Dong-Joo Kang

Analysis on cyber threats to SCADA systems

SCADA is the acronym of Supervisory Control and Data Acquisition, which is a communication technology scheme for collecting data from distant facilities and also controlling them on control systems. By SCADA technology it is not necessary to assign operators to remote locations for operating the facilities there. In the beginning SCADA system was locally introduced, and it has been applied to larger and wide-area systems as the information technology evolves. As SCADA system expands to wide area, it has been connected to common communication infrastructure while it was a locally independent control system network initially. Since the Internet came up, all different kinds of communication networks have been being integrated into the Internet for both technological and economic efficiencies. But it also causes the SCADA system to be revealed to the cyber security risks common on the Internet at the same time. Today many major utility services are provided on SCADA networks, so it is very critical to protect the system from those risks. The damage would be very serious if one of the SCADA systems are attacked and thereby stop normal operation, therefore it should be considered to take countermeasures against the threats. Cyber security problem requires multidirectional approach considering many different aspects of vulnerabilities in the system. This paper analyzes the SCADA network vulnerabilities on the aspects of cyber security.

A Proposal for Key Policy of Symmetric Encryption Application to Cyber Security of KEPCO SCADA Network

SCADA (supervisory control and data acquisition) SCADA refers to the combination of telemetry and data acquisition. SCADA system has been used for remote measurement and control on the critical infrastructures as well as modern industrial facilities. Electric power system is a representative system using SCADA network for its communication. Integration between many networks and increasing threatens of terrorism have made the potential risk by cyber attacks real and bigger in power system. Recently, many researching efforts have been made on SCADA network for improving its security. In general aspect, there are already several ways to secure the system like encryption, firewall, authentication, etc. In this paper, we focus on symmetric encryption method and propose the proper key distribution method to reflect the unique characteristics of SCADA network communication.

A Platform for Smart Substations

For more efficient and economical management of substations, the concept of a smart substation has been introduced using intelligent and ubiquitous IT techniques. Also, many site studies for smart substations have been performed. In this paper, we propose ubiquitous IT prototype hardware, functions and communication interfaces on an embedded platform. Also, we suggest operating system architecture to implement smart substations effectively.

Development of test-bed and security devices for SCADA communication in electric power system

SCADA means the communication scheme or network for control systems, which stands for supervisory control and data acquisition. It is very important for SCADA to be operated on real time basis because it is directly related to the operation of physical systems of utility services such as electricity, water-supply, gas, etc. SCADA networks are originally started as local control systems and they have expanded to wide-area control systems as the communication technology evolves. On the process of expansion it extends its own private network and also common communication networks. Control systems have different characteristics compared to general communication networks. The real time property is a representative difference of control systems from communication networks, which should be strongly satisfied for normal operation. Besides that it is required to consider different protocols, data size, network topology etc. Considering these factors, the integration of different networks might cause various problems on the aspects of the required communication speed, device compatibility, cyber security vulnerabilities, etc. Therefore it is recommended to be simulated on a test-bed before the application to the real system. This paper is about the construction of test-bed for communication simulation in electric power system.

Quantitative Methodology to Assess Cyber Security Risks of SCADA system in Electric Power Industry

This paper is about the study to build a quantitative methodology to assess cyber threats and vulnerabilities on control systems. The SCADA system in power industry is one of the most representative and biggest control systems. The SCADA system was originally a local system but it has been extended to wide area as both ICT and power system technologies evolve. Smart Grid is a concept to integrate energy and IT systems, and therefore the existing cyber threats might be infectious to the power system in the integration process. Power system is operated on a real time basis and this could make the power system more vulnerable to the cyber threats. It is a unique characteristic of power systems different from ICT systems. For example, availability is the most critical factor while confidentiality is the one from the CIA triad of IT security. In this context, it is needed to reflect the different characteristics to assess cyber security risks in power systems. Generally, the risk(R) is defined as the multiplication of threat(T), vulnerability(V), and asset(A). This formula is also used for the quantification of the risk, and a conceptual methodology is proposed for the objective in this study.

A Study on Design of Home Energy Management System to Induce Price Responsive Demand Response to Real Time Pricing of Smart Grid

Smart Grid has two main objectives on both supply and demand aspects which are to distribute the renewable energy sources on supply side and to develop realtime price responses on demand side. Renewable energy does not consume fossil fuels, therefore it improves the eco-friendliness and saves the cost of power system operation at the same time. Demand response increases the flexibility of the power system by mitigating the fluctuation from renewable energies, and reduces the capacity investment cost by shedding the peak load to off-peak periods. Currently Smart Grid technologies mainly focus on energy monitoring and display services but it has been proved that enabling technologies can induce the higher demand responses through many pilot projects in USA. On this context, this paper provides a price responsive algorithm for HEMS (home energy management system) on the real time pricing environment. This paper identifies the demand response as a core function of HEMS and classifies the demand into 3 categories of fixed, transferable, and realtime responsive loads which are coordinated and operated for the utility maximization or cost minimization with the optimal usage combination of three kinds of demand.

Intelligent decision-making system with green pervasive computing for renewable energy business in electricity markets on smart grid

This paper is about the intelligent decision-making system for the smart grid based electricity market which requires distributed decision making on the competitive environments composed of many players and components. It is very important to consider the renewable energy and emission problem which are expected to be monitored by wireless communication networks. It is very difficult to predict renewable energy outputs and emission prices over time horizon, so it could be helpful to catch up those data on real time basis using many different kinds of communication infrastructures. On this backgrounds this paper provides an algorithm to make an optimal decision considering above factors.

Flexible Key Distribution for SCADA Network using Multi-Agent System

SCADA (Supervisory Control and Data Acquisition) system has been used for remote measurement and control on the critical infrastructures as well as modern industrial facilities. As cyber attacks increase on communication networks, SCADA network has been also exposed to cyber security problems. Especially, SCADA systems of energy industry such as electric power, gas and oil are vulnerable to targeted cyber attack and terrorism. Recently, many research efforts to solve the problems have made progress on SCADA network security. In this paper, flexible key distribution concept is proposed for improving the security of SCADA network using multi-agent system (MAS).

A SCADA Testbed Implementation Architecture for Security Assessment

집중 원격감시 제어 또는 감시제어 데이터 수집 시스템인 SCADA(Supervisory Control And Data Acquisition) 는 기존의 국지적인 산업용 네트워크 기반의 제어시스템이 정보통신 기술의 발전으로 광역화되면서 전력, 가스, 상하수도, 교통시스템 등 주요 기반시설에 적용되어 분산제어와 공정제어 시스템으로 사용되고 있다...

A Development of Cipher Device based on Embedded Linux for Serial Communication in SCADA

The Supervisory Control and Data Acquisition Systems (SCADA) system provides monitoring, data gathering, analysis, and control of the equipment used to manage most infrastructure. The SCADA Network is implemented in a various manner for larger utilities, and multiple types of protocol and communication interfaces are used to network the control center to remote sites. The existing SCADA equipment and protocols were designed and implemented with availability and efficiency, and as a result security was not a consideration. So, performance, reliability, flexibility and safety of SCADA systems are robust, while the security of these systems is often weak. This makes some SCADA networks potentially vulnerable to disruption of service, process redirection, or manipulation of operational data that could result in public safety concerns and/or serious disruptions to the infrastructure. To reduce the risks, therefore, there is a need to have a security device such as cipher devices or cryptographic modules for security solutions. In this paper we develop an embedded cipher device for the SCADA equipment. This paper presents a cipher device designed to improve the security of its networks, especially in the serial communication.