Physical process resilience-aware network design for SCADA systems

[Display omitted] •We propose a novel approach for increasing the resilience of SCADA systems.•We combine knowledge provided by human experts with automated reasoning.•We present a graph-based description of physical processes.•Performance tests demonstrate applicability to large-scale topologies.•Effectiveness proven through case studies in the power and chemical sectors. The fact that modern Supervisory Control And Data Acquisition (SCADA) systems depend omunication Technologies (ICT), is well known. Although many studies have focused on the security of these systems, today we still lack an efficient method to design resilient SCADA systems. In this paper we propose a novel network segmentation methodology that separates control hardware regulating input product flows from control hardware regulating output product flows of the associated industrial processes. Consequently, any disturbances caused by compromised network segments could be compensated by legitimate control code running on non-compromised segments. The proposed method consists of a graph-based representation of the physical process and a heuristic algorithm which generates network designs with a minimum number of segments that satisfy a set of conditions provided by a human expert. The validity of the approach is confirmed by results from two attack scenarios involving the Tennessee–Eastman chemical process.