Loading…
An evaluation of cybersecurity assessment tools on a SCADA environment
Increased concerns for electric grid cybersecurity has lead to the development of compliance requirements that must be evaluated by utilities. The North American Electric Reliability Council (NERC) has created Critical Infrastructure Protection (CIP) requirements for all cyber assets supporting the...
Saved in:
Main Authors: | , |
---|---|
Format: | Conference Proceeding |
Language: | English |
Subjects: | |
Online Access: | Request full text |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
cited_by | |
---|---|
cites | |
container_end_page | 6 |
container_issue | |
container_start_page | 1 |
container_title | |
container_volume | |
creator | Hahn, A. Govindarasu, M. |
description | Increased concerns for electric grid cybersecurity has lead to the development of compliance requirements that must be evaluated by utilities. The North American Electric Reliability Council (NERC) has created Critical Infrastructure Protection (CIP) requirements for all cyber assets supporting the bulk power system[17]. This research explores whether the methodologies and tools commonly used for traditional information technology (IT) systems are sufficient to meet the cybersecurity assessment needs in power systems. This paper reviews these assessment tools to determine their ability to assist in the evaluation of the CIP requirements. In addition to the evaluation the tool capabilities, they are also reviewed for their potential to negatively impact the network availability properties. Evaluation was performed on the PowerCyber testbed at Iowa State University which implements real-world environment as in employs industry standard hardware, software and field devices. The results of this analysis is provided along with a review known gaps where current IT cybersecurity tools do not appropriately support SCADA environments. |
doi_str_mv | 10.1109/PES.2011.6039845 |
format | conference_proceeding |
fullrecord | <record><control><sourceid>ieee_6IE</sourceid><recordid>TN_cdi_ieee_primary_6039845</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>6039845</ieee_id><sourcerecordid>6039845</sourcerecordid><originalsourceid>FETCH-LOGICAL-i175t-40019a98f29cc450e83a2e806ab865919196f08092705005f39602c2897fe4c93</originalsourceid><addsrcrecordid>eNo1UE1Lw0AUXFHBtvYueNk_kPjefmR3jyG2KhQUqueyXd5CJE0kmxby7420ModhmGEYhrEHhBwR3NPHapsLQMwLkM4qfcXmqLQxCCDwmi2dsf8a8IbN0EmRaY3mjs1T-gbQEpWYsXXZcjr55uiHumt5F3kY99QnCse-HkbuU6KUDtQOfOi6JvEp5Pm2Kp9LTu2p7rv2z7xnt9E3iZYXXrCv9eqzes027y9vVbnJajR6yNQ0xnlno3AhKA1kpRdkofB7W2iHE4oIFpwwoKeNUboCRBDWmUgqOLlgj-femoh2P3198P24u3wgfwF9gEvK</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>An evaluation of cybersecurity assessment tools on a SCADA environment</title><source>IEEE Electronic Library (IEL) Conference Proceedings</source><creator>Hahn, A. ; Govindarasu, M.</creator><creatorcontrib>Hahn, A. ; Govindarasu, M.</creatorcontrib><description>Increased concerns for electric grid cybersecurity has lead to the development of compliance requirements that must be evaluated by utilities. The North American Electric Reliability Council (NERC) has created Critical Infrastructure Protection (CIP) requirements for all cyber assets supporting the bulk power system[17]. This research explores whether the methodologies and tools commonly used for traditional information technology (IT) systems are sufficient to meet the cybersecurity assessment needs in power systems. This paper reviews these assessment tools to determine their ability to assist in the evaluation of the CIP requirements. In addition to the evaluation the tool capabilities, they are also reviewed for their potential to negatively impact the network availability properties. Evaluation was performed on the PowerCyber testbed at Iowa State University which implements real-world environment as in employs industry standard hardware, software and field devices. The results of this analysis is provided along with a review known gaps where current IT cybersecurity tools do not appropriately support SCADA environments.</description><identifier>ISSN: 1932-5517</identifier><identifier>ISBN: 9781457710001</identifier><identifier>ISBN: 1457710005</identifier><identifier>EISBN: 1457710021</identifier><identifier>EISBN: 9781457710018</identifier><identifier>EISBN: 1457710013</identifier><identifier>EISBN: 9781457710025</identifier><identifier>DOI: 10.1109/PES.2011.6039845</identifier><language>eng</language><publisher>IEEE</publisher><subject>Availability ; Computer security ; Protocols ; SCADA systems ; Servers ; Software</subject><ispartof>2011 IEEE Power and Energy Society General Meeting, 2011, p.1-6</ispartof><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/6039845$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>309,310,780,784,789,790,2058,27925,54920</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/6039845$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Hahn, A.</creatorcontrib><creatorcontrib>Govindarasu, M.</creatorcontrib><title>An evaluation of cybersecurity assessment tools on a SCADA environment</title><title>2011 IEEE Power and Energy Society General Meeting</title><addtitle>PES</addtitle><description>Increased concerns for electric grid cybersecurity has lead to the development of compliance requirements that must be evaluated by utilities. The North American Electric Reliability Council (NERC) has created Critical Infrastructure Protection (CIP) requirements for all cyber assets supporting the bulk power system[17]. This research explores whether the methodologies and tools commonly used for traditional information technology (IT) systems are sufficient to meet the cybersecurity assessment needs in power systems. This paper reviews these assessment tools to determine their ability to assist in the evaluation of the CIP requirements. In addition to the evaluation the tool capabilities, they are also reviewed for their potential to negatively impact the network availability properties. Evaluation was performed on the PowerCyber testbed at Iowa State University which implements real-world environment as in employs industry standard hardware, software and field devices. The results of this analysis is provided along with a review known gaps where current IT cybersecurity tools do not appropriately support SCADA environments.</description><subject>Availability</subject><subject>Computer security</subject><subject>Protocols</subject><subject>SCADA systems</subject><subject>Servers</subject><subject>Software</subject><issn>1932-5517</issn><isbn>9781457710001</isbn><isbn>1457710005</isbn><isbn>1457710021</isbn><isbn>9781457710018</isbn><isbn>1457710013</isbn><isbn>9781457710025</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2011</creationdate><recordtype>conference_proceeding</recordtype><sourceid>6IE</sourceid><recordid>eNo1UE1Lw0AUXFHBtvYueNk_kPjefmR3jyG2KhQUqueyXd5CJE0kmxby7420ModhmGEYhrEHhBwR3NPHapsLQMwLkM4qfcXmqLQxCCDwmi2dsf8a8IbN0EmRaY3mjs1T-gbQEpWYsXXZcjr55uiHumt5F3kY99QnCse-HkbuU6KUDtQOfOi6JvEp5Pm2Kp9LTu2p7rv2z7xnt9E3iZYXXrCv9eqzes027y9vVbnJajR6yNQ0xnlno3AhKA1kpRdkofB7W2iHE4oIFpwwoKeNUboCRBDWmUgqOLlgj-femoh2P3198P24u3wgfwF9gEvK</recordid><startdate>201107</startdate><enddate>201107</enddate><creator>Hahn, A.</creator><creator>Govindarasu, M.</creator><general>IEEE</general><scope>6IE</scope><scope>6IH</scope><scope>CBEJK</scope><scope>RIE</scope><scope>RIO</scope></search><sort><creationdate>201107</creationdate><title>An evaluation of cybersecurity assessment tools on a SCADA environment</title><author>Hahn, A. ; Govindarasu, M.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-i175t-40019a98f29cc450e83a2e806ab865919196f08092705005f39602c2897fe4c93</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2011</creationdate><topic>Availability</topic><topic>Computer security</topic><topic>Protocols</topic><topic>SCADA systems</topic><topic>Servers</topic><topic>Software</topic><toplevel>online_resources</toplevel><creatorcontrib>Hahn, A.</creatorcontrib><creatorcontrib>Govindarasu, M.</creatorcontrib><collection>IEEE Electronic Library (IEL) Conference Proceedings</collection><collection>IEEE Proceedings Order Plan (POP) 1998-present by volume</collection><collection>IEEE Xplore All Conference Proceedings</collection><collection>IEEE Xplore</collection><collection>IEEE Proceedings Order Plans (POP) 1998-present</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Hahn, A.</au><au>Govindarasu, M.</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>An evaluation of cybersecurity assessment tools on a SCADA environment</atitle><btitle>2011 IEEE Power and Energy Society General Meeting</btitle><stitle>PES</stitle><date>2011-07</date><risdate>2011</risdate><spage>1</spage><epage>6</epage><pages>1-6</pages><issn>1932-5517</issn><isbn>9781457710001</isbn><isbn>1457710005</isbn><eisbn>1457710021</eisbn><eisbn>9781457710018</eisbn><eisbn>1457710013</eisbn><eisbn>9781457710025</eisbn><abstract>Increased concerns for electric grid cybersecurity has lead to the development of compliance requirements that must be evaluated by utilities. The North American Electric Reliability Council (NERC) has created Critical Infrastructure Protection (CIP) requirements for all cyber assets supporting the bulk power system[17]. This research explores whether the methodologies and tools commonly used for traditional information technology (IT) systems are sufficient to meet the cybersecurity assessment needs in power systems. This paper reviews these assessment tools to determine their ability to assist in the evaluation of the CIP requirements. In addition to the evaluation the tool capabilities, they are also reviewed for their potential to negatively impact the network availability properties. Evaluation was performed on the PowerCyber testbed at Iowa State University which implements real-world environment as in employs industry standard hardware, software and field devices. The results of this analysis is provided along with a review known gaps where current IT cybersecurity tools do not appropriately support SCADA environments.</abstract><pub>IEEE</pub><doi>10.1109/PES.2011.6039845</doi><tpages>6</tpages></addata></record> |
fulltext | fulltext_linktorsrc |
identifier | ISSN: 1932-5517 |
ispartof | 2011 IEEE Power and Energy Society General Meeting, 2011, p.1-6 |
issn | 1932-5517 |
language | eng |
recordid | cdi_ieee_primary_6039845 |
source | IEEE Electronic Library (IEL) Conference Proceedings |
subjects | Availability Computer security Protocols SCADA systems Servers Software |
title | An evaluation of cybersecurity assessment tools on a SCADA environment |
url | http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-25T14%3A31%3A46IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-ieee_6IE&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=An%20evaluation%20of%20cybersecurity%20assessment%20tools%20on%20a%20SCADA%20environment&rft.btitle=2011%20IEEE%20Power%20and%20Energy%20Society%20General%20Meeting&rft.au=Hahn,%20A.&rft.date=2011-07&rft.spage=1&rft.epage=6&rft.pages=1-6&rft.issn=1932-5517&rft.isbn=9781457710001&rft.isbn_list=1457710005&rft_id=info:doi/10.1109/PES.2011.6039845&rft.eisbn=1457710021&rft.eisbn_list=9781457710018&rft.eisbn_list=1457710013&rft.eisbn_list=9781457710025&rft_dat=%3Cieee_6IE%3E6039845%3C/ieee_6IE%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-i175t-40019a98f29cc450e83a2e806ab865919196f08092705005f39602c2897fe4c93%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=6039845&rfr_iscdi=true |