A practical SCADA testbed in electrical power system environment for cyber-security exercises

Abstract

The impact from Stuxnet worm to SCADA systems in 2010 has been one of the most significant signals of a well-coordinated cyber-Attack is now towards disrupting national critical infrastructures such as power grid governed by SCADA system. The discovery of this worm has put a lot of attention on the strength and security level of security countermeasures of existing critical infrastructure systems such as SCADA that has been long used as a legacy system. One way to assess the strength and security level of a system is through penetration testing and vulnerability assessment that would help in determining weaknesses, loopholes and potential breaches for exploitation in system defences. However, performing a real penetration test and vulnerability assessment in a real critical infrastructure system is infeasible and unlikely to happen because an unintended consequence that might occur can propagate its effect to a wider scale. On the other hand, a replicated system is also infeasible due to the high cost and huge effort required. Therefore, developing a realistic SCADA testbed is the best available option for the cyber-security exercise to take place. This paper describes in-detail a scalable and reconfigurable SCADA testbed for cyber-security analysis. © 2018 Penerbit Universiti All rights reserved.