Attackers, spread all around the world, have become
a major threat to SCADA systems, since they started using
opened-standard networks, integrated to corporate networks and
accessing the Internet. It is true that there are also many different
security solutions and techniques available, such as firewalls,
encryption, network traffic analysis and a few others, though,
intruders still managed to gain access and control delicate
systems. Pointed as a non-invasive solution, intrusion detection
systems (IDS) are able to monitor and report activities of any
anomaly or strange patterns. However, due to the lack of SCADA
network traffic data, such IDS solutions are still primitive and
based on just well-known vulnerabilities and attacks, where a
dedicated IDS is necessary to properly protect SCADA in water
distribution systems. This study highlights SCADA vulnerabilities
and security issues, through a qualitative approach, using known
attacks and examples in security as case studies and aiming to
present scenarios on this issue, as well, an overview of today’s
SCADA vulnerabilities and main threats. Results show that the
identification of Intrusion Detection Systems (IDS), with their
approaches and types, also widely implemented in regular IT
networks, help on providing a higher security level and identifying
abnormal traffic data. Such systems have indeed shown a good
success rate on identifying malicious traffic in SCADA networks,
mainly because of their evolution to Ethernet and open
communication protocols. Based on these singular
characteristics, studying SCADA networks and their
communication protocols is seen as a major factor to properly
develop robust security mechanisms and tolls.