SCISSOR – Security in Trusted SCADA and Smart Grids

The SCISSOR project is concerned with the security of SCADA systems that are employed in industrial control processes – often in the context of critical infrastructures like energy, water, transport, finance, and health where security breaches potentially have devastating consequences.

In earlier times the security of SCADA systems was esentially built upon: i) physical access restrictions; ii) the use of proprietary technologies; iii) the physical isolation of the SCADA network from the Internet.

In the last decade, many boundary conditions have dramatically changed. On one side, for obvious cost and market reasons, industrial control processes and SCADA systems have made a significant move towards the progressive adoption of common low cost equipment (Windows/Linux PCs and servers, embedded systems, commercial switches, etc.). Moreover, the massive deployment of cheap and flexible Internet of Things technologies is deemed to profoundly impact industrial processes and critical infrastructures to an unprecedented extent. Such devices and technologies rely on the same standard Internet protocols (e.g. TCP/IP, HTTP, etc.) and ICT solutions and systems used in ordinary networks and systems. As such, they are already extensively scrutinized and challenged by attackers, who may bring into the SCADA networks the same vulnerabilities and attacks extensively exploited in the Internet at large. Attacks which, in many cases, are largely documented over manuals and Internet videos, and require very little technical skills besides the ability to press a tool’s button.

Obviously, the best way to protect critical infrastructures would consist in redesigning SCADA systems from scratch, by leveraging secure operating system technologies. While this solution is in principle appealing, it would be hardly viable (at least in short/medium term), as it would require to redesign all (!) the software for industrial systems.

SCISSOR primarily targets a complementary approach which holds the promise to concretely impact in much shorter time frames, affords incremental deployment and functional extensions as they will come, and can be exploited not only in new installations, but can be integrated in already existing deployments.

Specifically, the proposed framework consists in the design of a holistic, multi-layered, security monitoring and mitigation framework, spanning all the dimensions present in a critical infrastructure deployment: control of the environment, control of the network traffic, control of the hardware and software system components, control of the people accessing the infrastructure, and, of course native control of the industrial process itself.

The SCISSOR validation will be two-fold, leveraging both i) a testbed using an off-field SCADA platform, implementing a complete set of solutions, so as to challenge the ability of the framework to detect and thwart targeted threats, and ii) an on-field, real world deployment within a running operational smart grid in an Italian island.