Loading…

An evaluation of cybersecurity assessment tools on a SCADA environment

Increased concerns for electric grid cybersecurity has lead to the development of compliance requirements that must be evaluated by utilities. The North American Electric Reliability Council (NERC) has created Critical Infrastructure Protection (CIP) requirements for all cyber assets supporting the...

Full description

Saved in:
Bibliographic Details
Main Authors: Hahn, A., Govindarasu, M.
Format: Conference Proceeding
Language:English
Subjects:
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
cited_by
cites
container_end_page 6
container_issue
container_start_page 1
container_title
container_volume
creator Hahn, A.
Govindarasu, M.
description Increased concerns for electric grid cybersecurity has lead to the development of compliance requirements that must be evaluated by utilities. The North American Electric Reliability Council (NERC) has created Critical Infrastructure Protection (CIP) requirements for all cyber assets supporting the bulk power system[17]. This research explores whether the methodologies and tools commonly used for traditional information technology (IT) systems are sufficient to meet the cybersecurity assessment needs in power systems. This paper reviews these assessment tools to determine their ability to assist in the evaluation of the CIP requirements. In addition to the evaluation the tool capabilities, they are also reviewed for their potential to negatively impact the network availability properties. Evaluation was performed on the PowerCyber testbed at Iowa State University which implements real-world environment as in employs industry standard hardware, software and field devices. The results of this analysis is provided along with a review known gaps where current IT cybersecurity tools do not appropriately support SCADA environments.
doi_str_mv 10.1109/PES.2011.6039845
format conference_proceeding
fullrecord <record><control><sourceid>ieee_6IE</sourceid><recordid>TN_cdi_ieee_primary_6039845</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>6039845</ieee_id><sourcerecordid>6039845</sourcerecordid><originalsourceid>FETCH-LOGICAL-i175t-40019a98f29cc450e83a2e806ab865919196f08092705005f39602c2897fe4c93</originalsourceid><addsrcrecordid>eNo1UE1Lw0AUXFHBtvYueNk_kPjefmR3jyG2KhQUqueyXd5CJE0kmxby7420ModhmGEYhrEHhBwR3NPHapsLQMwLkM4qfcXmqLQxCCDwmi2dsf8a8IbN0EmRaY3mjs1T-gbQEpWYsXXZcjr55uiHumt5F3kY99QnCse-HkbuU6KUDtQOfOi6JvEp5Pm2Kp9LTu2p7rv2z7xnt9E3iZYXXrCv9eqzes027y9vVbnJajR6yNQ0xnlno3AhKA1kpRdkofB7W2iHE4oIFpwwoKeNUboCRBDWmUgqOLlgj-femoh2P3198P24u3wgfwF9gEvK</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>An evaluation of cybersecurity assessment tools on a SCADA environment</title><source>IEEE Electronic Library (IEL) Conference Proceedings</source><creator>Hahn, A. ; Govindarasu, M.</creator><creatorcontrib>Hahn, A. ; Govindarasu, M.</creatorcontrib><description>Increased concerns for electric grid cybersecurity has lead to the development of compliance requirements that must be evaluated by utilities. The North American Electric Reliability Council (NERC) has created Critical Infrastructure Protection (CIP) requirements for all cyber assets supporting the bulk power system[17]. This research explores whether the methodologies and tools commonly used for traditional information technology (IT) systems are sufficient to meet the cybersecurity assessment needs in power systems. This paper reviews these assessment tools to determine their ability to assist in the evaluation of the CIP requirements. In addition to the evaluation the tool capabilities, they are also reviewed for their potential to negatively impact the network availability properties. Evaluation was performed on the PowerCyber testbed at Iowa State University which implements real-world environment as in employs industry standard hardware, software and field devices. The results of this analysis is provided along with a review known gaps where current IT cybersecurity tools do not appropriately support SCADA environments.</description><identifier>ISSN: 1932-5517</identifier><identifier>ISBN: 9781457710001</identifier><identifier>ISBN: 1457710005</identifier><identifier>EISBN: 1457710021</identifier><identifier>EISBN: 9781457710018</identifier><identifier>EISBN: 1457710013</identifier><identifier>EISBN: 9781457710025</identifier><identifier>DOI: 10.1109/PES.2011.6039845</identifier><language>eng</language><publisher>IEEE</publisher><subject>Availability ; Computer security ; Protocols ; SCADA systems ; Servers ; Software</subject><ispartof>2011 IEEE Power and Energy Society General Meeting, 2011, p.1-6</ispartof><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/6039845$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>309,310,780,784,789,790,2058,27925,54920</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/6039845$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Hahn, A.</creatorcontrib><creatorcontrib>Govindarasu, M.</creatorcontrib><title>An evaluation of cybersecurity assessment tools on a SCADA environment</title><title>2011 IEEE Power and Energy Society General Meeting</title><addtitle>PES</addtitle><description>Increased concerns for electric grid cybersecurity has lead to the development of compliance requirements that must be evaluated by utilities. The North American Electric Reliability Council (NERC) has created Critical Infrastructure Protection (CIP) requirements for all cyber assets supporting the bulk power system[17]. This research explores whether the methodologies and tools commonly used for traditional information technology (IT) systems are sufficient to meet the cybersecurity assessment needs in power systems. This paper reviews these assessment tools to determine their ability to assist in the evaluation of the CIP requirements. In addition to the evaluation the tool capabilities, they are also reviewed for their potential to negatively impact the network availability properties. Evaluation was performed on the PowerCyber testbed at Iowa State University which implements real-world environment as in employs industry standard hardware, software and field devices. The results of this analysis is provided along with a review known gaps where current IT cybersecurity tools do not appropriately support SCADA environments.</description><subject>Availability</subject><subject>Computer security</subject><subject>Protocols</subject><subject>SCADA systems</subject><subject>Servers</subject><subject>Software</subject><issn>1932-5517</issn><isbn>9781457710001</isbn><isbn>1457710005</isbn><isbn>1457710021</isbn><isbn>9781457710018</isbn><isbn>1457710013</isbn><isbn>9781457710025</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2011</creationdate><recordtype>conference_proceeding</recordtype><sourceid>6IE</sourceid><recordid>eNo1UE1Lw0AUXFHBtvYueNk_kPjefmR3jyG2KhQUqueyXd5CJE0kmxby7420ModhmGEYhrEHhBwR3NPHapsLQMwLkM4qfcXmqLQxCCDwmi2dsf8a8IbN0EmRaY3mjs1T-gbQEpWYsXXZcjr55uiHumt5F3kY99QnCse-HkbuU6KUDtQOfOi6JvEp5Pm2Kp9LTu2p7rv2z7xnt9E3iZYXXrCv9eqzes027y9vVbnJajR6yNQ0xnlno3AhKA1kpRdkofB7W2iHE4oIFpwwoKeNUboCRBDWmUgqOLlgj-femoh2P3198P24u3wgfwF9gEvK</recordid><startdate>201107</startdate><enddate>201107</enddate><creator>Hahn, A.</creator><creator>Govindarasu, M.</creator><general>IEEE</general><scope>6IE</scope><scope>6IH</scope><scope>CBEJK</scope><scope>RIE</scope><scope>RIO</scope></search><sort><creationdate>201107</creationdate><title>An evaluation of cybersecurity assessment tools on a SCADA environment</title><author>Hahn, A. ; Govindarasu, M.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-i175t-40019a98f29cc450e83a2e806ab865919196f08092705005f39602c2897fe4c93</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2011</creationdate><topic>Availability</topic><topic>Computer security</topic><topic>Protocols</topic><topic>SCADA systems</topic><topic>Servers</topic><topic>Software</topic><toplevel>online_resources</toplevel><creatorcontrib>Hahn, A.</creatorcontrib><creatorcontrib>Govindarasu, M.</creatorcontrib><collection>IEEE Electronic Library (IEL) Conference Proceedings</collection><collection>IEEE Proceedings Order Plan (POP) 1998-present by volume</collection><collection>IEEE Xplore All Conference Proceedings</collection><collection>IEEE Xplore</collection><collection>IEEE Proceedings Order Plans (POP) 1998-present</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Hahn, A.</au><au>Govindarasu, M.</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>An evaluation of cybersecurity assessment tools on a SCADA environment</atitle><btitle>2011 IEEE Power and Energy Society General Meeting</btitle><stitle>PES</stitle><date>2011-07</date><risdate>2011</risdate><spage>1</spage><epage>6</epage><pages>1-6</pages><issn>1932-5517</issn><isbn>9781457710001</isbn><isbn>1457710005</isbn><eisbn>1457710021</eisbn><eisbn>9781457710018</eisbn><eisbn>1457710013</eisbn><eisbn>9781457710025</eisbn><abstract>Increased concerns for electric grid cybersecurity has lead to the development of compliance requirements that must be evaluated by utilities. The North American Electric Reliability Council (NERC) has created Critical Infrastructure Protection (CIP) requirements for all cyber assets supporting the bulk power system[17]. This research explores whether the methodologies and tools commonly used for traditional information technology (IT) systems are sufficient to meet the cybersecurity assessment needs in power systems. This paper reviews these assessment tools to determine their ability to assist in the evaluation of the CIP requirements. In addition to the evaluation the tool capabilities, they are also reviewed for their potential to negatively impact the network availability properties. Evaluation was performed on the PowerCyber testbed at Iowa State University which implements real-world environment as in employs industry standard hardware, software and field devices. The results of this analysis is provided along with a review known gaps where current IT cybersecurity tools do not appropriately support SCADA environments.</abstract><pub>IEEE</pub><doi>10.1109/PES.2011.6039845</doi><tpages>6</tpages></addata></record>
fulltext fulltext_linktorsrc
identifier ISSN: 1932-5517
ispartof 2011 IEEE Power and Energy Society General Meeting, 2011, p.1-6
issn 1932-5517
language eng
recordid cdi_ieee_primary_6039845
source IEEE Electronic Library (IEL) Conference Proceedings
subjects Availability
Computer security
Protocols
SCADA systems
Servers
Software
title An evaluation of cybersecurity assessment tools on a SCADA environment
url http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-25T14%3A31%3A46IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-ieee_6IE&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=An%20evaluation%20of%20cybersecurity%20assessment%20tools%20on%20a%20SCADA%20environment&rft.btitle=2011%20IEEE%20Power%20and%20Energy%20Society%20General%20Meeting&rft.au=Hahn,%20A.&rft.date=2011-07&rft.spage=1&rft.epage=6&rft.pages=1-6&rft.issn=1932-5517&rft.isbn=9781457710001&rft.isbn_list=1457710005&rft_id=info:doi/10.1109/PES.2011.6039845&rft.eisbn=1457710021&rft.eisbn_list=9781457710018&rft.eisbn_list=1457710013&rft.eisbn_list=9781457710025&rft_dat=%3Cieee_6IE%3E6039845%3C/ieee_6IE%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-i175t-40019a98f29cc450e83a2e806ab865919196f08092705005f39602c2897fe4c93%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=6039845&rfr_iscdi=true