Reducing security vulnerabilities for critical infrastructure

Reducing security vulnerabilities for critical infrastructure

In this paper, we show the need for improved Process Control System (PCS) security, and describe some of the promising research areas in PCS security. One implementation of PCS in critical infrastructure and factory automation is a supervisory, control, and data acquisition (SCADA) system, a real-ti...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Journal of loss prevention in the process industries 2009-11, Vol.22 (6), p.1020-1024
Hauptverfasser: Ryu, Dae Hyun, Kim, HyungJun, Um, Keehong
Format: Artikel
Sprache:eng
Schlagworte:
Distributed Control System (DCS)
Process Control System (PCS)
Security
Supervisory Control and Data Acquisition (SCADA) system
Ubiquitous Sensor Network (USN)
Vulnerability
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 1024
container_issue 6
container_start_page 1020
container_title Journal of loss prevention in the process industries
container_volume 22
creator Ryu, Dae Hyun
Kim, HyungJun
Um, Keehong
description In this paper, we show the need for improved Process Control System (PCS) security, and describe some of the promising research areas in PCS security. One implementation of PCS in critical infrastructure and factory automation is a supervisory, control, and data acquisition (SCADA) system, a real-time industrial process control system which centrally monitors and controls remote and/or local processes utilizing plant, equipment, or devices (such as switches, valves, pumps, relays, etc.) while collecting and logging field data. Current SCADA systems are distributed, networked, and dependent on open protocols for the internet, which are exposed to remote cyber terrorism. They are particularly vulnerable to unauthorized access. We give some examples of SCADA processes with natural gas control systems in USA and the Ubiquitous Sensor Network (USN) in Korea. We also examine a representative vulnerability and corresponding measures for security, and present an example of concrete measures for the security of mass transportation as a critical infrastructure.
doi_str_mv 10.1016/j.jlp.2009.07.015
format Article
fullrecord <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_miscellaneous_36184516</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><els_id>S0950423009001247</els_id><sourcerecordid>36184516</sourcerecordid><originalsourceid>FETCH-LOGICAL-c359t-ce4489fd32ab579cda5967e7e318e0b29c81983167b0eacb8b488e650436e1aa3</originalsourceid><addsrcrecordid>eNqFkE1LxDAQQHNQcP34Ad568rZ1pmmbBPEgi1-wIIieQzqdSkq3XZN2Yf-9XdaznuYw7w3ME-IaIUXA8rZN226bZgAmBZUCFidiAaaAZZ5JOBPnMbYAqECrhbh_53oi338lkWkKftwnu6nrObjKd370HJNmCAnNG0-uS3zfBBfHMNE4Bb4Up43rIl_9zgvx-fT4sXpZrt-eX1cP6yXJwoxL4jzXpqll5qpCGapdYUrFiiVqhiozpNFoiaWqgB1Vusq15rKAXJaMzskLcXO8uw3D98RxtBsfibvO9TxM0coSdV5g-S-YYZZniGYG8QhSGGIM3Nht8BsX9hbBHira1s4V7aGiBWXnirNzd3R4fnXnOdhInnvi2gem0daD_8P-Aat_fUA</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>21242119</pqid></control><display><type>article</type><title>Reducing security vulnerabilities for critical infrastructure</title><source>Elsevier ScienceDirect Journals</source><creator>Ryu, Dae Hyun ; Kim, HyungJun ; Um, Keehong</creator><creatorcontrib>Ryu, Dae Hyun ; Kim, HyungJun ; Um, Keehong</creatorcontrib><description>In this paper, we show the need for improved Process Control System (PCS) security, and describe some of the promising research areas in PCS security. One implementation of PCS in critical infrastructure and factory automation is a supervisory, control, and data acquisition (SCADA) system, a real-time industrial process control system which centrally monitors and controls remote and/or local processes utilizing plant, equipment, or devices (such as switches, valves, pumps, relays, etc.) while collecting and logging field data. Current SCADA systems are distributed, networked, and dependent on open protocols for the internet, which are exposed to remote cyber terrorism. They are particularly vulnerable to unauthorized access. We give some examples of SCADA processes with natural gas control systems in USA and the Ubiquitous Sensor Network (USN) in Korea. We also examine a representative vulnerability and corresponding measures for security, and present an example of concrete measures for the security of mass transportation as a critical infrastructure.</description><identifier>ISSN: 0950-4230</identifier><identifier>DOI: 10.1016/j.jlp.2009.07.015</identifier><language>eng</language><publisher>Elsevier Ltd</publisher><subject>Distributed Control System (DCS) ; Process Control System (PCS) ; Security ; Supervisory Control and Data Acquisition (SCADA) system ; Ubiquitous Sensor Network (USN) ; Vulnerability</subject><ispartof>Journal of loss prevention in the process industries, 2009-11, Vol.22 (6), p.1020-1024</ispartof><rights>2009 Elsevier Ltd</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c359t-ce4489fd32ab579cda5967e7e318e0b29c81983167b0eacb8b488e650436e1aa3</citedby><cites>FETCH-LOGICAL-c359t-ce4489fd32ab579cda5967e7e318e0b29c81983167b0eacb8b488e650436e1aa3</cites></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://www.sciencedirect.com/science/article/pii/S0950423009001247$$EHTML$$P50$$Gelsevier$$H</linktohtml><link.rule.ids>314,776,780,3537,27901,27902,65306</link.rule.ids></links><search><creatorcontrib>Ryu, Dae Hyun</creatorcontrib><creatorcontrib>Kim, HyungJun</creatorcontrib><creatorcontrib>Um, Keehong</creatorcontrib><title>Reducing security vulnerabilities for critical infrastructure</title><title>Journal of loss prevention in the process industries</title><description>In this paper, we show the need for improved Process Control System (PCS) security, and describe some of the promising research areas in PCS security. One implementation of PCS in critical infrastructure and factory automation is a supervisory, control, and data acquisition (SCADA) system, a real-time industrial process control system which centrally monitors and controls remote and/or local processes utilizing plant, equipment, or devices (such as switches, valves, pumps, relays, etc.) while collecting and logging field data. Current SCADA systems are distributed, networked, and dependent on open protocols for the internet, which are exposed to remote cyber terrorism. They are particularly vulnerable to unauthorized access. We give some examples of SCADA processes with natural gas control systems in USA and the Ubiquitous Sensor Network (USN) in Korea. We also examine a representative vulnerability and corresponding measures for security, and present an example of concrete measures for the security of mass transportation as a critical infrastructure.</description><subject>Distributed Control System (DCS)</subject><subject>Process Control System (PCS)</subject><subject>Security</subject><subject>Supervisory Control and Data Acquisition (SCADA) system</subject><subject>Ubiquitous Sensor Network (USN)</subject><subject>Vulnerability</subject><issn>0950-4230</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2009</creationdate><recordtype>article</recordtype><recordid>eNqFkE1LxDAQQHNQcP34Ad568rZ1pmmbBPEgi1-wIIieQzqdSkq3XZN2Yf-9XdaznuYw7w3ME-IaIUXA8rZN226bZgAmBZUCFidiAaaAZZ5JOBPnMbYAqECrhbh_53oi338lkWkKftwnu6nrObjKd370HJNmCAnNG0-uS3zfBBfHMNE4Bb4Up43rIl_9zgvx-fT4sXpZrt-eX1cP6yXJwoxL4jzXpqll5qpCGapdYUrFiiVqhiozpNFoiaWqgB1Vusq15rKAXJaMzskLcXO8uw3D98RxtBsfibvO9TxM0coSdV5g-S-YYZZniGYG8QhSGGIM3Nht8BsX9hbBHira1s4V7aGiBWXnirNzd3R4fnXnOdhInnvi2gem0daD_8P-Aat_fUA</recordid><startdate>20091101</startdate><enddate>20091101</enddate><creator>Ryu, Dae Hyun</creator><creator>Kim, HyungJun</creator><creator>Um, Keehong</creator><general>Elsevier Ltd</general><scope>AAYXX</scope><scope>CITATION</scope><scope>7U1</scope><scope>7U2</scope><scope>C1K</scope><scope>7TA</scope><scope>8FD</scope><scope>JG9</scope></search><sort><creationdate>20091101</creationdate><title>Reducing security vulnerabilities for critical infrastructure</title><author>Ryu, Dae Hyun ; Kim, HyungJun ; Um, Keehong</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c359t-ce4489fd32ab579cda5967e7e318e0b29c81983167b0eacb8b488e650436e1aa3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2009</creationdate><topic>Distributed Control System (DCS)</topic><topic>Process Control System (PCS)</topic><topic>Security</topic><topic>Supervisory Control and Data Acquisition (SCADA) system</topic><topic>Ubiquitous Sensor Network (USN)</topic><topic>Vulnerability</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Ryu, Dae Hyun</creatorcontrib><creatorcontrib>Kim, HyungJun</creatorcontrib><creatorcontrib>Um, Keehong</creatorcontrib><collection>CrossRef</collection><collection>Risk Abstracts</collection><collection>Safety Science and Risk</collection><collection>Environmental Sciences and Pollution Management</collection><collection>Materials Business File</collection><collection>Technology Research Database</collection><collection>Materials Research Database</collection><jtitle>Journal of loss prevention in the process industries</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Ryu, Dae Hyun</au><au>Kim, HyungJun</au><au>Um, Keehong</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Reducing security vulnerabilities for critical infrastructure</atitle><jtitle>Journal of loss prevention in the process industries</jtitle><date>2009-11-01</date><risdate>2009</risdate><volume>22</volume><issue>6</issue><spage>1020</spage><epage>1024</epage><pages>1020-1024</pages><issn>0950-4230</issn><abstract>In this paper, we show the need for improved Process Control System (PCS) security, and describe some of the promising research areas in PCS security. One implementation of PCS in critical infrastructure and factory automation is a supervisory, control, and data acquisition (SCADA) system, a real-time industrial process control system which centrally monitors and controls remote and/or local processes utilizing plant, equipment, or devices (such as switches, valves, pumps, relays, etc.) while collecting and logging field data. Current SCADA systems are distributed, networked, and dependent on open protocols for the internet, which are exposed to remote cyber terrorism. They are particularly vulnerable to unauthorized access. We give some examples of SCADA processes with natural gas control systems in USA and the Ubiquitous Sensor Network (USN) in Korea. We also examine a representative vulnerability and corresponding measures for security, and present an example of concrete measures for the security of mass transportation as a critical infrastructure.</abstract><pub>Elsevier Ltd</pub><doi>10.1016/j.jlp.2009.07.015</doi><tpages>5</tpages></addata></record>
fulltext fulltext
identifier ISSN: 0950-4230
ispartof Journal of loss prevention in the process industries, 2009-11, Vol.22 (6), p.1020-1024
issn 0950-4230
language eng
recordid cdi_proquest_miscellaneous_36184516
source Elsevier ScienceDirect Journals
subjects Distributed Control System (DCS)
Process Control System (PCS)
Security
Supervisory Control and Data Acquisition (SCADA) system
Ubiquitous Sensor Network (USN)
Vulnerability
title Reducing security vulnerabilities for critical infrastructure
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-02-02T04%3A44%3A39IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Reducing%20security%20vulnerabilities%20for%20critical%20infrastructure&rft.jtitle=Journal%20of%20loss%20prevention%20in%20the%20process%20industries&rft.au=Ryu,%20Dae%20Hyun&rft.date=2009-11-01&rft.volume=22&rft.issue=6&rft.spage=1020&rft.epage=1024&rft.pages=1020-1024&rft.issn=0950-4230&rft_id=info:doi/10.1016/j.jlp.2009.07.015&rft_dat=%3Cproquest_cross%3E36184516%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=21242119&rft_id=info:pmid/&rft_els_id=S0950423009001247&rfr_iscdi=true