CFP last date
20 May 2024
Call for Paper
June Edition
IJCA solicits high quality original research papers for the upcoming June edition of the journal. The last date of research paper submission is 20 May 2024

Submit your paper
Know more
The week's pick
Responsive image
Enhancing Privacy Preservation: Multi-Attribute Protection with P-Sensitive K-Anonymity

Twinkle Patel Kiran Amin
Random Articles
Reseach Article

Generic Software Risk Management Framework for SCADA System

by Abdelghafar M. Elhady, Ahmed Abou Elfetouh S., Hazem M. El-bakry, A. E. Hassan
journal cover thumbnail

International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 70 - Number 3
Year of Publication: 2013
Authors: Abdelghafar M. Elhady, Ahmed Abou Elfetouh S., Hazem M. El-bakry, A. E. Hassan
10.5120/11946-7762

Abdelghafar M. Elhady, Ahmed Abou Elfetouh S., Hazem M. El-bakry, A. E. Hassan . Generic Software Risk Management Framework for SCADA System. International Journal of Computer Applications. 70, 3 ( May 2013), 45-52. DOI=10.5120/11946-7762

@article{ 10.5120/11946-7762,
author = { Abdelghafar M. Elhady, Ahmed Abou Elfetouh S., Hazem M. El-bakry, A. E. Hassan },
title = { Generic Software Risk Management Framework for SCADA System },
journal = { International Journal of Computer Applications },
issue_date = { May 2013 },
volume = { 70 },
number = { 3 },
month = { May },
year = { 2013 },
issn = { 0975-8887 },
pages = { 45-52 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume70/number3/11946-7762/ },
doi = { 10.5120/11946-7762 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T21:31:56.130851+05:30
%A Abdelghafar M. Elhady
%A Ahmed Abou Elfetouh S.
%A Hazem M. El-bakry
%A A. E. Hassan
%T Generic Software Risk Management Framework for SCADA System
%J International Journal of Computer Applications
%@ 0975-8887
%V 70
%N 3
%P 45-52
%D 2013
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Supervisory Control and Data Acquisition(SCADA) systems is one of important software systems which are used for monitoring and controlling industrial systems that are geographically spread over thousands of kilometers. These systems need to monitor and control so many field sites through thousands of devices that are varying in type, technology and usage. There are different types of people need to access SCADA systems for different purposes. Because of the sensitivity and spreading of these systems, they are vulnerable by hackers and crackers and there are many risks may causes partially or fully breakdown. To managing the SCADA systems, there are number of solutions that had been placed. These solutions varied from detecting one to more of SCADA system risk and assessed them on real system once it occurs. This way causes some damages could happen till the risk is eliminate or could need adaption that difficult or impossible to process. We propose in this paper a new framework for assessing and managing risks of the SCADA systems before they actually implemented by using one of risk management methodologies through scanning and testing proposed SCADA system architecture and its components.

References
  1. http://en. wikipedia. org/wiki/SCADA, last visited 26/3/2013.
  2. McClanahan,andRobert H. , "SCADA and IP: Is Network Convergence Really Here?", Industry Applications Magazine, IEEE, 9(2), pp. 29-36, 2003.
  3. D. C. Mcfarlane , and S. Bussmann, "Developments in holonicproduction planning and control", production planning & control, Taylor & Francis group content, 11(6), pp. 522-536, 2000.
  4. R. M. Murray,K. J. Astrom, S. P. Boyd, R. W. Brockett, and G. Stein, "Future directions in control in aninformation-rich world", Control systems magazine, IEEE, 23(2), pp. 20-33, 2003.
  5. E. J. Byres, M. Franz, and D. Miller, "The Use ofAttack Trees in Assessing Vulnerabilities in SCADASystems", International Infrastructure Survivability Workshop (IISW'04), IEEE, Vol. 4, 2004.
  6. K. Stouffer, J. Falco, and K. Scarfone, "Guide to Industrial Control Systems (ICS) Security", Department of Commerce, National Institute of Standards and Technology(NIST), USA, 2011.
  7. J. McManus, "Risk Management inSoftware DevelopmentProjects", Elsevier Butterworth-Heinemann, ISBN 0 7506 5867 3, 2004
  8. J. Guan, J. R. Graham, and J. L. Hieb, "A Digraph Model for Risk Identification and Management in SCADA Systems",International Conference on Intelligence and Security Informatics (ISI), IEEE, china, pp. 150-155,2011.
  9. E. Luiijf, M. Alib, and A Zielstra, "Assessing and improving SCADA security in the Dutch drinking water sector", International Journal of Critical Infrastructure Protection, Elsevier, pp. 124-134, 2011.
  10. G. Hamoud, R. Chen, and I. Bradley, "Risk Assessment of Power Systems SCADA", Power Engineering Society General Meeting, IEEE, pp. 758-764, 2003.
  11. M. McQueen, W. Boyer, M. Flynn, and G. Beitel, "Quantitative Cyber Risk Reduction Estimation Methodology for a Small SCADA Control System", Proceedings of the 39th Hawaii International Conference on System Sciences, IEEE, 2006.
  12. Y. Jiaxi, M. Anjia and G. Zhizhong, "Vulnerability Assessment of Cyber Security in Power Industry", Power Systems Conference and Exposition,IEEE, pp. 2200- 2205, 2006.
  13. P. A. S. Ralston, J. H. Graham, and J. L. Hieb, "Cyber security risk assessment for SCADA and DCS networks", ISA Transactions,Elsevier, 46(4), pp. 583–594, 2007.
  14. Z. Anwar, R. Shankesi, and R. H. Campbell, "Automatic Security Assessment of Critical Cyber-Infrastructures", International Conference on Dependable Systems & Networks, IEEE, Alaska, pp. 366-375, 2008.
  15. D. J. Kang, J. J. Lee, S. J. Kim, and J. H. Park, "Analysis on Cyber Threats to SCADA systems", Conference on Transmission & Distribution: Asia and Pacific, IEEE, 2009.
  16. J. J. Lu , "Risk Awareness And Decision Support Technique For Bulk Power System"; 11th IET International Conference on Developments in Power Systems Protection (DPSP 2012), Birmingham, UK, pp. 70-74, January 2012.
  17. W. Chunlei, F. Lan and D. Yiqi, "A Simulation Environment for SCADA Security Analysis and Assessment", International Conference on Measuring Technology and Mechatronics Automation,IEEE,China, pp. 342-347, 2010.
  18. S. Patel and J. Zaveri, JOURNAL OF COMPUTERS, Academy Publisher,5(3), pp. 352-359, march 2010.
  19. http://en. wikipedia. org/wiki/Visual_programming_language, last visited 24/3/2013.
  20. http://www. ni. com/labview/, last visited 24/3/2013.
Index Terms

Computer Science
Information Sciences

Keywords

Supervisory Control and Data Acquisition(SCADA) Attack Vulnerability Cyber security Risk Software Risk Management Risk Assessments

Powered by PhDFocusTM