To see the other types of publications on this topic, follow the link: IDS SCADA.
Journal articles on the topic 'IDS SCADA'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 journal articles for your research on the topic 'IDS SCADA.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.
1
Syamsul Arifin, M. Agus, Susanto Susanto, Deris Stiawan, Mohd Yazid Idris, and Rahmat Budiarto. "The trends of supervisory control and data acquisition security challenges in heterogeneous networks." Indonesian Journal of Electrical Engineering and Computer Science 22, no. 2 (2021): 874. http://dx.doi.org/10.11591/ijeecs.v22.i2.pp874-883.
Full textAbstract:
<p>Supervisory control and data acquisition (SCADA) has an important role in communication between devices in strategic industries such as power plant grid/network. Besides, the SCADA system is now open to any external heterogeneous networks to facilitate monitoring of industrial equipment, but this causes a new vulnerability in the SCADA network system. Any disruption on the SCADA system will give rise to a dangerous impact on industrial devices. Therefore, deep research and development of reliable intrusion detection system (IDS) for SCADA system/network is required. Via a thorough literature review, this paper firstly discusses current security issues of SCADA system and look closely benchmark dataset and SCADA security holes, followed by SCADA traffic anomaly recognition using artificial intelligence techniques and visual traffic monitoring system. Then, touches on the encryption technique suitable for the SCADA network. In the end, this paper gives the trend of SCADA IDS in the future and provides a proposed model to generate a reliable IDS, this model is proposed based on the investigation of previous researches. This paper focuses on SCADA systems that use IEC 60870-5-104 (IEC 104) protocol and distributed network protocol version 3 (DNP3) protocol as many SCADA systems use these two protocols.</p>
2
Arifin, M. Agus Syamsul, Susanto Susanto, Deris Stiawan, Mohd Yazid Idris, and Rahmat Budiarto. "The trends of supervisory control and data acquisition security challenges in heterogeneous networks." Indonesian Journal of Electrical Engineering and Computer Science 22, no. 2 (2021): 874–83. https://doi.org/10.11591/ijeecs.v22.i2.pp874-883.
Full textAbstract:
Supervisory control and data acquisition (SCADA) has an important role in communication between devices in strategic industries such as power plant grid/network. Besides, the SCADA system is now open to any external heterogeneous networks to facilitate monitoring of industrial equipment, but this causes a new vulnerability in the SCADA network system. Any disruption on the SCADA system will give rise to a dangerous impact on industrial devices. Therefore, deep research and development of reliable intrusion detection system (IDS) for SCADA system/network is required. Via a thorough literature review, this paper firstly discusses current security issues of SCADA system and look closely benchmark dataset and SCADA security holes, followed by SCADA traffic anomaly recognition using artificial intelligence techniques and visual traffic monitoring system. Then, touches on the encryption technique suitable for the SCADA network. In the end, this paper gives the trend of SCADA IDS in the future and provides a proposed model to generate a reliable IDS, this model is proposed based on the investigation of previous researches. This paper focuses on SCADA systems that use IEC 60870-5-104 (IEC 104) protocol and distributed network protocol version 3 (DNP3) Protocol as many SCADA systems use these two protocols.
3
Cruz, Tiago, Jorge Proença, Paulo Simões, et al. "A Distributed IDS for Industrial Control Systems." International Journal of Cyber Warfare and Terrorism 4, no. 2 (2014): 1–22. http://dx.doi.org/10.4018/ijcwt.2014040101.
Full textAbstract:
Cyber-threats are one of the most significant problems faced by modern Industrial Control Systems (ICS), such as SCADA (Supervisory Control and Data Acquisition) systems, as the vulnerabilities of ICS technology become serious threats that can ultimately compromise human lives. This situation demands a domain-specific approach to cyber threat detection within ICS, which is one of the most important contributions of the CockpitCI FP7 project (http://CockpitCI.eu). Specifically, this paper will present the CockpitCI distributed Intrusion Detection System (IDS) for ICS, which provides its core cyber-detection and analysis capabilities, also including a description of its components, in terms of role, operation, integration, and remote management. Moreover, it will also introduce and describe new domain-specific solutions for ICS security such as the SCADA Honeypot and the Shadow Security Unit, which are part of the CockcpitCI IDS framework.
4
D'Aquino, Anderson Mussel, Luiz Fernando Rust da Costa Carmo, Luci Pirmez, and Claudio Miceli de Farias. "IBEMCS: IDS BASEADO EM EVENTOS MULTI-CONTEXTO PARA SCADA / IBEMCS: EVENT BASED IDS MULTI-CONTEXT FOR SCADA." Brazilian Journal of Development 7, no. 1 (2021): 3975–92. http://dx.doi.org/10.34117/bjdv7n1-269.
Full text
5
Krishnan Sadhasivan, Dhanalakshmi, and Kannapiran Balasubramanian. "A Fusion of Multiagent Functionalities for Effective Intrusion Detection System." Security and Communication Networks 2017 (2017): 1–15. http://dx.doi.org/10.1155/2017/6216078.
Full textAbstract:
Provision of high security is one of the active research areas in the network applications. The failure in the centralized system based on the attacks provides less protection. Besides, the lack of update of new attacks arrival leads to the minimum accuracy of detection. The major focus of this paper is to improve the detection performance through the adaptive update of attacking information to the database. We propose an Adaptive Rule-Based Multiagent Intrusion Detection System (ARMA-IDS) to detect the anomalies in the real-time datasets such as KDD and SCADA. Besides, the feedback loop provides the necessary update of attacks in the database that leads to the improvement in the detection accuracy. The combination of the rules and responsibilities for multiagents effectively detects the anomaly behavior, misuse of response, or relay reports of gas/water pipeline data in KDD and SCADA, respectively. The comparative analysis of the proposed ARMA-IDS with the various existing path mining methods, namely, random forest, JRip, a combination of AdaBoost/JRip, and common path mining on the SCADA dataset conveys that the effectiveness of the proposed ARMA-IDS in the real-time fault monitoring. Moreover, the proposed ARMA-IDS offers the higher detection rate in the SCADA and KDD cup 1999 datasets.
6
Balla, Asaad, Mohamed Hadi Habaebi, Elfatih A. A. Elsheikh, Md Rafiqul Islam, and F. M. Suliman. "The Effect of Dataset Imbalance on the Performance of SCADA Intrusion Detection Systems." Sensors 23, no. 2 (2023): 758. http://dx.doi.org/10.3390/s23020758.
Full textAbstract:
Integrating IoT devices in SCADA systems has provided efficient and improved data collection and transmission technologies. This enhancement comes with significant security challenges, exposing traditionally isolated systems to the public internet. Effective and highly reliable security devices, such as intrusion detection system (IDSs) and intrusion prevention systems (IPS), are critical. Countless studies used deep learning algorithms to design an efficient IDS; however, the fundamental issue of imbalanced datasets was not fully addressed. In our research, we examined the impact of data imbalance on developing an effective SCADA-based IDS. To investigate the impact of various data balancing techniques, we chose two unbalanced datasets, the Morris power dataset, and CICIDS2017 dataset, including random sampling, one-sided selection (OSS), near-miss, SMOTE, and ADASYN. For binary classification, convolutional neural networks were coupled with long short-term memory (CNN-LSTM). The system’s effectiveness was determined by the confusion matrix, which includes evaluation metrics, such as accuracy, precision, detection rate, and F1-score. Four experiments on the two datasets demonstrate the impact of the data imbalance. This research aims to help security researchers in understanding imbalanced datasets and their impact on DL SCADA-IDS.
7
Khadidos, Alaa O., Hariprasath Manoharan, Shitharth Selvarajan, Adil O. Khadidos, Khaled H. Alyoubi, and Ayman Yafoz. "A Classy Multifacet Clustering and Fused Optimization Based Classification Methodologies for SCADA Security." Energies 15, no. 10 (2022): 3624. http://dx.doi.org/10.3390/en15103624.
Full textAbstract:
Detecting intrusions from the supervisory control and data acquisition (SCADA) systems is one of the most essential and challenging processes in recent times. Most of the conventional works aim to develop an efficient intrusion detection system (IDS) framework for increasing the security of SCADA against networking attacks. Nonetheless, it faces the problems of complexity in classification, requiring more time for training and testing, as well as increased misprediction results and error outputs. Hence, this research work intends to develop a novel IDS framework by implementing a combination of methodologies, such as clustering, optimization, and classification. The most popular and extensively utilized SCADA attacking datasets are taken for this system’s proposed IDS framework implementation and validation. The main contribution of this work is to accurately detect the intrusions from the given SCADA datasets with minimized computational operations and increased accuracy of classification. Additionally the proposed work aims to develop a simple and efficient classification technique for improving the security of SCADA systems. Initially, the dataset preprocessing and clustering processes were performed using the multifacet data clustering model (MDCM) in order to simplify the classification process. Then, the hybrid gradient descent spider monkey optimization (GDSMO) mechanism is implemented for selecting the optimal parameters from the clustered datasets, based on the global best solution. The main purpose of using the optimization methodology is to train the classifier with the optimized features to increase accuracy and reduce processing time. Moreover, the deep sequential long short term memory (DS-LSTM) is employed to identify the intrusions from the clustered datasets with efficient data model training. Finally, the proposed optimization-based classification methodology’s performance and results are validated and compared using various evaluation metrics.
8
Sangeetha K., Shitharth S., and Gouse Baig Mohammed. "Enhanced SCADA IDS Security by Using MSOM Hybrid Unsupervised Algorithm." International Journal of Web-Based Learning and Teaching Technologies 17, no. 2 (2022): 1–9. http://dx.doi.org/10.4018/ijwltt.20220301.oa2.
Full textAbstract:
In Self-Organizing Maps (SOM) are unsupervised neural networks that cluster high dimensional data and transform complex inputs into easily understandable inputs. To find the closest distance and weight factor, it maps high dimensional input space to low dimensional input space. The Closest node to data point is denoted as a neuron. It classifies the input data based on these neurons. The reduction of dimensionality and grid clustering using neurons makes to observe similarities between the data. In our proposed Mutated Self Organizing Maps (MSOM) approach, we have two intentions. One is to eliminate the learning rate and to decrease the neighborhood size and the next one is to find out the outliers in the network. The first one is by calculating the median distance (MD) between each node with its neighbor nodes. Then those median values are compared with one another. In case, if any of the MD values significantly varies from the rest then it is declared as anomaly nodes. In the second phase, we find out the quantization error (QE) in each instance from the cluster center.
9
Altaha, Mustafa, and Sugwon Hong. "Anomaly Detection for SCADA System Security Based on Unsupervised Learning and Function Codes Analysis in the DNP3 Protocol." Electronics 11, no. 14 (2022): 2184. http://dx.doi.org/10.3390/electronics11142184.
Full textAbstract:
An Intrusion Detection System (IDS) is a tool used primarily for security monitoring, which is one of the security strategies for Supervisory Control and Data Acquisition (SCADA) systems. Distributed Network Protocol version 3 (DNP3) is the predominant SCADA protocol in the energy sector. In this paper, we have developed an effective and flexible IDS for DNP3 networks, observing that most critical operations in DNP3 systems are utilized based on the function codes in DNP3 application messages, and that exploitation of those function codes enables attackers to manipulate the system operation. Our proposed anomaly-detection method deals with possible attacks that can bypass any rule-based deep packet inspection once attackers take over servers in the system. First, we generated datasets that reflected DNP3 traffic characteristics observed in real-world power grid substations for a reasonably long time. Next, we extracted input features that consisted of the occurrences of function codes per TCP connection, along with TCP characteristics. We then used an unsupervised deep learning model (Autoencoder) to learn the normal behavior of DNP3 traffic based on function code patterns. We called our approach FC-AE-IDS (Function Code Autoencoder IDS). The evaluation of the proposed method was carried out on three different datasets, to prove its accuracy and effectiveness. To evaluate the effectiveness of our proposed method, we performed various experiments that resulted in more than 95% detection accuracy for all considered attack scenarios that are mentioned in this study. We compared our approach to an IDS that is based on traditional features, to show the effectiveness of our approach.
10
Nguyen, Van Xuan. "DETECTING ATTACKS ON SCADA SYSTEMS BASED ON MLP NEURAL NETWORK AND CONTEXT OF DATA." Journal of Science and Technique 15, no. 2 (2020): 98–110. http://dx.doi.org/10.56651/lqdtu.jst.v15.n02.146.
Full textAbstract:
In this paper, we propose an IDS-SCADA model, which is capable of detecting attacks on SCADA systems with high accuracy. The proposed model is based on two hidden layers MLP neural network, whose number of neurons in the hidden layers is optimally utilizing a genetic algorithm. The distinction of the proposed method is that the context of the data is incorporated into the MLP neural network to accurately identify the attacks. To create the context, the original dataset is reorganized as context vectors containing some consecutive packets before feeding into the input of the MLP. The experimental results show that the proposed system outperforms the conventional in terms of accuracy.
11
Balla, Asaad, Mohamed Hadi Habaebi, Elfatih A. A. Elsheikh, Md Rafiqul Islam, Fakher Eldin Mohamed Suliman, and Sinil Mubarak. "Enhanced CNN-LSTM Deep Learning for SCADA IDS Featuring Hurst Parameter Self-Similarity." IEEE Access 12 (2024): 6100–6116. http://dx.doi.org/10.1109/access.2024.3350978.
Full text
12
Rohith Vallabhaneni, Srinivas A Vaddadi, Sravanthi Dontu, Abhilash Maroju,. "A New Privacy Preservation Intrusion Detection (PPID) Techniques for Multiclass Attacks to Measure Its Reliability for Detecting Suspicious Activities." International Journal on Recent and Innovation Trends in Computing and Communication 11, no. 9s (2023): 865–70. http://dx.doi.org/10.17762/ijritcc.v11i9s.9496.
Full textAbstract:
There is currently no way that can secure Supervisory Control and Data Acquisition (SCADA) systems from invasions. This technology is not only capable of withstanding numerous types of attacks, but it also prevents the data from being exposed when it is processed by other applications, particularly Intrusion Detection Systems (IDS). Enterprises with mission-critical control environments can have their SCADA systems overseen. Ensuring the security of sensitive information becomes increasingly challenging when physical and digital systems are interconnected. As a result, privacy preservation approaches have been effective in securing private information and identifying harmful actions; yet, they fall short when it comes to detecting errors and determining the sensitivity percentage of data that is disclosed. In order to identify intrusion events and prioritise data, our recently developed Privacy Preservation Intrusion Detection (PPID) approach makes use of the correlation coefficient and Expectation Maximisation (EM) clustering methods. With the power system datasets for multiclass assaults, we test this technique's capacity to reliably detect suspicious activity. As shown above, the experimental findings demonstrate that the proposed strategy is more efficient and effective than three other methods that can be used with current SCADA systems.
13
Khan, Izhar Ahmed, Dechang Pi, Zaheer Ullah Khan, Yasir Hussain, and Asif Nawaz. "HML-IDS: A Hybrid-Multilevel Anomaly Prediction Approach for Intrusion Detection in SCADA Systems." IEEE Access 7 (2019): 89507–21. http://dx.doi.org/10.1109/access.2019.2925838.
Full text
14
Yin, Xiao Chun, Zeng Guang Liu, Lewis Nkenyereye, and Bruce Ndibanje. "Toward an Applied Cyber Security Solution in IoT-Based Smart Grids: An Intrusion Detection System Approach." Sensors 19, no. 22 (2019): 4952. http://dx.doi.org/10.3390/s19224952.
Full textAbstract:
We present an innovative approach for a Cybersecurity Solution based on the Intrusion Detection System to detect malicious activity targeting the Distributed Network Protocol (DNP3) layers in the Supervisory Control and Data Acquisition (SCADA) systems. As Information and Communication Technology is connected to the grid, it is subjected to both physical and cyber-attacks because of the interaction between industrial control systems and the outside Internet environment using IoT technology. Often, cyber-attacks lead to multiple risks that affect infrastructure and business continuity; furthermore, in some cases, human beings are also affected. Because of the traditional peculiarities of process systems, such as insecure real-time protocols, end-to-end general-purpose ICT security mechanisms are not able to fully secure communication in SCADA systems. In this paper, we present a novel method based on the DNP3 vulnerability assessment and attack model in different layers, with feature selection using Machine Learning from parsed DNP3 protocol with additional data including malware samples. Moreover, we developed a cyber-attack algorithm that included a classification and visualization process. Finally, the results of the experimental implementation show that our proposed Cybersecurity Solution based on IDS was able to detect attacks in real time in an IoT-based Smart Grid communication environment.
15
Pasupuleti, Murali Krishna. "Smart Load Balancing and Real-Time Threat Prediction for National Energy Infrastructure." International Journal of Academic and Industrial Research Innovations(IJAIRI) 05, no. 04 (2025): 243–50. https://doi.org/10.62311/nesx/rp1925.
Full textAbstract:
Abstract: The increasing complexity and demand on national energy infrastructures necessitate advanced solutions for efficient load management and threat mitigation. This paper explores the integration of Artificial Intelligence (AI) in smart load balancing and real-time threat prediction within national energy grids. By leveraging AI algorithms, energy systems can dynamically forecast demand, optimize energy distribution, and preemptively identify potential threats, ensuring stability and resilience. The study delves into current methodologies, challenges, and future prospects of AI-driven energy management systems. Keywords: Smart Load Balancing, Real-Time Threat Prediction, National Energy Infrastructure, Artificial Intelligence (AI), Machine Learning, Cybersecurity, Smart Grid, Supervisory Control and Data Acquisition (SCADA) Systems, Internet of Things (IoT), Anomaly Detection, Predictive Analytics, Demand Response, Energy Management Systems (EMS), Distributed Energy Resources (DER), Grid Resilience, Advanced Metering Infrastructure (AMI), Dynamic Line Rating (DLR), Cyber-Physical Systems, Intrusion Detection Systems (IDS), Energy Forecasting.
16
Orman, Abdullah. "Cyberattack Detection Systems in Industrial Internet of Things (IIoT) Networks in Big Data Environments." Applied Sciences 15, no. 6 (2025): 3121. https://doi.org/10.3390/app15063121.
Full textAbstract:
The rapid expansion of the Industrial Internet of Things (IIoT) has revolutionized industrial automation and introduced significant cybersecurity challenges, particularly for supervisory control and data acquisition (SCADA) systems. Traditional intrusion detection systems (IDSs) often struggle to effectively identify and mitigate complex cyberthreats, such as denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks. This study proposes an advanced IDS framework integrating machine learning, deep learning, and hybrid models to enhance cybersecurity in IIoT environments. Using the WUSTL-IIoT-2021 dataset, multiple classification models—including decision tree, random forest, multilayer perceptron (MLP), convolutional neural networks (CNNs), and hybrid deep learning architectures—were systematically evaluated based on key performance metrics, including accuracy, precision, recall, and F1 score. This research introduces several key innovations. First, it presents a comparative analysis of machine learning, deep learning, and hybrid models within a unified experimental framework, offering a comprehensive evaluation of various approaches. Second, while existing studies frequently favor hybrid models, findings from this study reveal that the standalone MLP model outperforms other architectures, achieving the highest detection accuracy of 99.99%. This outcome highlights the critical role of dataset-specific feature distributions in determining model effectiveness and calls for a more nuanced approach when selecting detection models for IIoT cybersecurity applications. Additionally, the study explores a broad range of hyperparameter configurations, optimizing model effectiveness for IIoT-specific intrusion detection. These contributions provide valuable insights for developing more efficient and adaptable IDS solutions in IIoT networks.
17
Balani, Zina, and Mohammed Nasseh Mohammed. "Enhancing Cybersecurity against Stuxnet in the Future of Cyberwarfare: A Combined Approach Using Firewalls and Intrusion Detection Systems." International Journal of Science and Business 28, no. 1 (2023): 21–30. http://dx.doi.org/10.58970/ijsb.2202.
Full textAbstract:
Stuxnet is a highly customized malware developed to destroy centrifuges used in the Iranian nuclear program through SCADA systems. It infects a computer through a USB drive, making it effective for targeting air-gapped networks. Stuxnet is larger and more complex than an equivalent worm; it is created in several different programming languages, and some components are encrypted. The malware utilizes four unprecedented zero-day vulnerability attacks that exploit application security vulnerabilities before developers become aware of the vulnerability. Additionally, it employs advanced rootkit technology to conceal itself from users and antimalware software on both Windows and the control computer it targets. To strengthen cybersecurity, this study implemented and configured a combination of firewalls and intrusion detection systems (IDS) to enhance security against the Stuxnet malware. By integrating these security measures, the aim was to establish a robust defense against the sophisticated attack methods employed by Stuxnet. It is essential to continuously update and adapt these security measures as the threat landscape evolves. By remaining vigilant and proactive, organizations can effectively safeguard their systems from sophisticated threats like Stuxnet, bolstering their cybersecurity defenses.
18
Alsaiari, Abdulhakim, and Mohammad Ilyas. "Deep Learning for Smart Grid Intrusion Detection: A Hybrid CNN-LSTM-Based Model." International Journal of Artificial Intelligence & Applications 15, no. 3 (2024): 01–16. http://dx.doi.org/10.5121/ijaia.2024.15301.
Full textAbstract:
As digital technology becomes more deeply embedded in power systems, protecting the communication networks of Smart Grids (SG) has emerged as a critical concern. Distributed Network Protocol 3 (DNP3) represents a multi-tiered application layer protocol extensively utilized in Supervisory Control and Data Acquisition (SCADA)-based smart grids to facilitate real-time data gathering and control functionalities. Robust Intrusion Detection Systems (IDS) are necessary for early threat detection and mitigation because of the interconnection of these networks, which makes them vulnerable to a variety of cyberattacks. To solve this issue, this paper develops a hybrid Deep Learning (DL) model specifically designed for intrusion detection in smart grids. The proposed approach is a combination of the Convolutional Neural Network (CNN) and the Long-Short-Term Memory algorithms (LSTM). We employed a recent intrusion detection dataset (DNP3), which focuses on unauthorized commands and Denial of Service (DoS) cyberattacks, to train and test our model. The results of our experiments show that our CNN-LSTM method is much better at finding smart grid intrusions than other deep learning algorithms used for classification. In addition, our proposed approach improves accuracy, precision, recall, and F1 score, achieving a high detection accuracy rate of 99.50%.
19
Pasupuleti, Murali Krishna. "ecuring Critical Infrastructure with World Models that Learn from Real-World Sensor and Activity Logs." International Journal of Academic and Industrial Research Innovations(IJAIRI) 05, no. 04 (2025): 234–42. https://doi.org/10.62311/nesx/rp1825.
Full textAbstract:
Abstract: Critical infrastructure systems—such as power grids, water treatment facilities, and transportation networks—are increasingly reliant on interconnected digital technologies. This interdependence exposes them to a myriad of cyber and physical threats. Traditional security measures often fall short in addressing the dynamic and complex nature of these threats. This paper explores the development and application of AI-driven world models that learn from real-world sensor and activity logs to enhance the security of critical infrastructure. By integrating data from various sources and employing advanced machine learning techniques, these models can detect anomalies, predict potential threats, and provide actionable insights for proactive defense mechanisms. The study delves into the architecture of such models, their implementation challenges, and the potential they hold in fortifying critical infrastructure against evolving threats. Keywords: Artificial Intelligence (AI), World Models, Critical Infrastructure Protection, Real-World Sensor Data, Activity Logs, Cybersecurity, Anomaly Detection, Machine Learning, Predictive Analytics, Threat Detection, Intrusion Detection Systems (IDS), Supervisory Control and Data Acquisition (SCADA) Systems, Internet of Things (IoT), Cyber-Physical Systems, Real-Time Monitoring, Data Fusion, Deep Learning, Security Information and Event Management (SIEM), Infrastructure Resilience, Adaptive Security
20
M. R., Amal, and Venkadesh P. "Hybrid H-DOC: A bait for analyzing cyber attacker behavior." International journal of electrical and computer engineering systems 14, no. 1 (2023): 37–44. http://dx.doi.org/10.32985/ijeces.14.1.5.
Full textAbstract:
Cyber security is a vital concern for companies with internet-based cloud networks. These networks are constantly vulnerable to attack, whether from inside or outside organization. Due to the ever-changing nature of the cyber world, security solutions must be updated regularly in order to keep infrastructure secure. With the use of attack detection approaches, security systems such as antivirus, firewalls, or intrusion detection systems have become more effective. However, conventional systems are unable to detect zero-day attacks or behavioral changes. These drawbacks can be overcome by setting up a honeypot. In this paper, a hybrid Honeynet model deployed in Docker (H-DOC) bait has been proposed that comprises both low interaction and high interaction honeypot to attract the malicious attacker and to analyze the behavioral patterns. This is a form of bait, designed to detect or block attacks, or to divert an attacker's attention away from the legitimate services. It focuses only on the SSH protocol, as it is widely used for remote system access and is a popular target of attacks. The proposed Hybrid H-DOC method identify ransomware activity, attack trends, and timely decision-making through the use of an effective rule and tunes the firewall. The attack detection accuracy of the proposed Hybrid H-DOC method when compared with IDH, Decepti-SCADA, AS-IDS and HDCM is 13.97%, 11.82%, 8.60% and 5.07% respectively.
21
Mesbah, Mohamed, Mahmoud Said Elsayed, Anca Delia Jurcut, and Marianne Azer. "Analysis of ICS and SCADA Systems Attacks Using Honeypots." Future Internet 15, no. 7 (2023): 241. http://dx.doi.org/10.3390/fi15070241.
Full textAbstract:
Supervisory control and data acquisition (SCADA) attacks have increased due to the digital transformation of many industrial control systems (ICS). Operational technology (OT) operators should use the defense-in-depth concept to secure their operations from cyber attacks and reduce the surface that can be attacked. Layers of security, such as firewalls, endpoint solutions, honeypots, etc., should be used to secure traditional IT systems. The three main goals of IT cybersecurity are confidentiality, integrity, and availability (CIA), but these three goals have different levels of importance in the operational technology (OT) industry. Availability comes before confidentiality and integrity because of the criticality of business in OT. One of the layers of security in both IT and OT is honeypots. SCADA honeypots are used as a layer of security to mitigate attacks, known attackers’ techniques, and network and system weaknesses that attackers may use, and to mitigate these vulnerabilities. In this paper, we use SCADA honeypots for early detection of potential malicious tampering within a SCADA device network, and to determine threats against ICS/SCADA networks. An analysis of SCADA honeypots gives us the ability to know which protocols are most commonly attacked, and attackers’ behaviors, locations, and goals. We use an ICS/SCADA honeypot called Conpot, which simulates real ICS/SCADA systems with some ICS protocols and ICS/SCADA PLCs.
22
Pretorius, Barend, and Brett van Niekerk. "Cyber-Security for ICS/SCADA." International Journal of Cyber Warfare and Terrorism 6, no. 3 (2016): 1–16. http://dx.doi.org/10.4018/ijcwt.2016070101.
Full textAbstract:
Industrial control systems (ICS) or supervisory, control, and data acquisition (SCADA) systems drive many key components of the national infrastructure. It makes these control systems targets for cyber-attacks by terrorists and nation-states who wish to damage their target economically and socially, and cyber-criminals who blackmail the companies operating the infrastructure. Despite the high risk of leaving these systems exposed, providing adequate cyber-security is often challenging. The Stuxnet worm illustrated how vulnerable control systems potentially are when it bypassed a number of security mechanisms to cause physical damage to an Iranian nuclear facility. The article focuses on ICS/SCADA in South Africa discussing the unique challenges and legislation relate to securing control system in the South Africa. A governance and security framework for overcoming these challenges are proposed.
23
Fidelis, Chukwujekwu Obodoeze, Nkemdilim Obiokafor Ifeyinwa, and Chijindu Asogwa Tochukwu. "SCADA for National Critical Infrastructures Review of the Security Threats, Vulnerabilities and Countermeasures." International Journal of Trend in Scientific Research and Development 2, no. 2 (2018): 974–82. https://doi.org/10.31142/ijtsrd9556.
Full textAbstract:
The Supervisory Control And Data Acquisition SCADA networks contain computers and applications that perform key functions in providing essential services and commodities to citizens such as electricity, natural gas, crude oil and refined petroleum products, waste water treatment and transportation. This paper looks at SCADA, its architecture and functions to industrial control system ICS as well its security threats, vulnerabilities and attacks that could prevent SCADA from delivering these functions especially in Nigeria. This paper finally recommended far reaching holistic solutions to the various SCADA's security challenges. Fidelis Chukwujekwu Obodoeze | Ifeyinwa Nkemdilim Obiokafor | Tochukwu Chijindu Asogwa "SCADA for National Critical Infrastructures: Review of the Security Threats, Vulnerabilities and Countermeasures" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-2 | Issue-2 , February 2018, URL: https://www.ijtsrd.com/papers/ijtsrd9556.pdf
24
Zhou, Xiaojun, Zhen Xu, Liming Wang, Kai Chen, Cong Chen, and Wei Zhang. "APT Attack Analysis in SCADA Systems." MATEC Web of Conferences 173 (2018): 01010. http://dx.doi.org/10.1051/matecconf/201817301010.
Full textAbstract:
SCADA (Supervisory Control and Data Acquisition) systems play a significant role in ICS (Industrial Control System). Safety, security and stable operation is crucial to the SCADA system. However, SCADA system currently faces many security threats, of which the most harmful is the APT attack. This paper analyzes the attack surface and its own vulnerabilities of SCADA system, and analyzes the characteristics of APT attack comprehensively. Then the paper dissects the cases of real APT attack thoroughly and gives measures of SCADA security protection.
25
Coffey, Kyle, Richard Smith, Leandros Maglaras, and Helge Janicke. "Vulnerability Analysis of Network Scanning on SCADA Systems." Security and Communication Networks 2018 (March 13, 2018): 1–21. http://dx.doi.org/10.1155/2018/3794603.
Full textAbstract:
Supervisory Control and Data Acquisition (SCADA) systems and Industrial Control Systems (ICSs) have controlled the regulation and management of Critical National Infrastructure environments for decades. With the demand for remote facilities to be controlled and monitored, industries have continued to adopt Internet technology into their ICS and SCADA systems so that their enterprise can span across international borders in order to meet the demand of modern living. Although this is a necessity, it could prove to be potentially dangerous. The devices that make up ICS and SCADA systems have bespoke purposes and are often inherently vulnerable and difficult to merge with newer technologies. The focus of this article is to explore, test, and critically analyse the use of network scanning tools against bespoke SCADA equipment in order to identify the issues with conducting asset discovery or service detection on SCADA systems with the same tools used on conventional IP networks. The observations and results of the experiments conducted are helpful in evaluating their feasibility and whether they have a negative impact on how they operate. This in turn helps deduce whether network scanners open a new set of vulnerabilities unique to SCADA systems.
26
Alimi, Oyeniyi Akeem, Khmaies Ouahada, Adnan M. Abu-Mahfouz, Suvendi Rimer, and Kuburat Oyeranti Adefemi Alimi. "A Review of Research Works on Supervised Learning Algorithms for SCADA Intrusion Detection and Classification." Sustainability 13, no. 17 (2021): 9597. http://dx.doi.org/10.3390/su13179597.
Full textAbstract:
Supervisory Control and Data Acquisition (SCADA) systems play a significant role in providing remote access, monitoring and control of critical infrastructures (CIs) which includes electrical power systems, water distribution systems, nuclear power plants, etc. The growing interconnectivity, standardization of communication protocols and remote accessibility of modern SCADA systems have contributed massively to the exposure of SCADA systems and CIs to various forms of security challenges. Any form of intrusive action on the SCADA modules and communication networks can create devastating consequences on nations due to their strategic importance to CIs’ operations. Therefore, the prompt and efficient detection and classification of SCADA systems intrusions hold great importance for national CIs operational stability. Due to their well-recognized and documented efficiencies, several literature works have proposed numerous supervised learning techniques for SCADA intrusion detection and classification (IDC). This paper presents a critical review of recent studies whereby supervised learning techniques were modelled for SCADA intrusion solutions. The paper aims to contribute to the state-of-the-art, recognize critical open issues and offer ideas for future studies. The intention is to provide a research-based resource for researchers working on industrial control systems security. The analysis and comparison of different supervised learning techniques for SCADA IDC systems were critically reviewed, in terms of the methodologies, datasets and testbeds used, feature engineering and optimization mechanisms and classification procedures. Finally, we briefly summarized some suggestions and recommendations for future research works.
27
L, Rajesh, and Penke Satyanarayana. "Detection and Blocking of Replay, False Command, and False Access Injection Commands in SCADA Systems with Modbus Protocol." Security and Communication Networks 2021 (September 27, 2021): 1–15. http://dx.doi.org/10.1155/2021/8887666.
Full textAbstract:
Industrial control systems (ICS) are being used for surveillance and controlling numerous industrial process plants in national critical infrastructures. Supervisory control and data acquisition (SCADA) system is a core component in ICS systems for continuous monitoring and controlling these process plants. Legacy SCADA systems are working in isolated networks and using proprietary communication protocols which made them less exposed to cyber threats. In recent times, these ICS systems have been connected to Internet and corporate networks for data sharing and remote monitoring. They are also using open protocols and operating systems. This leads to vulnerabilities of the system to cyberattacks. Cybersecurity threats are more prevalent than ever in ICS systems. These attacks may be external or internal. Modbus is a widely deployed communication protocol for SCADA communications. There is no security in design of Modbus protocol, and it is vulnerable to numerous cyberattacks. In this paper, we worked for False Command Injection attack, False Access Injection attack, and replay attacks on Modbus protocol. Initially, a real-time SCADA testbed was set up, and we envisaged the impact of these attacks on Modbus protocol data using the testbed. In this work, we used local area network (LAN) environment only for simulating the attacks. We assumed that the attacks penetrated the LAN network. We proposed and developed (a) a method to detect replay attacks by incorporating time stamp and sequence number in Modbus communications and (b) a frame filtering module which will block unauthorized attacks like False Command Injection and False Access Injection attacks to reach programmable logic controller (PLC). Numbers of attacks were simulated and the performance of the method was measured using attack block rate (ABR). It blocked 97% of malicious Modbus transactions or attacks to reach the PLC. It protects SCADA systems from attackers, which is a core component of industrial control systems. The solution enhanced the security of SCADA systems with Modbus protocol.
28
Ara, Anees. "Security in Supervisory Control and Data Acquisition (SCADA) based Industrial Control Systems: Challenges and Solutions." IOP Conference Series: Earth and Environmental Science 1026, no. 1 (2022): 012030. http://dx.doi.org/10.1088/1755-1315/1026/1/012030.
Full textAbstract:
Abstract Industrial control systems (ICS) play a vital role in monitoring and controlling the plants like power grids, oil and gas industries, manufacturing industries, and nuclear power plants. Present research and development in information and communication technologies have changed the domains of industrial control systems from traditional electromagnetic to network- based digital systems. This domain shift has created better interfaces for communication between physical processes and the control units. Eventually, making the complex process of monitoring and controlling the industries easier, with the help of internet connections and computing technologies. The field instruments such as sensors and actuators and the physical processes in industries are controlled and monitored by programmable logic controllers (PLC), remote telemetric units (RTU), and supervisory control and data acquisition systems (SCADA) with the help of communication protocols. The seamless integration of the information technologies (IT) and operational technologies (OT) make the management of the industrial environment foster. However, the inclusion of new technologies that increase the number of internet connections, the new communication protocols, and interfaces that run on open-source software, brings up new threats and challenges in addition to existing vulnerabilities in these classical legacy-based heterogeneous hardware and software systems. Due to the increase in the number of security incidents on critical infrastructures, the security considerations for SCADA systems/ICS are gaining interest among researchers. In this paper, we provide a description of SCADA/ICS components, architecture, and communication protocols. Additionally, we discuss details of existing vulnerabilities in hardware, software, and communication protocols. Further, we highlight some prominent security incidents and their motives behind them. We analyse the existing state of OT and IT security in SCADA systems by classifying the SCADA components among them. Finally, we provide security recommendations based on current trends and also discuss open research problems in SCADA security.
29
Patil, Ashish Babasaheb. "Supervisory Control and Data Acquisition for Motor Operation using Arduino." International Journal for Research in Applied Science and Engineering Technology 10, no. 4 (2022): 2602–5. http://dx.doi.org/10.22214/ijraset.2022.41845.
Full textAbstract:
Abstract: SCADA (Supervisory Control & Data Acquisition) is a combination of software as well as hardware elements that allows industrial organization to control industrial processes locally or at remote location. This system allows you to continuously monitor, gather, and process real-time data. Directly interact with devices such as sensors, motor drives, microcontroller and more through human-machine interface (HMI) software i.e., SCADA. This project also allows you to record events and log into a file such as Microsoft Excel. Keywords: SCADA, Arduino Uno, Arduino IDE, Motor Control & Monitor
30
Johnson, Chris, Rob Harkness, and Maria Evangelopoulou. "Forensic Attacks Analysis and the Cyber Security of Safety-Critical Industrial Control Systems." Journal of System Safety 53, no. 1 (2017): 29–34. http://dx.doi.org/10.56094/jss.v53i1.102.
Full textAbstract:
Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) applications monitor and control a wide range of safety-related functions. These include energy generation, where failures could have significant, irreversible consequences. They also include the control systems that are used in the manufacture of safety-related products. In this case, “bugs” in an ICS/SCADA system could introduce flaws in the production of components; these flaws remain undetected before being incorporated into safety-related applications. Industrial Control Systems, typically, use devices and networks that are different from conventional IP-based infrastructures. These differences prevent the re-use of existing cyber-security products in ICS/SCADA environments; the architectures, file formats and process structures are all different. This paper supports the forensic analysis of industrial control systems in safety-related applications. In particular, we describe how forensic attack analysis is used to identify weaknesses in devices so that we can both protect components and determine the information that must be analyzed during the aftermath of a cyber-incident. Simulated attacks detect vulnerabilities; a risk-based approach can then be used to assess the likelihood and impact of any breach. These risk assessments are then used to justify both immediate and longer-term countermeasures.
31
Mir, Abdul Wahid, and Ramkumar Ketti Ramachandran. "Security gaps assessment of smart grid based SCADA systems." Information & Computer Security 27, no. 3 (2019): 434–52. http://dx.doi.org/10.1108/ics-12-2018-0146.
Full textAbstract:
Purpose Supervisory control and data acquisition (SCADA) systems security is of paramount importance, and there should be a holistic approach to it, as any gap in the security will lead to critical national-level disaster. The purpose of this paper is to present the case study of security gaps assessment of SCADA systems of electricity utility company in the Sultanate of Oman against the regulatory standard and security baseline requirements published by the Authority for Electricity Regulation (AER), Government of Sultanate of Oman. Design/methodology/approach The security gaps assessment presented in this paper are based on the security baseline requirements that include core areas, controls for each core area and requirements for each control. Findings The paper provides the security gaps assessment summary of SCADA systems of electricity utility company. Practical implications The summary of threats and vulnerabilities presented will help stakeholders to be proactive rather than reactive in the event of any attack. Originality/value This case study discusses the various security challenges in smart grid based on SCADA systems and provides the summary of challenges and recommendations to overcome the same.
32
Chen, Qian, Robert K. Abercrombie, and Frederick T. Sheldon. "Risk Assessment For Industrial Control Systems Quantifying Availability Using Mean Failure Cost (MFC)." Journal of Artificial Intelligence and Soft Computing Research 5, no. 3 (2015): 205–20. http://dx.doi.org/10.1515/jaiscr-2015-0029.
Full textAbstract:
Abstract 1 Industrial Control Systems (ICS) are commonly used in industries such as oil and natural gas, transportation, electric, water and wastewater, chemical, pharmaceutical, pulp and paper, food and beverage, as well as discrete manufacturing (e.g., automotive, aerospace, and durable goods.) SCADA systems are generally used to control dispersed assets using centralized data acquisition and supervisory control. Originally, ICS implementations were susceptible primarily to local threats because most of their components were located in physically secure areas (i.e., ICS components were not connected to IT networks or systems). The trend toward integrating ICS systems with IT networks (e.g., efficiency and the Internet of Things) provides significantly less isolation for ICS from the outside world thus creating greater risk due to external threats. Albeit, the availability of ICS/SCADA systems is critical to assuring safety, security and profitability. Such systems form the backbone of our national cyber-physical infrastructure. Herein, we extend the concept of mean failure cost (MFC) to address quantifying availability to harmonize well with ICS security risk assessment. This new measure is based on the classic formulation of Availability combined with Mean Failure Cost (MFC). The metric offers a computational basis to estimate the availability of a system in terms of the loss that each stakeholder stands to sustain as a result of security violations or breakdowns (e.g., deliberate malicious failures).
33
Jakabóczki, Gábor, Péter Tamás Szemes, and Éva Ádámkó. "A MODBUS RTU protokoll biztonságtechnikai vizsgálata, új kriptográfiai megoldások tesztelése." International Journal of Engineering and Management Sciences 1, no. 2 (2016): 35–42. http://dx.doi.org/10.21791/ijems.2016.2.5.
Full textAbstract:
Az elmúlt évtized alatt a SCADA, CIS, ICS és hasonló rendszerek elleni támadások száma nagyban megnövekedett, ezek a rendszerek egyre védtelenebbek. A dolgozat célja, hogy a MODBUS RTU protokoll biztonsági hiányosságaira megoldást jelentő új kriptográfiai megoldás implementációja során gyűjtött tapasztalatokat összegezze.
34
Camargo, Otávio Augusto Maciel, Julio Cesar Duarte, Anderson Fernandes Pereira Dos Santos, and Cesar Augusto Borges. "A Review of Testbeds on SCADA Systems with Malware Analysis." Revista de Informática Teórica e Aplicada 29, no. 2 (2022): 84–94. http://dx.doi.org/10.22456/2175-2745.112813.
Full textAbstract:
Supervisory control and data acquisition (SCADA) systems are among the major types of Industrial Control Systems (ICS) and are responsible for monitoring and controlling essential infrastructures such as power generation, water treatment, and transportation. Very common and with high added-value, these systems have malware as one of their main threats, and due to their characteristics, it is practically impossible to test the security of a system without compromising it, requiring simulated test platforms to verify their cyber resilience. This review will discuss the most recent studies on ICS testbeds with a focus on cybersecurity and malware impact analysis.
35
Nivethan, J., and M. Papa. "On the use of open-source firewalls in ICS/SCADA systems." Information Security Journal: A Global Perspective 25, no. 1-3 (2016): 83–93. http://dx.doi.org/10.1080/19393555.2016.1172283.
Full text
36
Qassim, Qais Saif, Norziana Jamil, Maslina Daud, Ahmed Patel, and Norhamadi Ja’affar. "A review of security assessment methodologies in industrial control systems." Information & Computer Security 27, no. 1 (2019): 47–61. http://dx.doi.org/10.1108/ics-04-2018-0048.
Full textAbstract:
Purpose The common implementation practices of modern industrial control systems (ICS) has left a window wide open to various security vulnerabilities. As the cyber-threat landscape continues to evolve, the ICS and their underlying architecture must be protected to withstand cyber-attacks. This study aims to review several ICS security assessment methodologies to identify an appropriate vulnerability assessment method for the ICS systems that examine both critical physical and cyber systems so as to protect the national critical infrastructure. Design/methodology/approach This paper reviews several ICS security assessment methodologies and explores whether the existing methodologies are indeed sufficient to meet the cyber security assessment exercise required to validate the security of electrical power control systems. Findings The study showed that most of the examined methodologies seem to concentrate on vulnerability identification and prioritisation techniques, whilst other security techniques received noticeably less attention. The study also showed that the least attention is devoted to patch management process due to the critical nature of the SCADA system. Additionally, this review portrayed that only two security assessment methodologies exhibited absolute fulfilment of all NERC-CIP security requirements, whilst the others only partially fulfilled the essential requirements. Originality/value This paper presents a review and a comparative analysis of several standard SCADA security assessment methodologies and guidelines published by internationally recognised bodies. In addition, it explores the adequacy of the existing methodologies in meeting cyber security assessment practices required for electrical power networks.
37
Gazzan, Mazen, and Frederick T. Sheldon. "Opportunities for Early Detection and Prediction of Ransomware Attacks against Industrial Control Systems." Future Internet 15, no. 4 (2023): 144. http://dx.doi.org/10.3390/fi15040144.
Full textAbstract:
Industrial control systems (ICS) and supervisory control and data acquisition (SCADA) systems, which control critical infrastructure such as power plants and water treatment facilities, have unique characteristics that make them vulnerable to ransomware attacks. These systems are often outdated and run on proprietary software, making them difficult to protect with traditional cybersecurity measures. The limited visibility into these systems and the lack of effective threat intelligence pose significant challenges to the early detection and prediction of ransomware attacks. Ransomware attacks on ICS and SCADA systems have become a growing concern in recent years. These attacks can cause significant disruptions to critical infrastructure and result in significant financial losses. Despite the increasing threat, the prediction of ransomware attacks on ICS remains a significant challenge for the cybersecurity community. This is due to the unique characteristics of these systems, including the use of proprietary software and limited visibility into their operations. In this review paper, we will examine the challenges associated with predicting ransomware attacks on industrial systems and the existing approaches for mitigating these risks. We will also discuss the need for a multi-disciplinary approach that involves a close collaboration between the cybersecurity and ICS communities. We aim to provide a comprehensive overview of the current state of ransomware prediction on industrial systems and to identify opportunities for future research and development in this area.
38
Bajwa, Ammar, Aleem Al Razee Tonoy, Sohel Rana, and Ishtiaque Ahmed. "CYBERSECURITY IN INDUSTRIAL CONTROL SYSTEMS: A SYSTEMATIC LITERATURE REVIEW ON AI-BASED THREAT DETECTION FOR SCADA AND IOT NETWORKS." ASRC Procedia: Global Perspectives in Science and Scholarship 01, no. 01 (2025): 01–15. https://doi.org/10.63125/1cr1kj17.
Full textAbstract:
The increasing integration of Industrial Control Systems (ICS) with Internet of Things (IoT) technologies and Supervisory Control and Data Acquisition (SCADA) networks has brought unparalleled efficiency and automation to critical infrastructure sectors, including energy, water, manufacturing, and transportation. However, this digital convergence has also significantly expanded the cyber threat landscape, making ICS more vulnerable to sophisticated cyberattacks. This systematic literature review critically examines the role of Artificial Intelligence (AI)-based techniques in enhancing threat detection capabilities across SCADA and IoT-enabled ICS environments. Following PRISMA guidelines, 162 peer-reviewed articles published between 2015 and 2024 were analyzed to identify prevailing trends, methodologies, and performance outcomes in AI-driven threat detection. The review highlights the adoption of machine learning (ML), deep learning (DL), and hybrid AI models for anomaly detection, intrusion detection, and malware classification, with particular focus on real-time data analytics and predictive capabilities. Among the reviewed studies, neural networks, support vector machines, and ensemble models were frequently applied, achieving detection accuracies exceeding 90% in simulated and real-world ICS environments. Additionally, the review uncovers sector-specific vulnerabilities, including protocol-level weaknesses (e.g., Modbus, DNP3), data imbalance challenges, and adversarial attack risks in deep learning models. This study provides an integrative view of the AI-cybersecurity nexus in industrial systems and offers future research directions for building resilient, adaptive, and intelligent security frameworks for critical infrastructures.
39
Han, Xiaopeng, Yukun Niu, Zhigang Cao, Ding Zhou, and Bo Liu. "RHAD: A Reinforced Heterogeneous Anomaly Detector for Robust Industrial Control System Security." Electronics 14, no. 12 (2025): 2440. https://doi.org/10.3390/electronics14122440.
Full textAbstract:
Industrial Control Systems (ICS) are increasingly targeted by sophisticated and evolving cyberattacks, while conventional static defense mechanisms and isolated intrusion detection models often lack the robustness required to cope with such dynamic threats. To overcome these limitations, we propose RHAD (Reinforced Heterogeneous Anomaly Detector), a resilient and adaptive anomaly detection framework specifically designed for ICS environments. RHAD combines a heterogeneous ensemble of detection models with a confidence-aware scheduling mechanism guided by reinforcement learning (RL), alongside a time-decaying sliding window voting strategy to enhance detection accuracy and temporal robustness. The proposed architecture establishes a modular collaborative framework that enables dynamic and fine-grained protection for industrial network traffic. At its core, the RL-based scheduler leverages the Proximal Policy Optimization (PPO) algorithm to dynamically assign model weights and orchestrate container-level executor replacement in real time, driven by network state observations and runtime performance feedback. We evaluate RHAD using two publicly available ICS datasets—SCADA and WDT—achieving 99.19% accuracy with an F1-score of 0.989 on SCADA, and 98.35% accuracy with an F1-score of 0.987 on WDT. These results significantly outperform state-of-the-art deep learning baselines, confirming RHAD’s robustness under class imbalance conditions. Thus, RHAD provides a promising foundation for resilient ICS security and shows strong potential for broader deployment in cyber-physical systems.
40
MAYUB, AFRIZAL, IVAN SYAHRONI, FAHMIZAL FAHMIZAL, and MUHAMMAD ARROFIQ. "Kinematika dan Antarmuka Robot SCARA Serpent." ELKOMIKA: Jurnal Teknik Energi Elektrik, Teknik Telekomunikasi, & Teknik Elektronika 8, no. 3 (2020): 561. http://dx.doi.org/10.26760/elkomika.v8i3.561.
Full textAbstract:
ABSTRAKPenelitian ini menyajikan kendali pergerakan posisi dari robot SCARA Serpent menggunakan persamaan kinematika dan antarmuka berbasis Processing IDE. Antarmuka bertujuan untuk memudahkan dalam pengendalian robot SCARA Serpent dan mendapatkan data koordinat objek. Data ini digunakan sebagai masukan persamaan kinematika balik untuk menentukan besar sudut tiap joint. Untuk mendapatkan hasil pergerakan robot SCARA Serpent yang baik, kendali Proporsional, Integral, Differensial (PID) diterapkan dalam mengendalikan posisi setiap joint-nya. Pada pengujian, robot SCARA Serpent diuiji dengan tiga pengujian, yaitu pengujian sudut joint, pengujian koordinat end-effector, dan pengujian kendali PID. Dari hasil pengujian, sistem dapat berjalan dengan baik. Hasil parameter kendali PID diperoleh dengan tuning secara eksperimental dengan parameter Kp=5.5, Ki=0.001 dan Kd=10 untuk sudut joint shoulder pada robot SCARA Serpent menuju error steady state bernilai nol.Kata kunci: SCARA Serpent, Kinematika, Antarmuka, Kendali PID. ABSTRACTThis paper presents position control of the SCARA Serpent robot using kinematics equations and Processing IDE-based interfaces. The interface aims to make it easier in controlling the SCARA Serpent robot and to get object coordinate data. This data are used as input to the reverse kinematics equation to determine the angle of each joint. To get good SCARA Serpent robot movement results, Proportional, Integral, Differential (PID) control is applied in controlling the position of each joint. In the testing, the SCARA Serpent robot is tested with three tests, namely joint angle testing, end- ffector coordinate testing, and PID control testing. From the test results, the system can run well. The results of the PID control parameters were obtained by experimental tuning with parameters Kp = 5.5, Ki = 0.001 and Kd = 10 for the joint shoulder angle of the SCARA Serpent robot towards zero steady state error.Keywords: SCARA Serpent, Kinematics, Interface, PID Controller.
41
Иванов, С. О., Т. Н. Копышева та М. В. Никандров. "Программно-аппаратный стенд для оценки кибернетической защиты автоматизированной системы управления технологическим процессом". Vestnik of Volga State University of Technology. Series Radio Engineering and Infocommunication Systems, № 3(55) (27 грудня 2022): 37–46. https://doi.org/10.25686/2306-2819.2022.3.37.
Full textAbstract:
В данной статье анализируется спроектированный экспериментальный стенд промышленной автоматизации, который может быть использован для моделирования различных режимов работы автоматизированной системы управления технологическим процессом, а также для обучения учащихся навыкам эксплуатации и защиты промышленных систем. Стенд построен по трёхуровневому принципу: верхний уровень – сервер SCADA и клиенты (операторы, диспетчеры), средний уровень – программируемые логические контроллеры (IED), нижний уровень не представлен в стенде, работу датчиков и исполнительных устройств эмулирует программное обеспечение IED. На стенде можно эмулировать как нормальный режим технологического процесса, так и имитацию сбоев в технологическом процессе из-за аварии или действий злоумышленников. В статье предложены способы дополнения методов генерации сетевых атак, необходимые для анализа сетевого трафика с помощью методов машинного обучения, а также перечислены необходимые статистические признаки сетевого трафика. Спроектированный стенд позволяет гибко и с минимальными затратами эмулировать различные автоматизированные системы управления технологическим процессом, имитировать их работу в достаточной степени, чтобы генерировать данные, которые можно использовать для машинного обучения. Introduction. Protecting the industrial network segment of an industrial enterprise with the use of machine learning methods requires collecting data on normal, emergency and abnormal modes of its operation. The paper considers experimental facility for industrial automation, which can be used to simulate various modes of operation of industrial control system (ICS), as well as to teach students how to operate and protect industrial systems. Methods. The facility is built on a three-level principle: the top level is the SCADA server and clients (operators, dispatchers), the middle level is programmable logic controllers (IEDs), the bottom level is not represented in the facility, so the software of IED emulates the operation of sensors and units. The entire network traffic of interaction between the ICS components (SCADA, dispatcher, IED) is collected and transmitted to the ML node for storage and analysis. The Hacker node is used to perform network attacks on the ICS. Results. Experimental facility allows one to emulate the normal mode of the technological process and the simulation of failures in the technological process due to an accident and an attacker. In addition to typical network attacks, there are special attacks on different levels of industrial systems. The following standard pentest tools can be used to generate attacks: scapy, ettercap, nmap, metasploit, arpspoof, etc. The paper lists the main statistical features of network traffic for analysis with the use of machine learning methods. Conclusions. The described experimental facility allows one to simulate the operation of ICS to generate data that can be used for machine learning. In addition to generating traffic, the facility can be used for students to gain experience in developing, configuring and operating ICS. Also, it can be used to improve the skills of protecting ICS from attacks, checking equipment and new software for vulnerabilities, checking compliance with requirements, security analysis, and developong new protection systems.
42
Emake, Erhovwosere Donald, Ibrahim Adepoju Adeyanju, and Godwin Obruozie Uzedhe. "Industrial Control Systems (ICS): Cyber-attacks & Security Optimization." International Journal of Computer Engineering and Information Technology 12, no. 5 (2020): 31–41. http://dx.doi.org/10.47277/ijceit/12(5)1.
Full textAbstract:
Cyber-security of digital industrial control system in reality is complex and challenging research area, due to various interconnections of electro-mechanical related components driving national critical infrastructures. These networked system components performs monitoring and controlling tasks in several industries and organization through the access of Internet connectivity across the world. More recently, there are myriad of security threats and attacks by malicious elements on ICS which now presents a priority to organizations and researchers for optimal security solutions. Development of the Internet and communication systems has also exacerbated such security concerns. Activities of cyber-attacks malicious elements on ICS may result in serious disaster in industrial environments, human casualties and loss. This paper critically looks at the SCADA/industrial control systems, architecture, cyber-attacks. Other aspect of the paper examines current ICS security technologies including a computational secured algorithm for PLC
43
Rusanov, V. V., V. I. Perov, and M. A. Samoilov. "Automation of public catering enterprises using modern digital technologies: Arduino IDE, OPC Modbus and Master Scada programs." Proceedings of the Voronezh State University of Engineering Technologies 80, no. 2 (2018): 38–44. http://dx.doi.org/10.20914/2310-1202-2018-2-38-44.
Full textAbstract:
In the article, the using of three computer programs was considered step-by-step. These programs are "Arduino IDE", "Modbus OPC Universal Master Server" and "Master Scada". They are using for creating projects of automation for public catering enterprises. There is an example of automation of the hot shop in this article, which demonstrates us the methods of engineering based on the modern digital technologies. If you want to learn how to create the projects using these programs, for the beginning, we recommend you to repeat our demonstration project. In the represented methods, we recommend using the integrated sensors for measuring options of technological processes of production dishes. Modern sensors of temperature, pressure, moving and humidity are adapting with microcontrollers very good. This fact allows to create compact, inexpensive devices for primary collection and processing of information. There was been showed the method of transferring of collected information to the computer of the supervisor on the example of created OPC-server. The supervisor can look for the processes, which are happening in the hot shop of the public catering establishment. The supervisor’s remote control is developed on the base of the «Master Scada» program. This is one of the most popular automation program. Creators of the «Master Scada» say that this program is widely used in such companies as «Gazprom» and «Rosatom». The wide possibilities of this program allow us in the three-dimensional graph to represent the objects of automation, to accelerate the executive and regulating mechanisms that are on the screen in front of the dispatcher. The practical example, which was demonstrated in this article, is limited by three mnemonic diagrams. First of them is the splash screen of the hot shop with the menu of the transiting to the mnemonic diagram of the controlling of the food-brewing boiler and the electrical frying cupboard. If operator switches over to mnemonic diagram of the food-brewing boiler, he sees the degree of filling boiler by the cooking liquor, the temperature of this liquor and time of the cooking. Using the control buttons operator can make changes to the program of cooking his dish. The program also looks for emergency modes, in particular, to prevent dry running..
44
Yudianto, Yudianto, and Amrifan Saladin Mohruni. "INDUSTRIAL CONTROL SYSTEM APPLIED AND PROBLEMS: A REVIEW AND EXPERIENCES." Journal of Mechanical Science and Engineering 8, no. 1 (2021): 001–5. http://dx.doi.org/10.36706/jmse.v8i1.49.
Full textAbstract:
This paper aims to explain examples of industrial control system applications that are applied in the industrial world today and the problems that arise in the Industrial Control System (ICS). The methodology used in this paper is to review several journals, books, and work experiences (experiment). SCADA in the highest position, the DCS at level 2, then the PLC at the very bottom. And there are two problems encountered, namely in terms of hardware and software. In case of hardware problem SCADA, DCS and PLC hit by lightning, exposed to droplets of water seepage, electrical fuse problem, the temperature of the hot room, high humidity, mainboard problem (due to lifetime), power supply (due to lifetime and bad electric power supply). In terms of the software, its software is corrupt, so it should be in the re-install. In general, a CD contains software for one PC (personal computer) because there is one CD software there is activation code where when you enter the activation code must be connected to the internet network that is detected automatically. The effect that causes the most loss was a broken fuse. So, dividing the same load each digital output or part is good architecture. The SCADA system had to be more concerned for cybersecurity compares with the DCS system due to its connection with the network. That was for maintaining availability and reliability.
45
Amangeldy, Bibars, Nurdaulet Tasmurzayev, Yedil Nurakhov, Shona Shinassylov, and Samson Dawit Bekele. "Development and Evaluation of an Intelligent Control System for Sustainable and Efficient Energy Management." WSEAS TRANSACTIONS ON ELECTRONICS 14 (December 31, 2023): 135–43. http://dx.doi.org/10.37394/232017.2023.14.16.
Full textAbstract:
This paper presents a comprehensive study on the integration of Intelligent Control Systems in the global industrial sector, focusing on enhancing energy management through the synergy of Supervisory Control and Data Acquisition (SCADA), Machine Learning (ML), and Digital Twin technologies. We elaborate on a novel ICS architecture designed to optimize energy consumption, reduce operational costs, and minimize environmental impacts. Our system leverages SCADA for real-time monitoring and control, ML algorithms for predictive analytics and optimization, and Digital Twin technology for advanced simulation and operational efficiency. The implementation of the system in a mid-scale industrial facility demonstrated significant improvements: a 15% reduction in energy consumption, an 18% decrease in peak energy demand, a 30% reduction in CO2 emissions, and a 15% reduction in operational downtime, with predictive accuracy standing at 90%. These results underline the potential of integrating advanced digital technologies in industrial energy management, offering a scalable model for sustainable and efficient industrial practices. Future work will explore broader applications and the incorporation of emerging technologies to further enhance the system's capabilities and applicability in diverse industrial settings.
46
Junwon Kim, Junwon Kim, Jiho Shin Junwon Kim, and Jung Taek Seo Jiho Shin. "Detection and Blocking Method against DLL Injection Attack Using PEB-LDR of ICS EWS in Smart IoT Environments." 網際網路技術學刊 23, no. 4 (2022): 875–88. http://dx.doi.org/10.53106/160792642022072304022.
Full textAbstract:
<p>Modern Industrial Control System (ICS) can provide vast functions as the introduction of IT technology is established along with the introduction of the IoT environment. Engineering Workstation (EWS) used by ICS is widely used to efficiently manage and control industrial devices including smart IoT devices. However, the DLL injection attack in ICS is not high in difficulty compared to the risk, but it can cause fatal malfunction. If an attack is carried out targeting the EWS, it may cause erroneous operation in many control devices, including IoT devices, cause fatal accidents throughout the Supervisory Control and Data Acquisition (SCADA) system. In this paper, we present a method to detect DLL injection attacks by specializing in EWS used in ICS in IoT environment and purpose a method to detect data changes due to DLL injection attacks by analyzing and utilizing PEB-LDR data. Also, we purpose a method to detect and block execution when a malicious DLL is suspected to be loaded by DLL injection.</p> <p>&nbsp;</p>
47
Odumu, Wesley O., Barnabas I. Gwaivangmin, and Ademola P. Adewoye. "Safeguarding National Critical Energy Infrastructure using Cybersecurity Frameworks and Collaborative Approach for a Resilient Energy Future." NEWPORT INTERNATIONAL JOURNAL OF SCIENTIFIC AND EXPERIMENTAL SCIENCES 6, no. 1 (2025): 31–47. https://doi.org/10.59298/nijses/2025/61.3147.
Full textAbstract:
The government heavy reliance on information communication technology for their daily activities and administration to drive the operations of critical infrastructures cannot be overemphasized. This is evident largely in industrial control systems (ICS) among which the supervisory control and data acquisition (SCADA) system is used to monitor and manage essential operations exposing it to cyber threats and attacks. Cyber threats and attacks on critical infrastructure result to denial of service, vandalism, theft or manipulation of data and even physical harm which can lead to catastrophic national security and economic downturn. These are attributed to the integration and increasing interconnectivity of enterprise information technology and operational technology with standard solution instead of proprietary protocol and software. This paper presents analysis of threat: environment, classification and their attributes and cyber-security frameworks to guard against threats and attacks on critical energy infrastructures using case study approach to demonstrate practical applications in real-world scenarios. The emphasis is on supervisory control and data acquisition (SCADA) system for remote controlling switches, pumps and surveillance systems. This is for government to shape the cyber-security outlook of the critical energy infrastructures to be more secured, resilient, adaptive and sustainable. This will help government make meaningful informed decisions on the cyber-security solutions most appropriate to meet their specific needs and challenges. Besides, it will promote collaboration and knowledge sharing amongst professionals and stakeholders in government, energy companies, regulators, and cyber-security experts for greater innovation and advancement. Keywords: Cybersecurity Framework, Critical Infrastructure, Cyber Threat, Energy, Supervisory Control and Data Acquisition Systems (SCADA), Collaboration.
48
Richter, Maximilian, Klaus Schwarz, and Reiner Creutzburg. "Conception and Implementation of Professional Laboratory Exercises in the field of ICS/SCADA Security - Part I: Fundamentals." Electronic Imaging 2021, no. 3 (2021): 73–1. http://dx.doi.org/10.2352/issn.2470-1173.2021.3.mobmu-073.
Full textAbstract:
Industrial control systems are essential for producing goods, electricity generation, infrastructure maintenance, and the transport of energy, water, and gas. They form the core of the critical infrastructure of modern industrial nations and are therefore of particular interest. Through the increased inter-connectivity of formerly isolated ICS process environments and standard IT technologies such as Ethernet, processes can be optimized and synergies leveraged. However, ICS/SCADA also becomes the target of the same cyber-attacks as conventional IT systems. Therefore, it is necessary to combine IT security has accumulated knowledge and experience with the classic Safety-First-mentality of ICS/SCADA environments to avoid significant problems in the foreseeable future. The new course was created for precisely this purpose. The investigation of the security of systems and organizations in Red and Blue Teams has long proven it is worth and is used worldwide. The first part of the Red Team side exercise deals specifically with finding and exploiting security vulnerabilities. Red Teaming refers to an independent group that acts as a counterpart to an organization to improve its operational effectiveness and enhance its security. It is the declared goal of the Red Team to detect security vulnerabilities. This work is intended to convey this interfacing knowledge; in the practical exercises for Red Teaming, these hybrid infrastructures and systems’ weak points are identified and exploited. Students will participate in numerous hands-on exercises throughout the course using the tools and techniques that form the basis for attacks on infrastructure, such as industrial control systems. A detailed accompanying theory precedes the exercises, and the course is structured as follows:Introduction <list list-type="bullet"> <list-item>ICS Cyber Kill Chain</list-item> <list-item>Types of information gathering</list-item> </list>Red Team Tools <list list-type="bullet"> <list-item>Nmap</list-item> <list-item>Maltego</list-item> <list-item>Shodan</list-item> <list-item>Google hacking</list-item> <list-item>The Harvester</list-item> <list-item>Wireshark</list-item> <list-item>GrassMarlin</list-item> <list-item>Metasploit Framework (MSF)</list-item> <list-item>John the Ripper</list-item> </list>Exercise 1 - Open Source Intelligence (OSINT) <list list-type="bullet"> <list-item>Gathering information with Maltego</list-item> <list-item>Find Remote Access with Google and Shodan</list-item> </list>Exercise 2 - Analysis of network recordings <list list-type="bullet"> <list-item>Analysis of ICS network recordings with Wireshark</list-item> <list-item>Analysis of ICS network recordings with GrassMarlin</list-item> </list>
49
Suroso, Suroso, Sahnyoto Supriyadi, Totok Dermawan, and Adi Abimanyu. "Desain Sistem Mekanik Robot SCARA untuk Internet Nuclear Instrumentation Laboratory." Jurnal Pengawasan Tenaga Nuklir 3, no. 2 (2023): 7–13. http://dx.doi.org/10.53862/jupeten.v3i2.002.
Full textAbstract:
Radiation protection training requires a robotic arm as a radiation shield regulator that can be controlled remotely to reduce radiation risk. The required robot is a Selective Compliance Assembly Robot Arm (SCARA) type robotic arm. This research aims to design a mechanical system for the SCARA robot for the Internet Nuclear Instrumentation Laboratory (INIL). The research method for making robots begins with a 3D CAD design followed by manufacturing and assembly. Robot control using the Arduino IDE application. Robotic arm testing using stress analysis from Autodesk Inventor software and movement and accuracy testing. The results of the research have successfully designed robotic arms with dimensions of 50.8 cm high, 14 cm wide, and 56 cm long. The robot's work area is 189 cm2, with the farthest range being 30 cm. Keywords: radiation protection, mechanical design, SCARA robot, robotic arm, NPP, INIL
50
Nankya, Mary, Robin Chataut, and Robert Akl. "Securing Industrial Control Systems: Components, Cyber Threats, and Machine Learning-Driven Defense Strategies." Sensors 23, no. 21 (2023): 8840. http://dx.doi.org/10.3390/s23218840.
Full textAbstract:
Industrial Control Systems (ICS), which include Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS), and Programmable Logic Controllers (PLC), play a crucial role in managing and regulating industrial processes. However, ensuring the security of these systems is of utmost importance due to the potentially severe consequences of cyber attacks. This article presents an overview of ICS security, covering its components, protocols, industrial applications, and performance aspects. It also highlights the typical threats and vulnerabilities faced by these systems. Moreover, the article identifies key factors that influence the design decisions concerning control, communication, reliability, and redundancy properties of ICS, as these are critical in determining the security needs of the system. The article outlines existing security countermeasures, including network segmentation, access control, patch management, and security monitoring. Furthermore, the article explores the integration of machine learning techniques to enhance the cybersecurity of ICS. Machine learning offers several advantages, such as anomaly detection, threat intelligence analysis, and predictive maintenance. However, combining machine learning with other security measures is essential to establish a comprehensive defense strategy for ICS. The article also addresses the challenges associated with existing measures and provides recommendations for improving ICS security. This paper becomes a valuable reference for researchers aiming to make meaningful contributions within the constantly evolving ICS domain by providing an in-depth examination of the present state, challenges, and potential future advancements.