADA system. International Journal of Critical Infrastructures, 16 (2). pp. 91-106. ISSN 1475-3219, DOI https://doi.org/10.1504/IJCIS.2020.107242.

Full text not available from this repository.
Official URL: https://doi.org/10.1504/IJCIS.2020.107242

Abstract

Supervisory control and data acquisition (SCADA) system is the heart of almost every critical infrastructure system, whereby SCADA is generally employed in order to control and to monitor both the physical and industrial processes within these systems. It is, thus, of vital importance that any vulnerabilities of SCADA system to be identified and mitigated to prevent unplanned incidents, malicious activities, and cyber-attacks. The IEC 60870-5-104 refers to an international standard applied for tele-control in electrical engineering and power SCADA systems, which appears to be a significant principal protocol in electrical power system automation. Major industrial control vendors employ this protocol to monitor and to manage power utility devices. Nonetheless, IEC 60870-5-104 suffers from several designs and implementation weaknesses in terms of security aspects. As such, this study briefly presents this protocol and summarises its security vulnerabilities. Furthermore, it highlights the potential cyber-attacks based on the identified vulnerabilities. Additionally, the paper depicts several possible countermeasures to tighten the security of the SCADA systems. Copyright © 2020 Inderscience Enterprises Ltd.

Item Type: Article
Funders: TNB Seed Fund 2016 under a project ‘R&D in micro cryptographic engine for protecting data in SCADA link’
Uncontrolled Keywords: Authentication; Cyber attack; Encryption; IEC 60870; Power system; SCADA; Security vulnerabilities; Supervisory control and data acquisition
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Divisions: Faculty of Computer Science & Information Technology
Depositing User: Ms. Juhaida Abd Rahim
Date Deposited: 17 Aug 2020 03:51
Last Modified: 17 Aug 2020 03:51
URI: http://eprints.um.edu.my/id/eprint/25378

Actions (login required)

View Item View Item