SAFETY ASSESSMENT FOR SCADA SYSTEM OF A CRITICAL INFRASTRUCTURE CONSIDERING AVAILABILITY OF CYBER AND CLOUD ASSETS
Growing complexness, scalable and dynamic of tasks for Critical Infrastructure (CI) create necessary preconditions to extend functionality and to improve information support of CI management system. According to distinct significance of this issue, the solution depends on safety and security of Supervisory Control and Data Acquisition System (SCADA), which includes into overall circuit of the CI Management System. Note that the malicious deliberate intrusions together with different Hard Ware failures of the SCADA as well reflect growing concern about low overall availability level of the SCADA system for CI. Proposed paper is devoted to possibility to use additional cloud assets in order to improve safety and cybersecurity of SCADA system for CI.
Nowadays researchers should understand that different negative events, such as data breaches, hacker attacks and malicious deliberate impacts are key causes of SCADA CI failures. Moreover, due to different sudden and hidden failures, the SCADA system of CI has low availability and safety that can lead to great damages for providers and users. Therefore, before begin to create management system for CI based on SCADA system vendors will perform justification of safety and security requirements for the SCADA system. In order to solve the task vendors can be used a proposed approach. The proposed approach is based on consistent application of new and unknown techniques and models. In fact researchers can use safety and dependability diagrams, including reliability block diagrams in order to build analytical and stochastic models for different assets of SCADA CI. These models can be used by researchers to get more modeling results, further these modeling results will be used by them in order to estimate overall safety assessment for SCADA CI. Using Markov Modelling Processes results for availability assessment of the SCADA components, firewalls and password models, researchers can estimate overall safety assessment based on the use of familiar stochastic equations. In according with proposed approach users can use additional Amazon Web Services (AWS) in order to build effective functioning safety and security protection system, which can be utilized by them to improve safety level of SCADA CI. Numerical modelling results for cyber assets with deployment of AWSs how additional cloud assets into overall management circuit allow to improve overall safety level of SCADA CI about ten percent. It means that in the near future time’s vendors can use cloud assets in order to create effective functioning management systems for different Critical Infrastructures with reciprocal connection among their components, service-oriented resources and diverse users’ clusters.
2. Byun J., Kim Y., Hwang Z., Park S. (2012), “An intelligent cloud-based energy management system using machine to machine communications in future energy environments”, materials in 2012 IEEE International Conference on Consumer Electronics (ICCE), USA. P. 664-665.
3. Yigit, M., Gungor, V. C., Baktir, S. (2014). “Cloud computing for smart grid applications”, journal Computer Networks, vol. 70, pp. 312-329.
4. Anderson, D., Gkountouvas, T., Meng, M., Birman, K., Bose, A., Hauser, C., Zhang, Q. (2018). “GridCloud: infrastructure for cloud-based wide area monitoring of bulk electric power grids”, journal IEEE Transactions on Smart Grid, vol. 10(2), pp. 2170-2179.
5. Bakken D. Smart Grids: Clouds, Communications, Open Source, and Automation. London: CRC Press, 2014, 60 p.
6. Marzal, S., González-Medina, R., Salas-Puente, R., Garcerá, G., Figueres, E. (2019). “An Embedded Internet of Energy Communication Platform for the Future Smart Microgrids Management”, journal IEEE Internet of Things Journal, vol. 6(4), pp. 7241-7252.
7. Fairley, P. (2016). “Cybersecurity at U.S. utilities due for an upgrade: Tech to detect intrusions into industrial control systems will be mandatory”, journal IEEE Spectrum, vol. 53(5), pp. 11–13.
8. Ivanchenko, О., Kharchenko, V. (2016), “Analysis of stochastic methods for metamodeling and availability estimation for cloud infrastructure”, journal Radioelectronic and computer systems, vol. (80), pp. 6–11.
9. Ghosh, R., Longo, F., Xia, R., Naik, K., Trivedi, K. (2013). “Stochastic Model Driven Capacity Planning for an Infrastructure-as-a-Service Cloud”, journal IEEE Transaction on Services Computing, vol. 7(4), pp. 667–680.
10. Tuffin B., Trivedi K. (2000), “Implementation of Importance Splitting Techniques in Stochastic Petri Net PAckage”, materials in 11th International Conference, TOOLS 2000 Schaumburg, USA, P. 216-229.
11. Trivedi, K., Sahner, R. (2009). “SHARPE at the Age of Twenty Two”, journal ACM Sigmetrics Performance Evaluation Review, vol. 36(4), pp. 52–57.
12. Melo М., Maciel P., Araujo J., Matos R., Araujo C. (2013), “Availability study on cloud computing environments: Live migration as a rejuvenation mechanism”, materials in 43rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), Hungary, P. 1–6.
13. H. Khazaei, C. Barna, M. Litoiu (2019), Performance Modeling of Microservice Platforms Considering the Dynamics of the Underlying Cloud Infrastructure, [Online], available at: https://arxiv.org/pdf/1902.03387v1.pdf.
14. Trivedi, K., Sharma, V. (2007), “Quantifying software performance, reliability and security: An architecture-based approach”. Journal of Systems and Software, vol. 80 (4), pp. 493–509.
15. Mateo-Fornés, J., Solsona-Tehàs, F., Vilaplana-Mayoral, J., Teixidó-Torrelles, I., Rius-Torrentó, J. (2019). “CART, a Decision SLA Model for SaaS Providers to Keep QoS Regarding Availability and Performance”, journal IEEE Access, vol. 7, pp. 38195–38204.
16. Ardagna, D., Ciavotta, M., Passacantando, M. (2015). “Generalized nash equilibria for the service provisioning problem in multi-cloud systems”, journal IEEE Transactions on Services Computing, vol. 10(3), pp. 381–395.
17. Ivanchenko, О. (2019). “ Analytical and stochastic method in order to build safety and security block diagrams of cyber assets of SCADA system for critical infrastructure ”, journal Systems and Technologies, vol. 1(57), pp. 81–106.
18. Yu, S.-Z., Kobayashi, H. (2003). “A hidden semiMarkov model with missing data and multiple observation sequences for mobility tracking”, journal Signal Processing, vol. 83(2), pp. 235–250.
19. Kharchenko, V. (2009). “Dependable systems and multi-version computing: aspects of evolution”, journal Radioelectronic and computer systems, vol. 7(41), pp. 46–59.
20. Ahmed, I., Obermeier, S., Naedele, M., Richard III, G. G. (2012), “Scada systems: Challenges for forensic investigators”, journal Computer, vol. 45(12), pp. 44–51.
21. Kasyanov, V. (2001), “Primenenie grafov v programmirovanii”, nauchno-tehnicheskiy zhurnal Programmirovanie, vol. 27(3), pp. 51–76.
22. Ammann P., Offutt J. Introduction to software testing. Cambridge University Press, 2016, 50 p.
23. Bolch G., Greiner S., De Meer H., Trivedi K. Queueing networks and Markov chains: modeling and performance evaluation with computer science applications. John Wiley & Sons, 2006, 878 p.
24. Ten, C. W., Liu, C., Manimaran, G. (2008). “Vulnerability assessment of cybersecurity for SCADA systems”, journal IEEE Transactions on Power Systems, vol. 23(4), pp. 1836–1846.
25. Dell Incorporation (2018), EMC PowerEdge R640, Technical Guide, [Online], available at: https://i.dell.com/sites/csdocuments/Shared-Content_data-Sheets_Documents/en/us/PowerEdge-R640-Technical-Guide.pdf.
26. AWS (2018), Summary of the Amazon S3 Service Disruption in the Northern Virginia (US-EAST-1) Region, [Online]. available at: https://aws.amazon.com/ru/message/41926/.