Abstract

Supervisory control and data acquisition (SCADA) systems are real-time process control systems that monitor and control local or geographically remote devices. They are in wide use throughout a variety of critical infrastructure sectors, and are a critical component of operations. The SCADA system also provides a managementway for important plant performance information to be obtained for use by managers and engineers at a corporate level. SCADA historically is responsible for monitoring and controlling critical infrastructures and manufacturing processes in an isolated environment. But with the requirement of a timely access of information for making decisions, large and modern companies being in a geographically diverse location take advantage of the internet as an important communication channel to allow the exchange of data. However, with SCADA being in the internet raise the issue of security. As more components of control systems become interconnected with the outside world using IP-based standards, the probability and impact of a cyber attack heighten. Since, the reliable function of SCADA systems in our modern infrastructure may be crucial to public health and safety management. Attacks on these systems may directly or indirectly threaten public health and safety since SCADA control the sources of our daily necessities such as oil and gas, air traffic and railways, power generation and transmission, water and manufacturing. With the posted threats and listed vulnerabilities in this study, a retrofit for these threats through the crossed cipher scheme is presented. To get the best of both types of cipher symmetric using advanced encryption standard (AES) and the asymmetric elliptic curve cryptography (ECC) to address the confidentiality, authentication, integrity and non-repudiation issues in SCADA system management.

Key words: Supervisory control and data acquisition (SCADA), security, threats, vulnerability, management.