Cloud assisted io t-based scada systems security- a review of the state of the art and future challenges.
for more ieee paper / full abstract / implementation , just visit www.redpel.com
Control on Remote Sensing Network using Cloud Computing Services
The document discusses using cloud computing services and ZigBee wireless technology to remotely monitor and control sensing devices over a network. It proposes a system where sensors in a home transmit data to a transmitter via ZigBee, which then sends the data to a receiver and cloud database for remote access and control of devices. The system aims to minimize power consumption and improve communication performance for real-time home automation and monitoring applications.
IRJET- Monitoring and Detecting Abnormal Behaviour in Mobile Cloud Infrastruc...
This document presents a new mobile cloud infrastructure that combines mobile devices and cloud services to provide virtual mobile instances through cloud computing. It discusses possible security threats in this new infrastructure and proposes an architecture to detect abnormal behavior. Machine learning techniques like random forest algorithms are used to test the methodology. The system aims to address challenges in existing systems and provide end-to-end security and abnormal behavior detection in the mobile cloud without requiring specific software installation on user devices.
Report-Fog Based Emergency System For Smart Enhanced Living Environment
Report-An ambient assisted-living emergency system exploits cloud and fog computing, an outdoor positioning mechanism, and emergency and communication protocols to locate activity-challenged individuals.
A Survey of Cloud Computing Security Issues and Consequences
The paradigm called “Cloud computing” acts as a mechanism for attaining the resources of shared technology and infrastructure cost-effectively. The on-demand services are accomplished to execute the various operations across the network. Regularly, the last client doesn't know about the area of open physical assets and devices. Developing, using, and dealing with their applications 'on the cloud', which includes virtualization of assets that keeps and guides itself are led by arranged activities to clients. Calculation experience the new methodology of cloud computing which perhaps keeps the world and can set up all the human necessities. At the end of the day, cloud computing is the ensuing normal step in the development of on-request data innovation administrations and items. The Cloud is an allegory for the Internet and is an idea for the secured confused foundation; it likewise relies upon drawing network graphs on a computer. In this work, thorough investigations of distributed computing security and protection concerns are given. The work distinguishes both the identified and unidentified attacks, vulnerabilities in the cloud, security attacks and also the solutions to control these threats and attacks. Moreover, the restrictions of the present solutions and offers various perceptions of security viewpoints are distinguished and explored. At long last, a cloud security system is given in which the different lines of protection and the reliance levels among them are identified.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
IRJET- An Effective Protection on Content based Retrieval in Cloud StorehouseIRJET Journal
This document discusses content-based retrieval in cloud storage and proposes an effective protection method. It begins with background on cloud computing and discusses traditional encrypted search methods and their limitations, including vulnerabilities to attacks. The proposed system design generates an order-preserving encrypted password and splits files and indexes into encrypted parts. It then splits an uploaded secure image into a source image and key image using a binocular visual cryptography algorithm. The encrypted files, source image, and password are stored in the cloud. When a user requests a file, the cloud verifies and sends the password and key image. To access the file, the user must submit the matching key image. This prevents unauthorized access while allowing efficient encrypted searching and retrieval from the cloud.
CLOUD COMPUTING SECURITY IN BUSINESS INFORMATION SYSTEMSIJNSA Journal
Cloud computing providers‘ and customers‘ services are not only exposed to existing security risks, but, due to multi-tenancy, outsourcing the application and data, and virtualization, they are exposed to the emergent, as well. Therefore, both the cloud providers and customers must establish information security system and trustworthiness each other, as well as end users. In this paper we analyze main international and industrial standards targeting information security and their conformity with cloud computing security challenges. We evaluate that almost all main cloud service providers (CSPs) are ISO 27001:2005 certified, at minimum. As a result, we propose an extension to the ISO 27001:2005 standard with new control objective about virtualization, to retain generic, regardless of company’s type, size and nature, that is, to be applicable for cloud systems, as well, where virtualization is its baseline. We also define a quantitative metric and evaluate the importance factor of ISO 27001:2005 control objectives if customer services are hosted on-premise or in cloud. The conclusion is that obtaining the ISO 27001:2005 certificate (or if already obtained) will further improve CSP and CC information security systems, and introduce mutual trust in cloud services but will not cover all relevant issues. In this paper we also continue our efforts in business continuity detriments cloud computing produces, and propose some solutions that mitigate the risks.
In 2006, Cyber Physical Systems (CPS), the new word was invented in the United States [1]. The combination of devices like sensors with embedded systems is quickly receiving its place in cyber world. These devices jointly with the information filed are becoming the main focal point, called as Cyber Physical Systems. This word was found keeping in mind the escaling significance of relations among the mutually related computing systems with the physical world [2]. The author of this paper gives an overview of CPS architecture, its functions and its security threat.
Citation: Navin Dhinnesh ADC, Mepco Schlenk Engineering College. "Cyber Physical System." Global Research and Development Journal For Engineering 34 2018: 12 - 14.
Control on Remote Sensing Network using Cloud Computing ServicesIRJET Journal
The document discusses using cloud computing services and ZigBee wireless technology to remotely monitor and control sensing devices over a network. It proposes a system where sensors in a home transmit data to a transmitter via ZigBee, which then sends the data to a receiver and cloud database for remote access and control of devices. The system aims to minimize power consumption and improve communication performance for real-time home automation and monitoring applications.
IRJET- Monitoring and Detecting Abnormal Behaviour in Mobile Cloud Infrastruc...IRJET Journal
This document presents a new mobile cloud infrastructure that combines mobile devices and cloud services to provide virtual mobile instances through cloud computing. It discusses possible security threats in this new infrastructure and proposes an architecture to detect abnormal behavior. Machine learning techniques like random forest algorithms are used to test the methodology. The system aims to address challenges in existing systems and provide end-to-end security and abnormal behavior detection in the mobile cloud without requiring specific software installation on user devices.
Report-Fog Based Emergency System For Smart Enhanced Living EnvironmentKEERTHANA M
Report-An ambient assisted-living emergency system exploits cloud and fog computing, an outdoor positioning mechanism, and emergency and communication protocols to locate activity-challenged individuals.
The paradigm called “Cloud computing” acts as a mechanism for attaining the resources of shared technology and infrastructure cost-effectively. The on-demand services are accomplished to execute the various operations across the network. Regularly, the last client doesn't know about the area of open physical assets and devices. Developing, using, and dealing with their applications 'on the cloud', which includes virtualization of assets that keeps and guides itself are led by arranged activities to clients. Calculation experience the new methodology of cloud computing which perhaps keeps the world and can set up all the human necessities. At the end of the day, cloud computing is the ensuing normal step in the development of on-request data innovation administrations and items. The Cloud is an allegory for the Internet and is an idea for the secured confused foundation; it likewise relies upon drawing network graphs on a computer. In this work, thorough investigations of distributed computing security and protection concerns are given. The work distinguishes both the identified and unidentified attacks, vulnerabilities in the cloud, security attacks and also the solutions to control these threats and attacks. Moreover, the restrictions of the present solutions and offers various perceptions of security viewpoints are distinguished and explored. At long last, a cloud security system is given in which the different lines of protection and the reliance levels among them are identified.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
1) OT cybersecurity requires taking a holistic view of plant risk that considers impacts beyond financials, such as safety, environmental and operational impacts. Assets should be classified according to risk so priorities can be set.
2) Knowing the assets in the OT environment is essential before strategies can be developed. New technologies can help with asset inventory.
3) OT cybersecurity responsibilities need to be clearly defined, which could include one or two CISO roles to oversee both IT and OT, with close collaboration.
IRJET- Exploring the Nuances of Internet of Things in Health Care Assisting S...IRJET Journal
The document discusses how the Internet of Things (IoT) is transforming healthcare. IoT connects physical devices like thermometers and weight scales to the internet, allowing real-time patient health data to be digitally collected and analyzed. This enables remote monitoring of patients and facilitates quick healthcare interventions. The document outlines several key IoT technologies that enable healthcare applications, such as smart sensors, gateways, and medical devices with low-power capabilities and graphical interfaces. Overall, the IoT has significant potential to improve healthcare by powering new smart and wireless health systems.
IRJET- Secured Mind Uploading Method in Wireless Body Area NetworkIRJET Journal
This document summarizes a research paper that proposes a secured method for uploading a user's mind or critical data to the cloud after they lose consciousness or pass away. The key points are:
1. It uses wireless body area network (WBAN) sensors to monitor the user's heartbeat and activity to determine if they are dead or in a coma state.
2. An elliptical curve cryptography (ECC) method is used to encrypt the critical user data before uploading it to the cloud, providing security and allowing only authorized access.
3. The ECC method uses smaller encryption keys compared to other techniques, making it faster and more efficient for uploading biological data from the WBAN sensors.
A PRIVACY PROTECTION SCHEME TO TRANSMIT MEDICAL DATA FROM WEARABLE DEVICES TO...AM Publications
In the current scenarios, there was a huge demand for the wearable devices due to the development of clouds and cloudlet technology. So there has been wide essential to offer a better medical care to the people. For processing the patient medical information from one system to another includes various phases such as data collection, data storage, data sharing, etc. In the case of traditional healthcare system, it needs medical data transformation to cloud which includes user’s sensitive data and further cause’s communication energy consumption. Basically, medical data sharing referred as a most challenging issue. So, this research provides an apt solution to the medical data sharing. Here, a novel healthcare system is being developed by making use of flexibility of cloudlet. The cloudlet mainly functions to provide privacy protection, data sharing and intrusion detection. NTRU (Number Theory Research Unit) method is being initially used here to encrypt the user’s information that is being gathered through wearable devices. This information will be further transmitted to the nearest cloudlet in an energy efficient way. Apart from this method, this research also proposes a new trust model to assist the users to choose trustable partners whoever wishes to share the information stored in cloudlet. This model mainly helps the patients who are suffering from some health problems by communicating with each other. The user’s medical information which is being stored in remote cloud of hospital is classified into three parts and further secures them. For securing the healthcare system from malicious attacks this research developed a novel collaborative IDS (Intrusion Detection System) method through cloudlet mesh. As this can secure the remote healthcare big data cloud from various attacks. Finally, NTRU and AES-Rijndael algorithm are being used in order to attain more robust functionality. For implementation, Java technologies have been used to prove that proposed scheme remains effective.
Cloud Computing has emerged as the premier infrastructure for creating affordable, scalable and reliable IT solutions for companies of all sizes. However, as with all new technologies, Cloud Computing poses many demanding security considerations, and each must be addressed to ensure the confidentiality, integrity, availability, authenticity, and privacy of a developer’s product.
This document summarizes an article about providing security in cloud networks. It discusses how cloud computing provides benefits but also security concerns as cloud resources can be compromised without proper security policies. It recommends defining policy management, performing risk analysis, and taking countermeasures. The document also lists some upsides of cloud computing like scalability and cost efficiency, but also downsides like losing control over data security once data is transferred to the cloud. It suggests using encryption to keep sensitive data secure across cloud platforms.
This document discusses security challenges in cloud computing and proposes a framework to address them. It begins by reviewing existing literature on cloud security that identifies threats like VM-level attacks, management interface compromise, and compliance risks. It then discusses specific threats to cloud computing like changes to business models, abusive use of cloud resources, insecure APIs, and issues from shared infrastructure and multitenancy. The document proposes a cloud security model and framework to define security challenges and help providers enforce complex security policies to detect and prevent attacks in cloud environments.
This document discusses security issues related to data storage in cloud computing. It begins with an introduction explaining that security and privacy are major challenges due to storing data remotely in the cloud. It then discusses specific threats like loss of confidentiality, integrity, and availability of data stored in the cloud. It also discusses threats to data privacy. The document concludes by analyzing different security techniques that can help protect data security and privacy in cloud computing.
Conceptual Model of Real Time Infrastructure Within Cloud Computing EnvironmentCSCJournals
Cloud computing is a new and most demandable technology in communication environment. Where computing resources such as hardware or/and software are processed as service over networks. SCADA implementation within cloud environment is relatively new and demandable over real time infrastructure (industrial infrastructure).The shifting (moving) of SCADA system (applications and resources) within cloud based infrastructure,meanfully overcome the cost and improve the reliability and performance of whole system. Cloud computing provides on-demand network access and batch of computing services for SCADA system. The current research paper takes two conceptual ideas to implement SCADA system within cloud computing (Hybrid Cloud) environment. In the first phase, SCADA applications are processed entirely inside the hybrid cloud. In the second phase, SCADA applications are running in separate application server directly connected to devices in a SCADA network and rest of paper discusses the security related to SCADA and cloud computing communication.
Dissertations are among the most important pieces of work which students complete at university. And they allow you to work individually and on something that truly attracts you. Computer science is a hot field for researchers. Many topic ideas can be generated for a dissertation in this special branch of engineering.
Ph.D. Assistance serves as an external mentor to brainstorm your idea and translate that into a research model. Hiring a mentor or tutor is common and therefore let your research committee know about the same. We do not offer any writing services without the involvement of the researcher.
Learn More: https://bit.ly/3bWsGpz
Contact Us:
Website: https://www.phdassistance.com/
UK NO: +44–1143520021
India No: +91–4448137070
WhatsApp No: +91 91769 66446
Email: info@phdassistance.com
CLASS 2018 - Palestra de Mariana Pereira (Diretora – Darktrace)TI Safe
This document summarizes Darktrace's artificial intelligence and machine learning-based cybersecurity technology called the "Industrial Immune System". The system passively learns what normal activity looks like on networks in real time for each device and user without any configuration. It then detects threats and anomalies to identify both insider and external hackers across operational technology, information technology, and internet of things networks and devices. Darktrace offers proof of value trials where their appliance is deployed for 4 weeks to analyze threats and provide weekly customized reports without any custom models or configuration required.
This document discusses trends in threats to SCADA (Supervisory Control and Data Acquisition) systems. It notes that as SCADA systems increasingly use commercial off-the-shelf software and connect to the internet, they have become more vulnerable to cyber threats. The document outlines how SCADA systems work and components like RTUs, PLCs, and HMIs. It also discusses issues like the mistaken belief that SCADA systems are secure due to physical security or isolation from the internet. The conclusion suggests that as capabilities and opportunities for threats increase, the future operational environment will be more vulnerable if an actor emerges with the intent to cause harm.
Augmentation of a SCADA based firewall against foreign hacking devices IJECEIAES
This document summarizes a research paper that implemented a SCADA-based firewall to protect data transmission from external hacking devices. The paper first discusses a case study where an industrial control system was hacked 46 times. It then provides an overview of industrial firewalls and the differences between industrial and IT firewalls. The paper describes configuring a Tofino industrial firewall with SCADA-HMI and PLC assets. It tests the firewall by simulating scenarios without and with the firewall, showing the firewall prevents an attacker from accessing the PLC simulator based on communication protocols. The paper concludes customized industrial firewalls are needed and protocols must be regularly updated as cyber attacks evolve.
Supervisory control and data acquisition (SCADA) are applications that collect data from a system in order to automate the monitoring and controlling of its activities. Several industrial fields such as, electric utilities, water supplies and buildings’ facilities have already adopted SCADA systems to increase the efficiency and reduce cost. However, the IT community is concerned about the level of security that any applied SCADA system provides. This paper concentrates on the major security threats encountered in SCADA systems. In addition, it discusses a new proposed methodology in order to increase the system security with minimal impact on efficiency. The proposed scheme provides several security services which are mutual authentication, confidentiality, data integrity and accountability.
Practical analysis of the cybersecurity of European smart gridsSergey Gordeychik
This paper summarizes the experience gained during a series of
practical cybersecurity assessments of various components of Europe’s
smart electrical grids.
Supervisory control and data acquisition (SCADA) are applications that collect data from a system in order to automate the monitoring and controlling of its activities. Several industrial fields such as, electric utilities, water supplies and buildings' facilities have already adopted SCADA systems to increase the efficiency and reduce cost. However, the IT community is concerned about the level of security that any applied SCADA system provides. This paper concentrates on the major security threats encountered in SCADA systems. In addition, it discusses a new proposed methodology in order to increase the system security with minimal impact on efficiency. The proposed scheme provides several security services which are mutual authentication, confidentiality, data integrity and accountability.
Dhana Raj Markandu: Control System Cybersecurity - Challenges in a New Energy...Dhana Raj Markandu
Conference on Electricity Power Supply Industry (CEPSI) 2012, Bali, Indonesia
(Accepted for presentation but not published due to unforeseen withdrawal of author)
DEEP LEARNING FOR SMART GRID INTRUSION DETECTION: A HYBRID CNN-LSTM-BASED MODELijaia
As digital technology becomes more deeply embedded in power systems, protecting the communication
networks of Smart Grids (SG) has emerged as a critical concern. Distributed Network Protocol 3 (DNP3)
represents a multi-tiered application layer protocol extensively utilized in Supervisory Control and Data
Acquisition (SCADA)-based smart grids to facilitate real-time data gathering and control functionalities.
Robust Intrusion Detection Systems (IDS) are necessary for early threat detection and mitigation because
of the interconnection of these networks, which makes them vulnerable to a variety of cyberattacks. To
solve this issue, this paper develops a hybrid Deep Learning (DL) model specifically designed for intrusion
detection in smart grids. The proposed approach is a combination of the Convolutional Neural Network
(CNN) and the Long-Short-Term Memory algorithms (LSTM). We employed a recent intrusion detection
dataset (DNP3), which focuses on unauthorized commands and Denial of Service (DoS) cyberattacks, to
train and test our model. The results of our experiments show that our CNN-LSTM method is much better
at finding smart grid intrusions than other deep learning algorithms used for classification. In addition,
our proposed approach improves accuracy, precision, recall, and F1 score, achieving a high detection
accuracy rate of 99.50%.
DEEP LEARNING FOR SMART GRID INTRUSION DETECTION: A HYBRID CNN-LSTM-BASED MODELgerogepatton
As digital technology becomes more deeply embedded in power systems, protecting the communication
networks of Smart Grids (SG) has emerged as a critical concern. Distributed Network Protocol 3 (DNP3)
represents a multi-tiered application layer protocol extensively utilized in Supervisory Control and Data
Acquisition (SCADA)-based smart grids to facilitate real-time data gathering and control functionalities.
Robust Intrusion Detection Systems (IDS) are necessary for early threat detection and mitigation because
of the interconnection of these networks, which makes them vulnerable to a variety of cyberattacks. To
solve this issue, this paper develops a hybrid Deep Learning (DL) model specifically designed for intrusion
detection in smart grids. The proposed approach is a combination of the Convolutional Neural Network
(CNN) and the Long-Short-Term Memory algorithms (LSTM). We employed a recent intrusion detection
dataset (DNP3), which focuses on unauthorized commands and Denial of Service (DoS) cyberattacks, to
train and test our model. The results of our experiments show that our CNN-LSTM method is much better
at finding smart grid intrusions than other deep learning algorithms used for classification. In addition,
our proposed approach improves accuracy, precision, recall, and F1 score, achieving a high detection
accuracy rate of 99.50%.
Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...Abhishek Goel
SCADA systems control some of the most vital infrastructure in industrial and energy sectors, from oil and gas pipelines to nuclear facilities to water treatment plants.
Critical infrastructure is defined as the physical and IT assets, networks and services that if disrupted or destroyed would have a serious impact on the health, security, or economic wellbeing of citizens and the efficient functioning of a country’s government.
Privacy Protection in Distributed Industrial Systemiosrjce
IOSR Journal of Computer Engineering (IOSR-JCE) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of computer engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in computer technology. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
This document summarizes a research paper about ensuring privacy protection in distributed industrial systems. It begins with an abstract that discusses how traditional cybersecurity approaches may not be effective for industrial networks due to their unique characteristics. It then provides background on industrial automation control systems and typical network configurations. The main goal of the paper is to assess the current security situation for most industrial distributed systems and discuss key elements like system characteristics, standardization efforts, and effective security controls.
This document provides an overview of Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems (ICS), including fundamentals, evolution over time, vulnerabilities, security frameworks, good practices, and resources. It defines SCADA/ICS, describes how they have become more interconnected, lists vulnerabilities like outdated systems and remote access, outlines security standards like NIST and NERC, recommends practices like segmentation and patching, and provides example frameworks and resources.
Cryptography and Authentication Placement to Provide Secure Channel for SCADA...CSCJournals
Supervisory control and data acquisition (SCADA) systems and Distributed control systems (DCS) were developed to reduce labor costs, and to allow system-wide monitoring and remote control from a central location. Control systems are widely used in critical infrastructures such as electric grid, natural gas, water, and wastewater industries. While control systems can be vulnerable to a variety of types of cyber attacks that could have devastating consequences, however, little attention is given to security considerations in the initial design and deployment of these systems, which has caused an urgent need to upgrade existing systems to withstand unauthorized intrusions potentially leading to communication attacks [1]. The current paper take a Hybrid-based Cryptography (combination of Symmetric AES and Asymmetric RSA) solution to enable confidentiality and authentication placed at each end of SCADA communication and provides secure channel for communication between MTU Terminal Unit (MTU) to Remote Terminal Units (RTUs) and/or RTUs to MTU.
Security Issues in SCADA based Industrial Control Systems aswanthmrajeev112
This document discusses security concerns in industrial control systems. It provides an overview of industrial control systems (ICS) and SCADA systems, which are widely used to control infrastructure systems. It outlines several vulnerabilities in ICS, including issues with legacy systems not being designed with modern cybersecurity threats in mind. Specific threats like zero-day vulnerabilities, non-prioritized tasks, and database/communication protocol issues are examined. The conclusion states that additional digital security techniques are needed to protect critical infrastructure control systems.
Cloud Computing for Medical Application and Health CareIRJET Journal
This document discusses how cloud computing can be implemented in the healthcare industry to address challenges. It begins by defining cloud computing and describing its types (public, private, hybrid) and service models (SaaS, PaaS, IaaS). The document then outlines benefits of cloud computing for healthcare like cost reduction, speed, and security. It also discusses technical challenges currently faced in healthcare like integration and payment models. Examples are given of how cloud computing has already benefited healthcare through applications like telemedicine, remote access to medical records, and cloud-based ECG systems. However, privacy and security are identified as ongoing challenges to address for healthcare adoption of cloud computing.
Authentication And Authorization Issues In Mobile Cloud Computing A Case StudyAngie Miller
The document discusses authentication and authorization issues in mobile cloud computing. It presents the mobile cloud computing (MCC) security solution developed and applied by STMicroelectronics. The solution addresses issues like reducing the need to store multiple passwords/usernames for different services and simplifying security policy management. It takes into account the complexity of STMicroelectronics' geographical and organizational structure. The solution and the tools/technologies used are described. Conclusions on the solution are also discussed.
A reliable next generation cyber security architecture for industrial interne...IJECEIAES
Architectural changes are happening in the modern industries due to the adaption and the deployment of „Internet of Things (IoT)‟ for monitoring and controlling various devices remotely from the external world. The most predominant place where the IoT technology makes the most sense is the industrial automation processes in smart industries (Industry 4.0). In this paper, a reliable „Next Generation Cyber Security Architecture (NCSA)‟ is presented for Industrial IoT (IIoT) environment that detects and thwarts cybersecurity threats and vulnerabilities. It helps to automate the processes of exchanging real-time critical information between devices without any human intervention. It proposes an analytical framework that can be used to protect entities and network traffics involved in the IIoT wireless communication. It incorporates an automated cyber-defense authentication mechanism that detects and prevents security attacks when a network session has been established. The defense mechanism accomplishes the required level of security protection in the network by generating an identity token which is cryptographically encrypted and verified by a virtual gateway system. The proposed NCSA improves security in the IIoT environment and reduces operational management cost.
Darktrace's Industrial Immune System provides continuous threat monitoring for critical infrastructure organizations like oil and gas, energy, and manufacturing plants. It uses advanced machine learning and behavioral analytics to establish a baseline of normal activity on industrial control systems (ICS) networks. This allows it to detect abnormal and potentially malicious behavior in real-time, even from unknown threats, and flag them for investigation before they can cause major issues. As ICS networks increasingly connect to corporate IT networks and the internet, they become more vulnerable to cyber attacks but existing defenses like firewalls have proven inadequate, making a solution like Darktrace's important for enhanced protection.
This document provides an overview of threats to industrial control systems (ICS) in 2015-2016. It finds that ICS incidents increased significantly, with 295 reported in 2015 alone. The main targets were critical manufacturing, energy, water and dams, and transportation systems. Nation-states, cybercriminals, and insiders engaged in attacks that disrupted operations and in some cases caused physical damage. Going forward, the threats are expected to grow as adversaries develop new tactics like ransomware targeting ICS and insider threats continue to be a problem. Organizations must take steps to strengthen ICS security through measures like secure network architecture and incident response planning.
SCADA Systems Vulnerabilities and Blockchain Technologyijtsrd
SCADA systems are one of the most important part of industrial operations. Before SCADA, plant personnel had to monitor and control industrial process via selector switches, pushbuttons and dials for analog signals. As manufacturing grew and sites became more remote, relays and timers were used to assist supervision. With the onset of technology and advent of network based protocols, these systems became more reliable, fast and it became easy to troubleshoot problems. Indeed progress also brings vulnerabilities, which was no new for SCADA. The IP protocols brought threat to the security of these systems. The devastation that cyber predators on SCADA can inflict, could be illustrated by the Stuxnet virus attack. This paper discusses what SCADA systems are, their uses, protocols being used by these systems, vulnerabilities and ways to combat those vulnerabilities. It focusses on the use of Blockchain Technology as a step in security of such systems. Diksha Chhonkar | Garima Pandey "SCADA Systems: Vulnerabilities and Blockchain Technology" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-4 | Issue-4 , June 2020, URL: https://www.ijtsrd.com/papers/ijtsrd31586.pdf Paper Url :https://www.ijtsrd.com/computer-science/computer-security/31586/scada-systems-vulnerabilities-and-blockchain-technology/diksha-chhonkar
Similar to Cloud assisted io t-based scada systems security- a review of the state of the art and future challenges (20)
An efficient tree based self-organizing protocol for internet of thingsredpel dot com
An efficient tree based self-organizing protocol for internet of things.
for more ieee paper / full abstract / implementation , just visit www.redpel.com
Validation of pervasive cloud task migration with colored petri netredpel dot com
The document describes a study that used Colored Petri Nets (CPN) to model and simulate task migration in pervasive cloud computing environments. The study made the following contributions:
1) It expanded the semantics of CPN to include context information, creating a new CPN model called CCPN.
2) Using CCPN, it constructed two task migration models - one that considered context and one that did not - to simulate task migration in a pervasive cloud based on the OSGi framework.
3) It simulated the two models in CPN Tools and evaluated them based on metrics like task migration accessibility, integrity of the migration process, and system reliability and stability after migration. It also
Web Service QoS Prediction Based on Adaptive Dynamic Programming Using Fuzzy ...redpel dot com
The document proposes a novel approach for predicting quality of service (QoS) metrics for cloud services. The approach combines fuzzy neural networks and adaptive dynamic programming (ADP) for improved prediction accuracy. Specifically, it uses an adaptive-network-based fuzzy inference system (ANFIS) to extract fuzzy rules from QoS data and employ ADP for online parameter learning of the fuzzy rules. Experimental results on a large QoS dataset demonstrate the prediction accuracy of this approach. The approach also provides a convergence proof to guarantee stability of the neural network weights during training.
Towards a virtual domain based authentication on mapreduceredpel dot com
This document proposes a novel authentication solution for MapReduce (MR) models deployed in public clouds. It begins by describing the MR model and job execution workflow. It then discusses security issues with deploying MR in open environments like clouds. Next, it specifies requirements for an MR authentication service, including entity identification, credential revocation, and authentication of clients, MR components, and data. It analyzes existing MR authentication methods and finds they do not fully address the needs of cloud-based MR deployments. The paper then proposes a new "layered authentication solution" with a "virtual domain based authentication framework" to better satisfy the requirements.
Privacy preserving and delegated access control for cloud applicationsredpel dot com
Privacy preserving and delegated access control for cloud applications
for more ieee paper / full abstract / implementation , just visit www.redpel.com
Performance evaluation and estimation model using regression method for hadoo...redpel dot com
Performance evaluation and estimation model using regression method for hadoop word count.
for more ieee paper / full abstract / implementation , just visit www.redpel.com
Frequency and similarity aware partitioning for cloud storage based on space ...redpel dot com
Frequency and similarity aware partitioning for cloud storage based on space time utility maximization model.
for more ieee paper / full abstract / implementation , just visit www.redpel.com
Multiagent multiobjective interaction game system for service provisoning veh...redpel dot com
Multiagent multiobjective interaction game system for service provisoning vehicular cloud
for more ieee paper / full abstract / implementation , just visit www.redpel.com
Efficient multicast delivery for data redundancy minimization over wireless d...redpel dot com
Efficient multicast delivery for data redundancy minimization over wireless data centers
for more ieee paper / full abstract / implementation , just visit www.redpel.com
I-Sieve: An inline High Performance Deduplication System Used in cloud storageredpel dot com
I-Sieve: An inline High Performance Deduplication System Used in cloud storage
for more ieee paper / full abstract / implementation , just visit www.redpel.com
Architecture harmonization between cloud radio access network and fog networkredpel dot com
Architecture harmonization between cloud radio access network and fog network
for more ieee paper / full abstract / implementation , just visit www.redpel.com
A tutorial on secure outsourcing of large scalecomputation for big dataredpel dot com
A tutorial on secure outsourcing of large scalecomputation for big data
for more ieee paper / full abstract / implementation , just visit www.redpel.com
A parallel patient treatment time prediction algorithm and its applications i...redpel dot com
A parallel patient treatment time prediction algorithm and its applications in hospital.
for more ieee paper / full abstract / implementation , just visit www.redpel.com
A distributed video management cloud platform using hadoopredpel dot com
This document describes a distributed video management cloud platform using Hadoop. The platform utilizes Hadoop's parallel processing and flexible storage capabilities to efficiently store and process large amounts of video data. It integrates J2EE, Flex, Red5 streaming media server, and Hadoop to provide a user-friendly interface for managing videos. The platform is evaluated and shown to satisfy the requirements of massive video data management through optimized MapReduce processing of video tasks like encoding, decoding, and background subtraction.
Views in Odoo - Advanced Views - Pivot View in Odoo 17Celine George
In Odoo, the pivot view is a graphical representation of data that allows users to analyze and summarize large datasets quickly. It's a powerful tool for generating insights from your business data.
The pivot view in Odoo is a valuable tool for analyzing and summarizing large datasets, helping you gain insights into your business operations.
Principles of Roods Approach!!!!!!!.pptxibtesaam huma
Principles of Rood’s Approach
Treatment technique used in physiotherapy for neurological patients which aids them to recover and improve quality of life
Facilitatory techniques
Inhibitory techniques
Lecture_Notes_Unit4_Chapter_8_9_10_RDBMS for the students affiliated by alaga...Murugan Solaiyappan
Title: Relational Database Management System Concepts(RDBMS)
Description:
Welcome to the comprehensive guide on Relational Database Management System (RDBMS) concepts, tailored for final year B.Sc. Computer Science students affiliated with Alagappa University. This document covers fundamental principles and advanced topics in RDBMS, offering a structured approach to understanding databases in the context of modern computing. PDF content is prepared from the text book Learn Oracle 8I by JOSE A RAMALHO.
Key Topics Covered:
Main Topic : DATA INTEGRITY, CREATING AND MAINTAINING A TABLE AND INDEX
Sub-Topic :
Data Integrity,Types of Integrity, Integrity Constraints, Primary Key, Foreign key, unique key, self referential integrity,
creating and maintain a table, Modifying a table, alter a table, Deleting a table
Create an Index, Alter Index, Drop Index, Function based index, obtaining information about index, Difference between ROWID and ROWNUM
Target Audience:
Final year B.Sc. Computer Science students at Alagappa University seeking a solid foundation in RDBMS principles for academic and practical applications.
About the Author:
Dr. S. Murugan is Associate Professor at Alagappa Government Arts College, Karaikudi. With 23 years of teaching experience in the field of Computer Science, Dr. S. Murugan has a passion for simplifying complex concepts in database management.
Disclaimer:
This document is intended for educational purposes only. The content presented here reflects the author’s understanding in the field of RDBMS as of 2024.
Feedback and Contact Information:
Your feedback is valuable! For any queries or suggestions, please contact muruganjit@agacollege.in
Is Email Marketing Really Effective In 2024?Rakesh Jalan
Slide 1
Is Email Marketing Really Effective in 2024?
Yes, Email Marketing is still a great method for direct marketing.
Slide 2
In this article we will cover:
- What is Email Marketing?
- Pros and cons of Email Marketing.
- Tools available for Email Marketing.
- Ways to make Email Marketing effective.
Slide 3
What Is Email Marketing?
Using email to contact customers is called Email Marketing. It's a quiet and effective communication method. Mastering it can significantly boost business. In digital marketing, two long-term assets are your website and your email list. Social media apps may change, but your website and email list remain constant.
Slide 4
Types of Email Marketing:
1. Welcome Emails
2. Information Emails
3. Transactional Emails
4. Newsletter Emails
5. Lead Nurturing Emails
6. Sponsorship Emails
7. Sales Letter Emails
8. Re-Engagement Emails
9. Brand Story Emails
10. Review Request Emails
Slide 5
Advantages Of Email Marketing
1. Cost-Effective: Cheaper than other methods.
2. Easy: Simple to learn and use.
3. Targeted Audience: Reach your exact audience.
4. Detailed Messages: Convey clear, detailed messages.
5. Non-Disturbing: Less intrusive than social media.
6. Non-Irritating: Customers are less likely to get annoyed.
7. Long Format: Use detailed text, photos, and videos.
8. Easy to Unsubscribe: Customers can easily opt out.
9. Easy Tracking: Track delivery, open rates, and clicks.
10. Professional: Seen as more professional; customers read carefully.
Slide 6
Disadvantages Of Email Marketing:
1. Irrelevant Emails: Costs can rise with irrelevant emails.
2. Poor Content: Boring emails can lead to disengagement.
3. Easy Unsubscribe: Customers can easily leave your list.
Slide 7
Email Marketing Tools
Choosing a good tool involves considering:
1. Deliverability: Email delivery rate.
2. Inbox Placement: Reaching inbox, not spam or promotions.
3. Ease of Use: Simplicity of use.
4. Cost: Affordability.
5. List Maintenance: Keeping the list clean.
6. Features: Regular features like Broadcast and Sequence.
7. Automation: Better with automation.
Slide 8
Top 5 Email Marketing Tools:
1. ConvertKit
2. Get Response
3. Mailchimp
4. Active Campaign
5. Aweber
Slide 9
Email Marketing Strategy
To get good results, consider:
1. Build your own list.
2. Never buy leads.
3. Respect your customers.
4. Always provide value.
5. Don’t email just to sell.
6. Write heartfelt emails.
7. Stick to a schedule.
8. Use photos and videos.
9. Segment your list.
10. Personalize emails.
11. Ensure mobile-friendliness.
12. Optimize timing.
13. Keep designs clean.
14. Remove cold leads.
Slide 10
Uses of Email Marketing:
1. Affiliate Marketing
2. Blogging
3. Customer Relationship Management (CRM)
4. Newsletter Circulation
5. Transaction Notifications
6. Information Dissemination
7. Gathering Feedback
8. Selling Courses
9. Selling Products/Services
Read Full Article:
https://digitalsamaaj.com/is-email-marketing-effective-in-2024/
How to Add Colour Kanban Records in Odoo 17 NotebookCeline George
In Odoo 17, you can enhance the visual appearance of your Kanban view by adding color-coded records using the Notebook feature. This allows you to categorize and distinguish between different types of records based on specific criteria. By adding colors, you can quickly identify and prioritize tasks or items, improving organization and efficiency within your workflow.
Credit limit improvement system in odoo 17Celine George
In Odoo 17, confirmed and uninvoiced sales orders are now factored into a partner's total receivables. As a result, the credit limit warning system now considers this updated calculation, leading to more accurate and effective credit management.
How to Show Sample Data in Tree and Kanban View in Odoo 17Celine George
In Odoo 17, sample data serves as a valuable resource for users seeking to familiarize themselves with the functionalities and capabilities of the software prior to integrating their own information. In this slide we are going to discuss about how to show sample data to a tree view and a kanban view.
No, it's not a robot: prompt writing for investigative journalismPaul Bradshaw
How to use generative AI tools like ChatGPT and Gemini to generate story ideas for investigations, identify potential sources, and help with coding and writing.
A talk from the Centre for Investigative Journalism Summer School, July 2024
AI Risk Management: ISO/IEC 42001, the EU AI Act, and ISO/IEC 23894PECB
As artificial intelligence continues to evolve, understanding the complexities and regulations regarding AI risk management is more crucial than ever.
Amongst others, the webinar covers:
• ISO/IEC 42001 standard, which provides guidelines for establishing, implementing, maintaining, and continually improving AI management systems within organizations
• insights into the European Union's landmark legislative proposal aimed at regulating AI
• framework and methodologies prescribed by ISO/IEC 23894 for identifying, assessing, and mitigating risks associated with AI systems
Presenters:
Miriama Podskubova - Attorney at Law
Miriama is a seasoned lawyer with over a decade of experience. She specializes in commercial law, focusing on transactions, venture capital investments, IT, digital law, and cybersecurity, areas she was drawn to through her legal practice. Alongside preparing contract and project documentation, she ensures the correct interpretation and application of European legal regulations in these fields. Beyond client projects, she frequently speaks at conferences on cybersecurity, online privacy protection, and the increasingly pertinent topic of AI regulation. As a registered advocate of Slovak bar, certified data privacy professional in the European Union (CIPP/e) and a member of the international association ELA, she helps both tech-focused startups and entrepreneurs, as well as international chains, to properly set up their business operations.
Callum Wright - Founder and Lead Consultant Founder and Lead Consultant
Callum Wright is a seasoned cybersecurity, privacy and AI governance expert. With over a decade of experience, he has dedicated his career to protecting digital assets, ensuring data privacy, and establishing ethical AI governance frameworks. His diverse background includes significant roles in security architecture, AI governance, risk consulting, and privacy management across various industries, thorough testing, and successful implementation, he has consistently delivered exceptional results.
Throughout his career, he has taken on multifaceted roles, from leading technical project management teams to owning solutions that drive operational excellence. His conscientious and proactive approach is unwavering, whether he is working independently or collaboratively within a team. His ability to connect with colleagues on a personal level underscores his commitment to fostering a harmonious and productive workplace environment.
Date: June 26, 2024
Tags: ISO/IEC 42001, Artificial Intelligence, EU AI Act, ISO/IEC 23894
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: ISO/IEC 42001 Artificial Intelligence Management System - EN | PECB
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
-------------------------------------------------------------------------------
Cloud assisted io t-based scada systems security- a review of the state of the art and future challenges
1. SPECIAL SECTION ON THE PLETHORA OF RESEARCH IN INTERNET OF THINGS (IoT)
Received February 21, 2016, accepted March 25, 2016, date of publication March 31, 2016, date of current version April 21, 2016.
Digital Object Identifier 10.1109/ACCESS.2016.2549047
Cloud-Assisted IoT-Based SCADA Systems
Security: A Review of the State of
the Art and Future Challenges
ANAM SAJID1, HAIDER ABBAS2,3, AND KASHIF SALEEM3
1Shaheed Zulfikar Ali Bhutto Institute of Science and Technology, Islamabad 44000, Pakistan
2National University of Sciences and Technology, Islamabad 44000, Pakistan
3Center of Excellence in Information Assurance, King Saud University, Riyadh 11653, Saudi Arabia
Corresponding author: H. Abbas (haiderabbas-mcs@nust.edu.pk)
This work was supported by the National Plan of Science, Technology and Innovation, King Abdulaziz City for
Science and Technology, Saudi Arabia, under Grant 12-INF2817-02.
ABSTRACT Industrial systems always prefer to reduce their operational expenses. To support such reduc-
tions, they need solutions that are capable of providing stability, fault tolerance, and flexibility. One such
solution for industrial systems is cyber physical system (CPS) integration with the Internet of Things (IoT)
utilizing cloud computing services. These CPSs can be considered as smart industrial systems, with their
most prevalent applications in smart transportation, smart grids, smart medical and eHealthcare systems, and
many more. These industrial CPSs mostly utilize supervisory control and data acquisition (SCADA) systems
to control and monitor their critical infrastructure (CI). For example, WebSCADA is an application used for
smart medical technologies, making improved patient monitoring and more timely decisions possible. The
focus of the study presented in this paper is to highlight the security challenges that the industrial SCADA
systems face in an IoT-cloud environment. Classical SCADA systems are already lacking in proper security
measures; however, with the integration of complex new architectures for the future Internet based on the
concepts of IoT, cloud computing, mobile wireless sensor networks, and so on, there are large issues at
stakes in the security and deployment of these classical systems. Therefore, the integration of these future
Internet concepts needs more research effort. This paper, along with highlighting the security challenges of
these CI’s, also provides the existing best practices and recommendations for improving and maintaining
security. Finally, this paper briefly describes future research directions to secure these critical CPSs and help
the research community in identifying the research gaps in this regard.
INDEX TERMS APT, industrial control system, Internet of Things (IoT), NIST, PRECYSE, supervisory
control and data acquisition system, SOA.
I. INTRODUCTION
Industries are always concerned with reducing their
operational costs and related expenses. Therefore,
companies are constantly searching for solutions that improve
their systems’ stability, fault tolerance, flexibility, and cost
efficiency. By adopting such solutions, the complexity and
interactivity of communications within the industrial systems
is expected to expand. One such solution to fulfil the current
needs of industrial systems is the concept of IoT, which
involves cloud computing. The IoT-cloud combination offers
the advantage of integrating CPSs such as SCADA systems.
This integration leads to the concept of ‘‘smart’’ industrial
systems [1].
The advent of the IoT-cloud combination has brought mul-
tiple benefits to the information technology (IT) industry
that includes embedded security, cost reductions, improved
uptime, and an increase in redundancy and flexibility. Crit-
ical infrastructures (CI) are also being integrated with the
IoT-cloud services. IoT-cloud appears to exactly meet the
uptime, flexibility, cost, and redundancy requirements of
these systems in a reasonable way. We can describe CPSs
as smart systems encompassing both physical and computa-
tional components that are seamlessly integrated and inter-
act closely to sense changing states in the real world. CPS
applications include—but are not limited to—smart trans-
portation, smart medical technologies, smart electric grids,
VOLUME 4, 2016
2169-3536
2016 IEEE. Translations and content mining are permitted for academic research only.
Personal use is also permitted, but republication/redistribution requires IEEE permission.
See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
1375
www.redpel.com +917620593389
www.redpel.com +917620593389
2. A. Sajid et al.: Cloud-Assisted IoT-Based SCADA Systems Security
air traffic control, and so on. Under the IoT architecture it is
not easy to clearly differentiate between Wireless Sensor Net-
works (WSN), machine-to-machine technologies, and CPSs.
However, the study in [2] makes an effort to provide a general
CPS model to show the overlapping concepts involved in
these systems, as shown in Fig. 1.
FIGURE 1. The cyber physical system model [2].
At a supervisory level, the major responsibility of SCADA
systems is to monitor a system’s processes and apply the
appropriate controls accordingly. SCADA systems are basi-
cally CPSs used in industries. These systems include a
wide number of application sectors, as presented in Fig. 2,
and currently a lot of research has been conducted in this
regard [3]–[9]. For example, one application is in the health-
care sector [10]–[12]. SCADA systems that provide medi-
cal solutions enable doctors and associated healthcare team
members to monitor and control a patient’s state of health
in a cost effective and efficient manner. One such solution
FIGURE 2. SCADA systems application sectors.
present in the industry is WebSCADA [13], which provides
multiple benefits that include anywhere/anytime accessibility
to the system through a secure web browser connection.
WebSCADA is a scalable and flexible system that can easily
integrate with new project features, easy maintenance, and
is customizable for other industrial applications such as oil,
manufacturing, gas utilities, security monitoring, and so on.
The future Internet is considered as a new concept for
classical SCADA systems that have already been in operation
for many years. We are aware that, with time, new tech-
nologies replace old technologies, but unfortunately, these
existing SCADA systems are being retrofitted to combine
the capabilities of both the old and the new technologies.
Due to this overlapping use of both technologies, the secu-
rity of SCADA systems is at risk. Hence, we can say
that the integration of industrial business systems and the
IoT-cloud concept has made the integrated SCADA systems
more vulnerable compared with classical SCADA systems.
In general, SCADA systems architecture contains a Human
Machine Interface (HMI), hardware, software, Remote
Terminal Units (RTUs), a supervisory station, sensors and
actuators [14]. The general architecture of SCADA systems
in an IoT-cloud environment is illustrated in Fig. 3.
FIGURE 3. The general architecture of SCADA systems in an IoT-cloud
environment.
Standard protocols and wired communications were used
when SCADA systems first came into existence and were
solely aimed at monitoring and controlling system pro-
cesses. However, when these systems were exposed to the
IoT environment, which involves cloud computing and com-
plex network environments, they became more vulnerable
to cyberthreats and attacks. Table 1 describes the journey
of SCADA systems from first generation to the IoT-based
SCADA systems being used now.
The remainder of this paper is divided as follows. Section II
presents the challenges of IoT-cloud based SCADA sys-
tems by identifying their major vulnerabilities and threats.
Based on these identifications, Section III describes the
current efforts to secure industrial SCADA systems in
IoT-cloud environments. Section IV provides a number of
1376 VOLUME 4, 2016
www.redpel.com +917620593389
www.redpel.com +917620593389
3. A. Sajid et al.: Cloud-Assisted IoT-Based SCADA Systems Security
TABLE 1. The evolution of SCADA systems.
recommendations and best practices being proposed to secure
these systems. Section V describes a wide range of future
research options for securing the industrial SCADA systems
in an IoT-cloud environment, and Section VI concludes the
paper.
II. CHALLENGES TO SECURE SCADA SYSTEMS
IN IoT-CLOUD ENVIRONMENTS
The Siberian Pipeline Explosion happened in 1982 and is
considered to be the first cybersecurity incident in the history
of SCADA systems. In this explosion, an attacker exploited
a system vulnerability using a virus called a Trojan horse.
In 2000, a former worker hacked into the Maroochy Shire
water plant control system, flooding the hotel grounds with
raw sewage [15]. In 2010, Iran’s nuclear system was disrupted
by the Stuxnet worm [16]. In 2011, another form of Stuxnet
was discovered and given the name Duqu. Most recently, the
Flame worm [17] brought devastation to Industrial Control
Systems (ICS) and to SCADA systems.
A detailed literature review and analysis of the major
attacks on SCADA systems can help focus attention on the
reasons why these critical infrastructures are so vulnerable.
Particularly in cases where these systems are integrated with
the IoT and cloud based environments, they are far more
exposed to such vulnerabilities. A number of vulnerabili-
ties exist in these environments that could possibly implant
malware in SCADA systems, some of which are listed
below [1], [18], [19]:
1. System commands and information can be modi-
fied, sniffed, lost, or spoofed during communication
because the reliance on cloud communication makes
the SCADA systems more open.
2. The network connections between SCADA systems
and the cloud potentially open backdoors to the ICS,
which can then be exploited by attackers.
3. SCADA systems integrated into the cloud have all the
same risks as typical cloud infrastructure.
4. Data on the cloud is separated only internally because
the same cloud can be accessed by other clients.
5. SCADA systems applications running on the cloud can
be easily searched and abused by attackers.
6. For control and automation SCADA systems use
Modbus/TCP, IEC 40, and DNP3, but some of these
protocols lack protection.
7. SCADA systems use commercial off-the-shelf
solutions instead of proprietary solutions.
8. SCADA systems lack proper security controls.
9. Unnecessary services and default factory settings lead
to configuration errors in the IoT device operating
systems.
10. Memory corruption and weakness in validating input
data causes software errors in IoT device operating
systems.
11. Third party software used for IoT devices can lead to
configuration errors such as parameter tempering and
lack of encryption.
12. Cloud and external individual service providers have
security vulnerabilities of their own.
The vulnerabilities mentioned above form the basis for
why CIs are exposed to threats that have a negative impact
on the performance of these systems. A general statistical
representation of the threats to SCADA systems before their
exposure to the IoT-cloud environment is shown in Fig. 4.
Insider threats are considered to be the most prominent type
of attacks on IoT-based SCADA systems [19]. Based on the
current literature, a few threats to the SCADA systems in
IoT-cloud environments are defined below:
1) Advanced Persistent Threats (APTs): APTs are net-
work attacks in which an unauthorized person attempts
VOLUME 4, 2016 1377
www.redpel.com +917620593389
www.redpel.com +917620593389
4. A. Sajid et al.: Cloud-Assisted IoT-Based SCADA Systems Security
FIGURE 4. A statistical view of the threats to the SCADA systems [24].
to gain access to the system using zero-day attacks
with the intention of stealing data rather than causing
damage to it [20].
2) Lack of Data Integrity: Data integrity is lost when
the original data are destroyed, and this could happen
through any means such as physical tampering or inter-
ception.
3) Man-in-the-Middle (MITM) Attacks: Two attacks that
can easily be launched as a result of a man-in-the-
middle attack are spoofing attacks and sniffing attacks.
In a spoofing attack, a program or person masquerades
as another program or person to gain illegitimate access
to the system or the network. In a sniffing attack, the
intruder monitors all the messages being passed and all
the activities performed by the system [21].
4) Replay Attacks: Replay attacks are a type of network
attack in which a valid message containing some valid
data is repeated again and again; in some cases, the
message may repeat itself. These attacks affect the
performance of SCADA systems and can be serious
threats when a replay attack delays messages sent to
physical devices [22].
5) Denial of Service (DoS) Attacks: The purpose of a
DoS attack is to make a service unavailable for the
intended user. Such attacks can be performed in mul-
tiple ways such as DoS or DDoS. At the simplest level,
these attacks overload computer resources such that the
machine is unable to perform its intended tasks [23].
III. EFFORTS TO SECURE SCADA SYSTEMS
To protect the SCADA systems from the above men-
tioned threats, many efforts have been made in terms of
security frameworks, protection mechanisms and assurance
approaches. The following section summarizes these efforts
by first focusing on the efforts to secure SCADA systems
outside of the IoT-cloud environment and then within the
IoT-cloud environment.
A. SCADA SYSTEMS SECURITY IN GENERAL
The following general security considerations apply to
SCADA systems:
1) Policy Management: Cyber security is considered a
threat because if an intruder somehow gains access
to a SCADA system then the intruder most prob-
ably also gains control over everything within the
system. The threats increase enormously when these
systems are connected to the Internet. For example,
protecting SCADA systems against Internet connec-
tivity was not even considered a possible vulnerability
when power systems were first developed. Because
people often have little awareness of the methods for
securing CIs, cyberattacks are increasing. To assess
power system vulnerabilities, an attack tree model
was used by Watts [25]. The author argues that good
password policies make the system access points strong
and make it difficult for an intruder to guess a password
to access the systems. A drawback of this methodol-
ogy is that attack trees do not capture the penetration
sequence of attack leaves. Cagalaban et al. [21] present
a fault detection algorithm to find the vulnerabilities
in SCADA system software. The authors of [21] used
a test-bed architecture and the Modbus protocol. The
purpose of an attacker can be easily identified by this
methodology. The results reveal that SCADA systems
software strength increases when these systems follow
proper rules for authentication and authorization.
2) Data Integrity: To mitigate Denial of Service (DoS)
attacks, Davis et al. [23] adopted a test-bed architecture
using RINSE, which also assesses vulnerabilities faced
by power systems. Three attack scenarios are consid-
ered. In the first scenario, there is no attack and systems
perform normally; in the second scenario, the DoS
attack is introduced; and the last scenario applies filters
such that the effects of a DoS attack can be measured.
A drawback of this methodology is that it focuses only
on the software level; hence, hardware is not taken into
consideration. Giani et al. [26], presented a test-bed
architecture in which system availability and integrity
are compromised by introducing multiple attacks. The
major goal of this study was to measure the impact that
such attacks have on SCADA systems. Davis et al. [23]
proposed a few models to investigate attacks, deter-
mine their effects, and identify mitigation strategies.
Cárdenas et al. [27] presented a methodology that
detects such attacks by monitoring and analyzing the
physical system under observation. As recommended
by [27], attack-resilient algorithms are required to
make the systems able to survive intentional attacks
such as Stuxnet.
3) Weak Communication: According to Wang [22], the
communication links of SCADA systems can be
attacked easily because they do not typically provide
encryption and authentication mechanisms. The
American Gas Association (AGA) has played a vital
1378 VOLUME 4, 2016
www.redpel.com +917620593389
www.redpel.com +917620593389
5. A. Sajid et al.: Cloud-Assisted IoT-Based SCADA Systems Security
role in securing SCADA system communications and
introduced the concept of cryptography within these
systems’ communication. Secure SCADA (sSCADA),
a plugin device, is presented in [22] as Part 1 of the
AGA’s cryptographic standard, with two vulnerabili-
ties that lead to man-in-the-middle and replay attacks.
To address these vulnerabilities, the authors propose
four channels of communication, each fulfilling differ-
ent security services. The job of an attacker is made
easy by the use of a weak protocol. The communication
protocols used in SCADA systems are responsible
for communicating messages over the entire industry
network. Many protocols are used including DNP3,
PROFIBUS, Ethernet/IP, etc., but based on the system
requirements a particular protocol is selected for com-
munication. The devices that were considered as trusted
were connected to the SCADA systems network long
before security issues were taken into consideration.
Use of the new Internet-based technologies established
untrusted connections. Hence, we can say that the built-
in vulnerability of the communication protocols makes
the systems weak. Igure and Williams [28] described
three challenges that must be considered to improve
SCADA system networks, as follows:
- SCADA systems security within the network can
be improved by utilizing intrusion detection sys-
tems and keeping firewalls up to date, thereby
keeping the system’s activities under constant
supervision.
- SCADA systems security management can be
improved by performing regular risk assessments
and improving the clarity of security plans and
their implementations.
- Access control for SCADA systems can be
improved as well. The first step in securing
any system is to prevent the system from being
accessed by unauthorized entities. Although this
can be achieved by improving authorization pass-
word and smart cards, those are not the ultimate
solution.
To assess and analyze the Modbus communication proto-
col’s vulnerability and risks, Byres et al. [29] used an attack
tree model, revealing that the Modbus protocol is weak and
lacks basic security requirements such as integrity, confi-
dentiality and authentication. They recommended [29] using
firewalls, Intrusion Detection Systems (IDSs) and encryption
techniques for secure communications.
To secure the communication channels of SCADA sys-
tems, Patel and Sanyal [30] presented some solutions based
on IP-Sec and SSL/TLS. The strengths and weakness of
both presented solutions are also described in detail. On
the network layer IP-Sec is presently capable of providing
protection to each application responsible for carrying out
communication tasks between two hosts. IP-Sec can secure
the IP traffic, prevent DoS attacks, and is also able to stop any
arbitrary communication packet from entering the TCP layer.
Over TCP/IP, communications between (Remote Terminal
Unit) RTUs and (Master Terminal Units) MTUs are secured
by SSL/TLS, which is an efficient and fast solution and
at the same time provides protection against man-in-the-
middle and replay attacks. However, IP-Sec is also a com-
plex and less scalable solution that is unable to provide
nonrepudiation and authentication [30]. In addition, IP-Sec
encrypts all the traffic. Similarly, SSL/TLS is considered
to be an expensive solution with known vulnerabilities and
is also unable to provide nonrepudiation. Although both
IP-Sec and SSL have their drawbacks, the clients need deter-
mine which solution to use. Security in IP-based SCADA
systems is addressed in detail in [31].
In another approach to securing the communication chan-
nels of SCADA systems, two middleware methods are
described by Khelil et al. [32]. In the first method, the aim of
the authors is to maintain data integrity and availability based
on peer-to -peer protection by maintaining more than one
copy of data. This data access technique can protect SCADA
systems from router crashes as well as from data modifica-
tions. However, this approach is considered to be intrusive
and requires modifications to be made on existing networks.
In the second method, data availability is approached by
using GridStat middleware. To ensure data availability, this
methodology adds some new components to the architecture
that require no changes to the original components: it follows
a nonintrusive approach.
B. SCADA SYSTEM SECURITY IN AN
IoT-CLOUD ENVIRONMENT
1) DATA INTEGRITY AND PRIVACY
Antonini et al. [33] addressed security challenges to SCADA
systems, and Baker et al. [34] presented a security oriented
cloud platform for Service Oriented Architecture (SOA)
based SCADA systems. The main idea of this proposal is
to deliver an innovative solution to integrate cloud platforms
into SOA based SCADA systems. It also focuses on the
enhancement of security and integrity concerns for these sys-
tems. Smart Grid systems are used in the proposed approach
through a real-world scenario. This paper directs readers’
attention toward building a secure cloud platform that sup-
ports the use of SOA based SCADA systems. Another threat
stems from APTs, which are focused on networks. In this type
of attack, an unauthorized person manages to enter a network
and then tries to steal data from the system. The focus of this
attack is not to cause damage but rather to stay undetected
as long as possible, steal data and then leave, all the while
keeping the attacker’s identity hidden. Bere and Muyingi [20]
addressed these types of threats and claim that APTs use
zero-day vulnerabilities to steal data from systems.
2) DATA LOGGING
Security risks related to data logging are also a challenge in
IoT-based SCADA systems because of the presence of the
cloud [19]. Compared to localized logging, keeping track of
cloud-based system logs is difficult.
VOLUME 4, 2016 1379
www.redpel.com +917620593389
www.redpel.com +917620593389
6. A. Sajid et al.: Cloud-Assisted IoT-Based SCADA Systems Security
3) OWNERSHIP
Use of third party cloud services in IoT-based SCADA sys-
tems takes ownership privileges from the SCADA systems
organization and puts them under the control of the Cloud
Service Provider (CSP) [43]. Hence, we can say that these
systems have lack of control.
4) AUTHENTICATION AND ENCRYPTION
There is a lack of authentication and encryption mechanisms
for IoT-based SCADA systems. If these systems use weak
communication protocols such as Modbus [29] while uti-
lizing the cloud, an attacker can easily gain access to IP
addresses, usernames, and other private credentials, as the
result of weak authentication and encryption. Modern cyber
security attacks have also taken over ICS, as described in [33],
in which the vulnerabilities of SCADA systems are exploited
more often because the International Electrotechnical Com-
mission (IEC) 61850 standard itself lacks security. According
to the authors [33], SCADA systems networks still face key
management issues.
5) WEB APPLICATIONS IN THE CLOUD
Web applications are frequently used in these systems. Based
on the literature [1], [2], [13]–[43], web applications have
their own security needs that are currently not addressed by
IoT-cloud based SCADA systems.
6) RISK MANAGEMENT
Ongoing research on SCADA systems is presented by
Nicholson et al. [36], who emphasize that the threats and risks
to SCADA systems are not completely addressed because of
their integration with corporate networks, making them more
vulnerable to cyberattacks. Identification of risk mitigation
techniques is a positive contribution from [36]. Research
challenges faced by SCADA systems in risk assessment are
outlined in [37] and [38].
7) EMBEDDED DEVICE PROTECTION IN INDUSTRIAL IoTs
Because classical IT systems differ from CPS such as
SCADA systems, existing concepts of information security
cannot be adopted. To defend against the privacy and secu-
rity risks, the Industrial IoT requires a cyber security con-
cept capable of addressing such risks at all possible levels
of abstraction. Some solutions for protecting the embedded
devices at the core of industrial IoT-based SCADA systems
are shown in the Table 2.
The major difference between SCADA systems and
Distributed Control Systems (DCSs) is that they differ in size:
SCADA systems are restricted to large areas while DCSs
are restricted to smaller areas. Originally, SCADA systems
were developed as isolated systems, but that is no longer
true due to the usage of commercial off the shelf solutions
and widely expanded networked environments such as the
IoT-based SCADA systems. There is a need to develop a more
secure solution that considers the security requirements and
TABLE 2. Security architectures for industrial IoTs.
constraints faced by these systems. Although some security
improvement actions have been implemented since 2010
to protect these systems against major attacks, still, they
remain vulnerable to intrusions, data modifications, denial
of service attacks, threats from legitimate users, and many
more security-related threats. IoT-based SCADA systems
are vulnerable to network attacks as well. The differences
between IoT-based SCADA system security in particular and
IT systems security in general must be clearly understood
because this understanding can help in developing more effi-
cient and secure solutions that focus on IoT-based SCADA
systems security.
IV. RECOMMENDATIONS AND BEST PRACTICES FOR
SECURING IoT-CLOUD BASED SCADA SYSTEMS
SCADA systems in IoT-cloud environment are not like reg-
ular IT systems; we cannot assume that by simply using
some strong password policies, updated antivirus protec-
tion, firewalls, or frequent patching will solve the problems
(as they would for simpler IT systems). Therefore, counter-
measures are required that directly address the security needs
of SCADA systems in IoT-cloud environments. Recently, the
Internet Engineering Task Force (IETF) has been working on
a new draft that focuses on security considerations for Indus-
trial IoT (IIoT) in IP-based environments. This draft standard
also provides an overview on the present state of the art (as
of 2013) and emphasizes that future connections are moving
towards an all-IP solution. The current draft standard defines
five security profiles: IoT devices for home use, IoT devices
with no security requirements, IoT devices for industrial
usage, IoT devices for managed home use, and IoT devices
for advanced industrial usage. When considering the future
for secure and flexible industrial IoT networks, this draft
1380 VOLUME 4, 2016
www.redpel.com +917620593389
www.redpel.com +917620593389
7. A. Sajid et al.: Cloud-Assisted IoT-Based SCADA Systems Security
identifies that Datagram Transport Layer Security (DTLS)
will form the basic building block for these systems.
However, the draft argues that there is a need to introduce
more interconnectivity among the multiple layers of security
in the IoT and cloud based industrial systems.
Similarly, the methodology named ‘‘Prevention, Protection
and REaction to CYber attackS to critical infrastructurEs’’
(PRECYSE) is a security methodology intended to improve
by design the reliability, resilience and security of Informa-
tion and Communication Technology (ICT) that supports CI’s
such as CPS, SCADA, IIoT, and so on. PRECYSE is built
on research standards already in existence and has a special
focus on relevant security, policy, privacy, ethical and legal
issues for CIs. The major goals of PRECYSE for CIs such as
SCADA systems [39] are as follows:
- Investigating privacy and ethical issues.
- Improving resilience through a security architecture.
- Providing tools for preventing and protecting against
cyberattacks on SCADA systems and controlling the
reaction to such attacks.
- Presenting a methodology for identifying assets and
their associated vulnerabilities and threats.
- Deploying prototypes at two sites, one in the transport
sector and the other in the energy sector.
Some basic principles can be considered for protecting
Industrial IoT and IIoT-cloud based SCADA systems, as
shown in Fig. 5. These principles have the objective of pro-
tecting vulnerable infrastructure by surrounding these sys-
tems with a combination of security tools based on currently
available good practices. Following is a brief overview of
few such good practices that helps in improving the security
of IoT and cloud based SCADA systems, keeping in view
the guidelines of NIST SP 800-53 [40], NIST SP 800-53,
Revision 4 [41], NIST SP 800-82, Revision 2 [42], and other
literature reviewed in the reference section.
FIGURE 5. Best practices for securing IoT-cloud based SCADA systems.
1) NETWORK SEGREGATION
An approach to segregate networks introduces security tools
that surround each network and as a result effectively seg-
regate and monitor network activities, preventing policy
violations.
2) CONTINUOUS MONITORING AND ANALYSIS
The computers involved in SCADA systems are performing
critical tasks that often make the computer systems com-
plex. Due to the increased frequency of attacks, there is a
need to continuously monitor and analyze the activities these
computer systems perform.
3) LOG ANALYSIS
Activity logs are kept by nearly all computer software and
devices including operating systems, network devices, appli-
cations and other intelligent programmable devices. These
logs play a vital role in troubleshooting, compliance check-
ing, forensic analysis and intrusion detections. Tracking via
these logs can identify and help control many attacks. Such
log analysis is typically supported by host-based IDS.
4) FILE INTEGRITY MONITORING
File integrity analysis is used to validate the integrity of some
software and operating systems. The cryptographic check-
sum method is the most frequently used verification method.
Harmful files (black lists) and allowed files (white lists) can
be easily identified using checksum verification methods.
Checksum methods are also supported by host-based IDS.
5) NETWORK TRAFFIC ANALYSIS
Malicious activities can sometimes be detected though net-
work monitoring by performing network packet analysis.
Malicious activities can also be detected based on behavioral
or pattern analysis. For sophisticated malware, where the
information is hidden inside covert channels, network analy-
sis can detect only the number of network packets or the des-
tination for that packet; hence, other techniques are required
to detect malicious behaviors within covert channels.
6) MEMORY DUMP ANALYSIS
Both known and unknown malicious activity present within
the memory of an operating system can be detected by mem-
ory dump analysis. Using advanced technologies, a volatility
framework can analyze multiple types of memory dumps.
This type of analysis makes it easy to detect system libraries
and hidden processes, which also helps in detecting the
sophisticated attacks and intrusions.
7) UPDATING AND PATCHING REGULARLY
Third-party software is used by IoT-cloud SCADA systems,
and keeping this software continuously up to date is a chal-
lenge. Unknown errors in such software can trigger the pos-
sibility of arbitrary code execution by attackers. Monitoring
the current security news and following the best approaches
for updating and patching this critical infrastructure software
is a requirement.
8) TESTING VULNERABILITY REGULARLY
To a large extent, the design of a system determines its secu-
rity level. Unknown errors in cloud systems are easily dis-
covered by continuous monitoring and vulnerability testing.
These tests can be applied to either the whole system or to
VOLUME 4, 2016 1381
www.redpel.com +917620593389
www.redpel.com +917620593389
8. A. Sajid et al.: Cloud-Assisted IoT-Based SCADA Systems Security
particular system components, but should be performed at
regular intervals because new threats are revealed through
analysis over time.
9) PROXY SOLUTIONS
To increase the security of these systems, proxy solutions are
used to build a fine layer of protection around vulnerable or
legacy solutions. Proxy solutions can perform filtering and
inspections, implement access control, and limit the range
of instructions sent to the network or to devices. When a
supplier needs access to the critical network this protection
can be removed for the subset of data required; for example,
a Demilitarized Zone (DMZ) can be used as a trusted process.
10) TOOLS FOR DETECTING MALICIOUS ACTIVITY
In addition to all the practices mentioned above, it is a require-
ment to regularly use intrusion detection and prevention sys-
tems, antivirus software, and so on, and to keep these up
to date, ensuring that attack patterns are kept current in the
database to help in improving the security of these systems.
V. FUTURE RESEARCH DIRECTIONS IN SECURING
IoT-CLOUD BASED SCADA SYSTEMS
To secure CPSs in the future, more research needs to be
performed. Because the concepts related to the future Internet
such as IoTs and cloud computing, specifically, are at an early
stage of deployment in industrial SCADA systems, more
focus is required on preventing cyberattacks on industrial
SCADA systems. A few research directions for securing
IIoT-based CPSs [43] are briefly explained below and pre-
sented in Fig. 6.
FIGURE 6. Future research directions for securing CPS.
1) MANAGEMENT
There is a need to develop new methods capable of managing
complex and large-scale systems because thousands of IoT
devices will be active in such industrial settings, including
smart industries, smart cities, and so forth.
2) SECURITY
The CPSs are responsible for controlling real-world infras-
tructures and, thus, have a real-world impact on them.
Failure to secure these critical infrastructures can have
devastating impacts. There is a need to answer questions
such as: ‘‘To what extent will future CIs be vulnerable?’’ and
‘‘To what level can we ensure that they are trustworthy,
resilient and reliable?’’
3) REAL-TIME DATA HANDLING
CPSs such as IIoT, which are primarily based on supervising
and controlling data acquisitions, need to collect and analyze
the data in real time and make business decisions; these
systems cannot afford delays. For such decision making, clas-
sical CPSs utilize local decision loops, but with the cloud and
IoT, they are becoming more dependent on external services.
Therefore, aspects of timely interaction need to be revisited.
4) CROSS-LAYER COLLABORATIONS
The effectiveness of these systems depends on collaboration
among the involved platforms that are responsible for deliver-
ing services in a service-based infrastructure. However, these
complex collaborations possess multiple requirements from
both the business and technical worlds that are based on
specific application scenarios. To make the CPS ecosystem
flourish, people need assurance that these complex collabo-
rations can deliver services efficiently and effectively—but
providing that assurance is not an easy task and needs more
research.
5) APPLICATION DEVELOPMENT
To build complex services and behaviors for critical CPSs
the underlying core API functionalities must be standardized.
API consolidation can be applied as a short term solution until
new solutions are developed that work through semantically
driven interactions.
6) MIGRATION OF CPSs AND THE IMPACT
ON EXISTING APPROACHES
The large-scale impact of CPSs needs to be carefully assessed
and investigated; however, this is a challenging task. It is
expected that CPSs will replace the classical approaches
gradually in the future. Therefore, new strategies are required
to migrate these classical systems to CPS.
7) SUSTAINABLE MANAGEMENT
Cloud-based CPSs promise to provide more efficient and
optimized usage of global resources. Therefore, sustain-
able strategies for managing the business and information
structures are required—e.g., energy-driven management.
There is a need to understand and implement new solutions
with respect to a greater context such as applications that
apply at smart citywide scales, cross-enterprise scales, etc.
To effectively integrate such solutions in large-scale CPSs,
new approaches and tools are needed.
8) ENGINEERING AND DEVELOPMENT TOOLS
Within complex environments, there is a need for new
engineering and development tools that can help ease the
complexity of service creation in CPS ecosystems.
1382 VOLUME 4, 2016
www.redpel.com +917620593389
www.redpel.com +917620593389
9. A. Sajid et al.: Cloud-Assisted IoT-Based SCADA Systems Security
9) SHARING AND MANAGEMENT OF DATA LIFECYCLE
The first step in the data lifecycle involves acquiring data
from the cyber physical world; however, the second step
is sharing these data and managing them because building
sophisticated services is a challenge. This challenge becomes
ever more complex now that the security and privacy of these
data must also be ensured in cloud environments. The entire
topic needs more research and new and innovative solutions.
10) DATA SCIENCE
Massive CPS infrastructures integrated with the cloud will
acquire enormous amounts of data. The term for such data
volumes is ‘‘Big Data’’. It is possible to analyze big data in the
cloud to deliver new insights on industrial processes, which
can result in the ability to better identify optimized solutions
and enterprise operations. Approaches based on data science
and big data are expected to have a positive impact on the way
in which CPS infrastructures are designed and operated.
VI. CONCLUSIONS
The objective of this study was to highlight some important
facts about industrial SCADA systems with an emphasis on
threats, vulnerabilities, management and the current prac-
tices being followed. CPSs such as SCADA systems are
widely used. The objective of IoT-based SCADA systems
is to increase their flexibility, cost efficiency, optimization
capability, availability and scalability of such systems. For
this purpose, industrial SCADA systems utilize the benefits of
IoT and cloud computing. However, these benefits are accom-
panied by numerous critical risks. Major security risks related
to the industrial SCADA systems in the cloud may vary from
one scenario to another. In such environments, the nature of
data is such that it must be stored on server/s for backup or
sharing purposes, and these server/s are mostly managed by
a third party. This third party management means that these
servers are likely to contain large numbers of clients and
their confidential information. The result is that the privacy
of data on these cloud servers cannot be guaranteed, as the
data may or may not be shared with other clients. Therefore,
such security breaches must be considered before integrating
industrial SCADA systems with IoT-cloud environments. The
purpose of this paper was to highlight the unique importance
of critical industrial SCADA systems from the perspective of
IoT and cloud computing. The efforts being made to secure
these systems within the future Internet environment were
described and discussed extensively. After performing this
study, it can be concluded that several of the vulnerabilities
described in this paper are particularly relevant to industrial
IoT based SCADA systems, and it is extremely important to
note that each specific IoT device is a separate entity and
will typically possess an attack surface of its own. Therefore,
there is a clear need to perform more research on securing
these systems because attacks not only have the potential
for devastating effects to both industrial machines and to
individuals associated with them but also are expected to
become even more critical in the future.
REFERENCES
[1] T. Lojka and I. Zolotová, ‘‘Improvement of human-plant interactivity
via industrial cloud-based supervisory control and data acquisition sys-
tem,’’ Advances in Production Management Systems. Innovative and
Knowledge-Based Production Management in a Global-Local World (IFIP
Advances in Information and Communication Technology). Berlin, Ger-
many: Springer, 2014, pp. 83–90.
[2] C.-R. Rad, O. Hancu, I.-A. Takacs, and G. Olteanu, ‘‘Smart monitoring
of potato crop: A cyber-physical system architecture model in the field of
precision agriculture,’’ Agricult. Agricult. Sci. Procedia, vol. 6, pp. 73–79,
Sep. 2015, doi: 10.1016/j.aaspro.2015.08.041.
[3] G. Fortino, A. Guerrieri, and W. Russo, ‘‘Agent-oriented smart objects
development,’’ in Proc. IEEE 16th Int. Conf. Comput. Supported Cooperat.
Work Design (CSCWD), May 2012, pp. 907–912.
[4] W. Wei, X. Fan, H. Song, X. Fan, and J. Yang, ‘‘Imperfect information
dynamic stackelberg game based resource allocation using hidden Markov
for cloud computing,’’ IEEE Trans. Services Comput., vol. PP, no. 99, p. 1,
Feb. 2016, doi: 10.1109/TSC.2016.2528246.
[5] I. Butun, M. Erol-Kantarci, B. Kantarci, and H. Song, ‘‘Cloud-centric
multi-level authentication as a service for secure public safety device
networks,’’ IEEE Commun. Mag., vol. 54, no. 4, 2016.
[6] H. Song, Q. Du, P. Ren, W. Li, and A. Mehmood, ‘‘Cloud computing
for transportation cyber-physical systems,’’ in Cyber-Physical Systems:
A Computational Perspective, vol. 15, L. M. Patnaik, Ed. Boca Raton, FL,
USA: CRC Press, 2015, pp. 351–369.
[7] Y. Sun, H. Song, A. J. Jara, and R. Bie, ‘‘Internet of Things and big data
analytics for smart and connected communities,’’ IEEE Access, vol. 4,
pp. 766–773, Mar. 2016, doi: 10.1109/ACCESS.2016.2529723.
[8] H. Abbas, M. Q. Mahmoodzadeh, F. A. Khan, and M. Pasha, ‘‘Identifying
an OpenID anti-phishing scheme for cyberspace,’’ Secur. Commun. Netw.,
vol. 9, no. 6, pp. 481–491, 2014.
[9] H. Abbas, C. Magnusson, L. Yngstrom, and A. Hemani, ‘‘Address-
ing dynamic issues in information security management,’’ Inf. Manage.
Comput. Secur., vol. 19, no. 1, pp. 5–24, 2011.
[10] K. Saleem, A. Derhab, J. Al-Muhtadi, and B. Shahzad, ‘‘Human-
oriented design of secure machine-to-machine communication system for
e-healthcare society,’’ Comput. Human Behavior, vol. 51, pp. 977–985,
Oct. 2015.
[11] H. Khattak, H. Abbas, A. Naeem, K. Saleem, and W. Iqbal, ‘‘Security
concerns of cloud-based healthcare systems: A perspective of moving
from single-cloud to a multi-cloud infrastructure,’’ in Proc. 17th Int. Conf.
E-Health Netw., Appl. Services (HealthCom), 2015, pp. 50–56.
[12] B. M. C. Silva, J. J. P. C. Rodrigues, I. de la Torre Díez,
M. López-Coronado, and K. Saleem, ‘‘Mobile-health: A review of
current state in 2015,’’ J. Biomed. Inform., vol. 56, pp. 265–272,
Aug. 2015.
[13] (2016). WebSCADA, Web SCADA, Automation Systems, Process Control,
Historian, Event Alarm, SCADA Solution, accessed on Feb. 5, 2016.
[Online]. Available: http://www.webscada.com/SCADA/SolMedSys.aspx
[14] R. J. Robles and M.-K. Choi, ‘‘Assessment of the vulnerabilities of
SCADA, control systems and critical infrastructure systems,’’ Int. J. Grid
Distrib. Comput., vol. 2, no. 2, pp. 27–34, 2009.
[15] S. Mustard, ‘‘Security of distributed control systems: The concern
increases,’’ J. Comput. Control Eng., vol. 16, no. 6, pp. 19–25, Dec. 2005.
[16] J. P. Farwell and R. Rohozinski, ‘‘Stuxnet and the future of cyber war,’’
Survival, vol. 53, no. 1, pp. 23–40, 2011.
[17] ‘Flame’ Spyware Infiltrating Iranian Computers, CNN, Atlanta, GA, USA,
2012.
[18] J. D. Fernandez and A. E. Fernandez, ‘‘SCADA systems: Vulnerabili-
ties and remediation,’’ J. Comput. Sci. Colleges Arch., vol. 20, no. 4,
pp. 160–168, Apr. 2005.
[19] N. Ulltveit-Moe, H. Nergaard, L. Erdödi, T. Gjøsæter, E. Kolstad, and
P. Berg. (2016). ‘‘Secure information sharing in an industrial Internet of
Things.’’ [Online]. Available: http://arxiv.org/abs/1601.04301
[20] M. Bere and H. Muyingi, ‘‘Initial investigation of industrial control sys-
tem (ICS) security using artificial immune system (AIS),’’ in Proc. Int.
Conf. Emerg. Trends Netw. Comput. Commun. (ETNCC), 2015, pp. 79–84.
[21] G. Cagalaban, T. Kim, and S. Kim, ‘‘Improving SCADA control systems
security with software vulnerability analysis,’’ in Proc. 12th WSEAS Int.
Conf. Autom. Control, Modeling Simulation, 2008, pp. 409–414.
[22] Y. Wang, ‘‘sSCADA: Securing SCADA infrastructure communications,’’
Int. J. Commun. Netw. Distrib. Syst., vol. 6, no. 1, pp. 59–78, 2012.
VOLUME 4, 2016 1383
www.redpel.com +917620593389
www.redpel.com +917620593389
10. A. Sajid et al.: Cloud-Assisted IoT-Based SCADA Systems Security
[23] C. M. Davis, J. E. Tate, H. Okhravl, C. Grier, T. J. Overbye, and D. Nicol,
‘‘SCADA cyber security testbed development,’’ in Proc. 38th North Amer.
Power Symp., Sep. 2006, pp. 483–488.
[24] H. M. N. Al Hamadi, C. Y. Yeun, and M. J. Zemerly, ‘‘A novel secu-
rity scheme for the smart grid and SCADA networks,’’ Wireless Pers.
Commun., vol. 73, no. 4, pp. 1547–1559, 2013.
[25] D. Watts, ‘‘Security & vulnerability in electric power systems ,’’ in Proc.
35th North Amer. Power Symp., Rolla, MO, USA, Oct. 2003, pp. 559–566.
[26] A. Giani, G. Karsai, T. Roosta, A. Shah, B. Sinopoli, and J. Wiley,
‘‘A testbed for secure and robust SCADA systems,’’ in Proc. 14th IEEE
Real-Time Embedded Technol. Appl. Symp., 2008, pp. 1–4.
[27] A. A. Cárdenas, S. Amin, Z.-S. Lin, Y.-L. Huang, C.-Y. Huang, and
S. Sastry, ‘‘Attacks against process control systems: Risk assessment,
detection, and response,’’ in Proc. 6th ACM Symp. Inf., Comput. Commun.
Secur. (ASIACCS), 2011, pp. 355–366.
[28] V. M. Igure and R. D. Williams, ‘‘Security and SCADA protocols,’’ in Proc.
5th Int. Topical Meeting Nuclear Plant Instrum. Controls, Human Mach.
Interface (NPIC HMIT), 2006, pp. 560–567.
[29] E. Byres, M. Franz, and D. Miller, ‘‘The use of attack trees in assessing
vulnerabilities in SCADA systems,’’ in Proc. IEEE Int. Infrastruct. Sur-
vivability Workshop (IISW), Lisbon, Portugal, Dec. 2004.
[30] S. Patel and P. Sanyal, ‘‘Securing SCADA systems,’’ Inf. Manage. Comput.
Secur., vol. 16, no. 4, pp. 398–414, 2008.
[31] H. Kim, ‘‘Security and vulnerability of SCADA systems over IP-based
wireless sensor networks,’’ Int. J. Distrib. Sensor Netw., vol. 2012,
Oct. 2012, Art. no. 268478, doi: 10.1155/2012/268478.
[32] A. Khelil, D. Germanus, and N. Suri, ‘‘Protection of SCADA communica-
tion channels,’’ in Critical Infrastructure Protection, J. Lopez, R. Setola,
and S. D. Wolthusen, Eds. Berlin, Germany: Springer, 2012, pp. 177–196.
[33] A. Antonini, A. Barenghi, G. Pelosi, and S. Zonouz, ‘‘Security challenges
in building automation and SCADA,’’ in Proc. Int. Carnahan Conf. Secur.
Technol. (ICCST), 2014, pp. 1–6.
[34] T. Baker, M. Mackay, A. Shaheed, and B. Aldawsari, ‘‘Security-oriented
cloud platform for SOA-based SCADA,’’ in Proc. 15th IEEE/ACM Int.
Symp. Cluster, Cloud Grid Comput., May 2015, pp. 961–970.
[35] R. Tawde, A. Nivangune, and M. Sankhe, ‘‘Cyber security in smart grid
SCADA automation systems,’’ in Proc. Int. Conf. Innov. Inf., Embedded
Commun. Syst. (ICIIECS), Mar. 2015, pp. 1–5.
[36] A. Nicholson, S. Webber, S. Dyer, T. Patel, and H. Janicke, ‘‘SCADA
security in the light of cyber-warfare,’’ Comput. Secur., vol. 31, no. 4,
pp. 418–436, 2012.
[37] Y. Cherdantseva et al., ‘‘A review of cyber security risk assessment meth-
ods for SCADA systems,’’ Comput. Secur., vol. 56, pp. 1–27, Feb. 2015.
[38] W. Knowles, D. Prince, D. Hutchison, J. F. P. Disso, and K. Jones,
‘‘A survey of cyber security management in industrial control systems,’’
Int. J. Crit. Infrastruct. Protect., vol. 9, pp. 52–80, Jun. 2015.
[39] (2016). European Commission: CORDIS: Projects & Results Ser-
vice: Periodic Report Summary 1—PRECYSE (Prevention, Protec-
tion and Reaction to Cyber Attacks to Critical Infrastructures),
accessed on Feb. 3, 2016. [Online]. Available: http://cordis.europa.eu/
result/rcn/149966_en.html
[40] B. Zhu, A. Joseph, and S. Sastry, ‘‘A taxonomy of cyber attacks on
SCADA systems,’’ Ph.D. dissertation, Dept. Elect. Eng. Comput. Sci.,
Univ. California, Berkeley, CA, USA, 2012.
[41] Security and Privacy Controls for Federal Information Systems and Orga-
nizations, NIST Special Pub. 800-53 Revision 4, National Institute of
Standards and Technology, 2013.
[42] Guide to Industrial Control Systems (ICS) Security, Nat. Inst. Standards
Technol. (NIST), USA, 2015.
[43] S. Karnouskos, A. W. Colombo, and T. Bangemann, ‘‘Trends and chal-
lenges for cloud-based industrial cyber-physical systems,’’ Industrial
Cloud-Based Cyber-Physical Systems. 2014, pp. 231–240.
ANAM SAJID received the B.S. degree in
software engineering and the M.S. degree in
computer science with a minor in information
security from the Shaheed Zulfikar Ali Bhutto
Institute of Science and Technology, Pakistan, in
2011 and 2014, respectively. Her research inter-
ests include cloud computing, Internet of Things,
Internet of Everything, healthcare data privacy and
security, supervisory control and data acquisition
system security, malware analysis, critical infras-
tructures, social networking, computer forensics, and big data analysis.
HAIDER ABBAS received the M.S. degree in
engineering and management of information sys-
tems and the Ph.D. degree in information secu-
rity from the KTH Royal Institute of Technology,
Sweden, in 2006 and 2010, respectively. He has
received several research grants for ICT related
projects from various research funding authorities
and working on scientific projects in U.S., EU,
Saudi Arabia, and Pakistan. His professional ser-
vices include—but are not limited to—Guest Edi-
torships, Industry Consultations, a Workshops Chair, a Technical Program
Committee Member, an Invited/Keynote Speaker, and a Reviewer for several
international journals and conferences. He has authored over 50 scientific
research articles in prestigious international journals and conferences. He is
a Research Fellow/Assistant Professor with the Centre of Excellence in Infor-
mation Assurance, King Saud University, Saudi Arabia. He is also associated
with the National University of Sciences and Technology, Pakistan, as an
Assistant Professor, and Security Masons, Sweden, as a Chief Executive
Officer. He is the Principal Advisor for several graduate and doctoral students
with King Saud University, Saudi Arabia, and the National University of
Sciences and Technology, Pakistan.
KASHIF SALEEM received the B.Sc. degree in
computer science from Allama Iqbal Open Uni-
versity, Islamabad, Pakistan, in 2002, the Post
Graduate Diploma degree in computer technology
and communication from Government College
University, Lahore, Pakistan, in 2004, and the
M.E. degree in electrical (electronics and telecom-
munication) engineering and the Ph.D. degree in
electrical engineering from University Technology
Malaysia, in 2007 and 2011, respectively. He is
currently with the Center of Excellence in Information Assurance, King Saud
University, as an Assistant Professor. His research interests include ubiq-
uitous computing, mobile computing, intelligent autonomous systems,
information security, and biological inspired optimization algorithms.
1384 VOLUME 4, 2016
www.redpel.com +917620593389
www.redpel.com +917620593389