A Formal Approach against Code Replacement Attacks on SCADA Systems

Submitted by user123 on Sat, 07/24/2021 - 12:54
Project Investigator
Prof. Sandeep Kumar Shukla

After the Stuxnet worm affected the Iranian nuclear enrichment control system and was later dissected to show that a number of vulnerabilities ranging from the Microsoft operating system to the Siemens applications, firmware, and networking were exploited to slow down the control system or disable parts of the system, in February 2013, U.S President Barack Obama’s executive order on industrial control system security brought the urgency of protecting industrial control systems from cyber-attacks to the public perception. The critical industrial control systems include power generation stations, control centers for utilities, industrial manufacturing systems, chemical processing plants, nuclear plants, and water & sewage control systems and so on.

SCADA or Supervisory Control and Data Acquisition systems are crucial part of most critical infrastructure through which sensor data is collected from physical processes involved, control is computed, and control commands are sent to actuators for affecting control on the physical processes. The project focus on the cyber security of safety-critical systems that are used to monitor and control critical infrastructures such as power transmission grid, power distribution infrastructure, substations, manufacturing systems, water and sewage treatment plants, nuclear or other power plants, or transportation systems such as railway networks. With the advent of smart infrastructure which combines the usage of embedded sensors, actuators, wireless and wire line networks, computerized digital control, monitoring etc., the cyber security of such systems are gaining prominence among researchers , industries, as well as governments.