U bent hier:
  1. Home
  2. Programma
  3. Sandro Etalle
Gold sponsor

Co sponsors




Drink sponsor

Partners

Tip a colleague

Send event to a colleague

Sandro Etalle

TITEL

Towards threat detection and response in Scada systems

 

SPREKER

Sandro Etalle, hoogleraar, TU Eindhoven en Universiteit Twente

 

TAAL

Engels

 

 

ABSTRACT

Security in Supervisory Control and Data Acquisition (Scada) systems has not been a major issue for very long. Until about a decade ago, Scada systems consisted of proprietary hardware with specialized software running on them, interconnected via proprietary networks and network protocols. They were secure by default, as they were physically isolated from the rest of the world.

However, Scada systems have evolved dramatically, and are now interconnected in large IP-type networks, connecting an increasing number (hundreds, thousands) of sensors and actuators, that all become more and more intelligent (ranging from ‘dumb’ sensors to complete computer systems with interfaces to actuators in the physical plant). Proprietary protocols and components are used less and less. This makes these systems much more vulnerable to remote attacks. Since Scada systems control a large part of our so-called critical infrastructure, security and dependability (in particular also survivability, that is, the ability to recover to predefined and acceptable levels of service after the occurrence of disasters) cannot be neglected anymore. In fact, Scada systems can be seen as large-scale infrastructural embedded systems, on which high constraints regarding costs, performance, dependability and security are posed.

About a year ago, we started a co-operation with a major water company that controls the waste, surface and drinking water network of a large city and its environs. In this cooperation, also an engineering consultancy firm and a supplier of Scada equipment are involved. In our presentation, we will discuss ongoing and planned research regarding security and survivability of Scada systems. Issues that will be addressed are a (first) vulnerability assessment, intrusion detection techniques, and access control. Also first results about a survivability study that is ongoing will be reported.