A Cybersecurity Detection Framework for Supervisory Control and Data Acquisition Systems

This paper presents a distributed intrusion detection system (DIDS) for supervisory control and data acquisition (SCADA) industrial control systems, which was developed for the CockpitCI project. Its architecture was designed to address the specific characteristics and requirements for SCADA cyberse...

Full description

Saved in:
Bibliographic Details
Published inIEEE transactions on industrial informatics Vol. 12; no. 6; pp. 2236 - 2246
Main Authors Cruz, Tiago, Rosa, Luis, Proenca, Jorge, Maglaras, Leandros, Aubigny, Matthieu, Lev, Leonid, Jianmin Jiang, Simoes, Paulo
Format Journal Article
LanguageEnglish
Published Piscataway IEEE 01.12.2016
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Subjects
Computer security
Control systems
Correlators
Critical infrastructure (CI) protection
Cybersecurity
industrial control systems (ICS)
Industrial electronics
Integrated circuits
intrusion detection systems (IDS)
Protocols
Reliability
SCADA systems
Supervisory control and data acquisition
supervisory control and data acquisition (SCADA)
Online AccessGet full text

Cover

More Information
Summary:This paper presents a distributed intrusion detection system (DIDS) for supervisory control and data acquisition (SCADA) industrial control systems, which was developed for the CockpitCI project. Its architecture was designed to address the specific characteristics and requirements for SCADA cybersecurity that cannot be adequately fulfilled by techniques from the information technology world, thus requiring a domain-specific approach. DIDS components are described in terms of their functionality, operation, integration, and management. Moreover, system evaluation and validation are undertaken within an especially designed hybrid testbed emulating the SCADA system for an electrical distribution grid.
ISSN:1551-3203
1941-0050
DOI:10.1109/TII.2016.2599841