[November 25, 2015] SCADA Cyber Security
Speaker: Asem Ghaleb​
Date: Wednesday November 25th, 2015
Time: 2pm
Location: 22-132
Summary:
SCADA (Supervisory Control and Data Acquisition) systems which are in charge of controlling and monitoring industrial processes and critical infrastructures (e.g. electricity generation, gas production, water distribution) are being increasingly targeted by cyber attacks. Such attacks continue to increase in intensity, frequency, and complexity. Consequences of such attacks range from small operations disturbance to loss of human lives. Analyzing the security of SCADA systems and designing appropriate security solutions is, consequently, an absolute necessity, in particular, in the Gulf region. Security testing on live SCADA systems, however, is not practical due to the delay and disturbance that it can inject in systems which are supposed to work 24/24, 7/7.
In this seminar, we present SCADA-SST, a SCADA Security Testbed designed and implemented in the context of an NSTIP project. The SCADA-SST is a test platform allowing to simulate almost any SCADA system architecture. The SCADA-SST is designed mainly for security testing allowing to simulate SCADA attacks and evaluate protection solutions. SCADA-SST allows hybrid architectures involving simulated hosts as well as physical components (PLCs, RTUs, etc.).
SCADA-SST allowed us to test successfully a set of serious network attacks on a physical PLC (Siemens S7-400) including a command replay attack. A live demo of this attack will be presented in the seminar using a physical PLC.