2.

3 Part III: Control Systems and Protocols

The necessity of considering the security and robustness of control systems was well-
recognised by researchers at the time the present volume was conceived; it has since
regrettably become a far more public concern that is unlikely to fade from sight. In part
this is attributable to the prevalence of legacy systems dating back to insulated environ-
ments with limited capabilities, which is likely to become less of a concern over time as
facilities are modernised or retired altogether. However, several other concerns such as the
need to operate under hard real-time constraints or the overriding importance of-ten placed
on availability and reliability over security are likely to pose challenges for enhancing the
robustness of control systems to different types of disruptions, which do also include
deliberate attacks. Moreover, some concerns are less likely to arise in infor-mation
systems otherwise, namely the need to trade off security and the confidence of having
adequate controllability over a facility and its products against the risk of loss of function
such as production outputs or even damage to equipment and endangering the environment
or placing lives at risk. In such cases decisions must be made rapidly, often based on
incomplete and unreliable information, which is unlikely to be possible in a fully
automated manner. This aspect of protecting the critical information infrastructure hence
inevitably also touches the boundaries of other areas including human-computer
interaction and incident management rather than being able to restrict inquiries to the
design of robust and secure systems since threats such as physical subversion, vulnera-
bilities, or malicious insider activities are likely to invalidate underlying assumptions.
The chapter by Alcaraz, Fernandez and Carvajal hence focuses on providing basic
guidelines for a suitable secure management of current SCADA systems, which con-verge
on the use and dependence on new ICT systems for automation and control from anywhere
and anytime. These types of advances and the use of new technologies bring new security
issues and a large number of potential risks due to threats, vulnerabilities and failures
associated to them. As authors point out, it is necessary to take into ac-count some security
aspects that allow the system to protect itself against any possible anomalous
event/situation. To this end, some aspects related to network architecture,
interdependences and consequences are analysed in-depth throughout the chapter in order
to identify problems and their security solutions. Most of these solutions are nar-rowly
related to secure management by means of standards, security policies, official
recommendations, best practices and technical specifications to ensure interoperabil-ity
between SCADA components, systems and entities. Detection and prevention as-pects,
and incident response topics are also discussed, identifying tools, systems and
methodologies to apply in these types of critical systems. Moreover, an adaptive alarm
 Overview of Critical Information Infrastructure Protection 9

management system based on reputation is presented in order to show how a SCADA system could intelligently
assign alarms to the best operators in the field, and thereby ensuring an efficiently speed up the response.
Solutions and approaches are equally analysed for a Smart Grid context whose main control is located in a
SCADA system.
Also in the scope of SCADA, a chapter on protocol vulnerabilities by Rrushi fol-lows. As the author points
out, most of network traffic in process control networks is generated by industrial communication protocols,
what causes that a large number of attack techniques that apply to process control systems can be conducted
over in-dustrial communication protocols. The author provides with a technical discussion of possible
vulnerabilities in industrial communication protocols, with specific reference to ModBus and the IEC 61850
protocols, considered as representatives of the protocols currently deployed in digitally controlled physical
infrastructures such as power plants and electrical substations. In this sense, Modbus has been selected as
representative of bit-oriented protocols in terms of design while IEC 61850 has been selected because it adopts
the emerging paradigm of object-oriented process control communications. It is important to note that Rrushi
elaborates on how the vulnerabilities are exploited. In de-tail, the chapter discusses vulnerabilities regarding
weak or missing authentication and integrity checks of industrial protocol traffic along with some of the
computer network attacks that exploit those vulnerabilities. Then, memory corruption vulnerabilities as applied
to implementations of industrial communication protocols are also discussed. Besides, the chapter also includes
a description of various techniques that leverage a computer network attack to cause physical damage via
disruption of physical processes and equipment.
This part of the book finishes with a chapter authored by Khelil, Germanus and Suri that focuses on the protection
of SCADA communication channels. Generally speaking, in this chapter the existing approaches for SCADA
communication protection are com-prehensively surveyed and categorized, and also upcoming research technologies
on enhancing the protection of SCADA communication are presented. More precisely, the paper describes the
communication assets of SCADA systems and their requirements on protection, and also outline the key threats,
vulnerabilities and security weaknesses of SCADA systems that may present a danger for their proper operation.
Then, existing techniques for the protection of SCADA communication channels are discussed. Inter-estingly, authors
classify them into three main categories: techniques for resilience to network perturbations, cryptographic protection
of SCADA communication, and trust-worthy interconnection of SCADA systems. Further, authors focus on
middleware tech-niques as they are have general applicability and also conform with the clear IP trend in SCADA
components, and analyse two middleware add-on protection techniques, the INSPIRE P2P-based middleware and the
GridStat middleware. As shown by authors, both techniques aim at augmenting the trustworthiness of deployed
SCADA systems, primarily utilizing the approach of controllable data replication.