Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security metrics in SCADA system Master of Computer and Information Science Student: Nguyen Duc Nam Supervisor: Elena Sitnikova.

Published byCorinne Lean Modified over 9 years ago

Similar presentations

Presentation on theme: "Security metrics in SCADA system Master of Computer and Information Science Student: Nguyen Duc Nam Supervisor: Elena Sitnikova."— Presentation transcript:

1 Security metrics in SCADA system Master of Computer and Information Science Student: Nguyen Duc Nam Supervisor: Elena Sitnikova

2 2 Introduction Thesis question SCADA system  Structure  Challenges Security metrics  Definition  Broad classes of metrics  Security metrics in SCADA Conclusion

3 3 Thesis question How can the security of SCADA systems be measured?  Definition of SCADA system  Why we concern about security in SCADA system?  How?

4 SCADA system Supervisory control and data acquisition (SCADA) system SCADA system are widely used in:  Monitor and control industrial systems  Oil and gas  Air traffic and railways  Power generation and transmission  Water management  Manufacturing  Production plants 4

5 5 SCADA Structure Figure 1: SCADA System General Layout (Stouffer et al. 2008)

6 Challenges of SCADA system Number of attacks on SCADA increasing  330 reported attacks on oil and gas in 30 countries from 1990 to 2004.  70% of their clients had at least one major attack in the first six months of 2002 and it is 57% in the last six months of 2001 (Riptech)  Attack on Maroochy Shire Council’s sewage control system 2000  Slammer worm 2003  Zotob 2005  Center of Strategic and International Studies: 2009 less than 50% respondents > 2010 more than 80% 6

7 Security metrics “metrics” describes a broad category of tools used by decision makers to evaluate data in many different areas of an organization.  No more than 1% untrained Security metrics cannot always be applied directly to systems  Use strong user passwords with limited lifetime and account lockout >< during critical event make confusion 7

8 Three broad classes of metrics Organizational metrics: describe and track the effectiveness of organizational programs and processes Operational metrics: describe and manage risks to operational environments including as-used systems and operating practices Technical metrics: describe and compare technical objects such as algorithms, specifications, architectures and alternative designs, products and implemented systems. 8

9 Organizational metrics Assessing the adequacy of the standards, policies and procedures adopted by the organization to enhance security  Answer:  Has an industry standard for security been adopted by the organization?  Is there a policy that calls for an annual cyber security?  Is there a policy that requires operators and maintenance personnel to receive periodic cyber security training?  Is there a procedure that needs to be followed? 9

10 Operational metrics Assessing how well the organization’s formal policies and procedures are implemented by the responsible staff member Answer:  Are cyber security inspections conducted by personnel who have received specialized training in cyber security?  If so, was the certified training course meets industry standards?  Is each inspection carried out by personnel who are independent of technical group that is responsible for day to day operations?  Are the results of each inspection documented and saved into an inspection database? 10

11 Technical metrics Assessing the adequacy of security being imposed to protect specific components of system. Answer:  How many attempts have been made this week to access the system from internet? Does this represent a 50% increase above the normal usage level?  What is the ratio between the number of unsuccessful and successful attempts to access the system? Does this ratio exceed the criteria for concern?  Is the modem cable (link system and verdors) kept disconnected and stored the appropriate distance away from the modem when not in actual and approved use? 11

12 Technical metrics (continued) Antivirus and antispyware software installed on machines Updated machines Vulnerabilities per machines Host uptime Downtime Application vulnerability Number of attacks Probability of attacks Shortest length of attacks 12

13 Recommendations for developing metrics Bottom up versus top down  Bottom up: identifying existing data as starting point  Top down: starting with the goals and questions of the end user Product and system design metrics Return on investment Metrics based on compliance with security standards or best practices Real-time monitoring metrics 13

14 14 Conclusion Big overview of SCADA system and security metrics Metrics are used in many industries but the metrics for evaluation and analysis of security are not widely available due to lack of focus on cyber security and limited security technologies specifically designed for PC Number of security metrics tools are growing but some of them can applied directly to SCADA system Out next step is based on this thesis, develop a metric that meet the needs of a specific industry. We highly encourage industry supports and feedback on future work

15 Thanks 15

Download ppt "Security metrics in SCADA system Master of Computer and Information Science Student: Nguyen Duc Nam Supervisor: Elena Sitnikova."

Similar presentations

Managers and Management

Managers and Management
Managing Hardware and Software Assets

Managing Hardware and Software Assets
1. International Module – 503 Noise: Measurement & Its Effects Day 5.

1. International Module – 503 Noise: Measurement & Its Effects Day 5.
Chapter 1: The Database Environment

Chapter 1: The Database Environment
Chapter 24 Quality Management.

Chapter 24 Quality Management.
1 of 21 Information Strategy Developing an Information Strategy © FAO 2005 IMARK Investing in Information for Development Information Strategy Developing.

1 of 21 Information Strategy Developing an Information Strategy © FAO 2005 IMARK Investing in Information for Development Information Strategy Developing.
1 of 14 Information Access Management Interventions © FAO 2005 IMARK Investing in Information for Development Information Access Management Interventions.

1 of 14 Information Access Management Interventions © FAO 2005 IMARK Investing in Information for Development Information Access Management Interventions.
1 of 15 Information Access Internal Information © FAO 2005 IMARK Investing in Information for Development Information Access Internal Information.

1 of 15 Information Access Internal Information © FAO 2005 IMARK Investing in Information for Development Information Access Internal Information.
ASYCUDA Overview … a summary of the objectives of ASYCUDA implementation projects and features of the software for the Customs computer system.

ASYCUDA Overview … a summary of the objectives of ASYCUDA implementation projects and features of the software for the Customs computer system.
1 Introduction to Safety Management April 2006. 2 Objective The objective of this presentation is to highlight some of the basic elements of Safety Management.

1 Introduction to Safety Management April Objective The objective of this presentation is to highlight some of the basic elements of Safety Management.
1 www.vita.virginia.gov IT Risk Management in Government Jonathan Smith Sr. Risk Manager Commonwealth Security and Risk Management October 1, 2013 www.vita.virginia.gov.

1 IT Risk Management in Government Jonathan Smith Sr. Risk Manager Commonwealth Security and Risk Management October 1,
HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.

HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.
WECC Board of Directors April 21-23, 2004 Seattle, Washington WECC Procedure for Reporting of System Events Disturbance Reports Rod Maslowski OC Vice Chairperson.

WECC Board of Directors April 21-23, 2004 Seattle, Washington WECC Procedure for Reporting of System Events Disturbance Reports Rod Maslowski OC Vice Chairperson.
1 National Center for the Training of Bank Personnel of Ukraine.

1 National Center for the Training of Bank Personnel of Ukraine.
Modern Systems Analyst and as a Project Manager

Modern Systems Analyst and as a Project Manager
Making the System Operational

Making the System Operational
NERC Reliability Readiness The Next Steps Mitch Needham NERC Readiness Evaluator September 24, 2007.

NERC Reliability Readiness The Next Steps Mitch Needham NERC Readiness Evaluator September 24, 2007.
Condition Monitoring Roles in Asset Reliability and Regulatory Compliance Dave Haerle, Los Angeles Department of Water and Power Scott Kunze, DataSplice.

Condition Monitoring Roles in Asset Reliability and Regulatory Compliance Dave Haerle, Los Angeles Department of Water and Power Scott Kunze, DataSplice.
Lessons Learned from Financial Management Reviews May 15, 2008 Bruce Robinson FTA Office of Research, Demonstration and Innovation.

Lessons Learned from Financial Management Reviews May 15, 2008 Bruce Robinson FTA Office of Research, Demonstration and Innovation.
Software change management

Software change management

Similar presentations

Ads by Google