Reducing security vulnerabilities for critical infrastructure

In this paper, we show the need for improved Process Control System (PCS) security, and describe some of the promising research areas in PCS security. One implementation of PCS in critical infrastructure and factory automation is a supervisory, control, and data acquisition (SCADA) system, a real-time industrial process control system which centrally monitors and controls remote and/or local processes utilizing plant, equipment, or devices (such as switches, valves, pumps, relays, etc.) while collecting and logging field data. Current SCADA systems are distributed, networked, and dependent on open protocols for the internet, which are exposed to remote cyber terrorism. They are particularly vulnerable to unauthorized access. We give some examples of SCADA processes with natural gas control systems in USA and the Ubiquitous Sensor Network (USN) in Korea. We also examine a representative vulnerability and corresponding measures for security, and present an example of concrete measures for the security of mass transportation as a critical infrastructure. (C) 2009 Elsevier Ltd. All rights reserved.