Challenges in Securing Industrial Control Systems Using Future Internet Technologies

This chapter explores challenges in securing industrial control systems (ICS) and Supervisory Control And Data Acquisition (SCADA) systems using Future Internet technologies. These technologies include cloud computing, fog computing, Industrial internet of things (IIoT), etc. The need to design specific security solutions for ICS/SCADA networks is explained. A brief overview of cyber vulnerabilities and threats in industrial control networks, cloud, and IoT environments is presented. The security of cloud-based SCADA systems is considered, including benefits and risks of SCADA migration to the cloud, challenges in securing such systems, and migration toward fog computing. Challenges in securing IIoT are addressed, including security risks and operational issues, key principles for securing IIoT, the functional security architecture, and the role of fog computing. Authors point out current standardization activities and trends in the area, and emphasize conclusions and future research directions.

Digital Enablement Through Effective Deployment and Commissioning of Instrumentation, Supervisory Control and Data Acquisition System SCADA in Surface Facilities

In the era of all-encompassing Big Data and the Internet of Things (IoT), mastery of Instrument Control (I&C) and SCADA systems deployment is becoming more important as the Operational Technology (OT) foundation for digital integration, data gathering, processing, analytics, and the optimization of business results. Integration and communication between different I&C and SCADA products and systems in an Oil and Gas project represent a significant challenge. The issues encountered on projects globally can prolong project schedules from weeks to months with consequential impacts on commercial gas production, project cash flow, and economics. This paper presents how to enable digital operations through holistic design, well-organized kickoff, effective Integrated Factory Acceptance Test (IFAT), and timely commissioning of I&C and SCADA systems for surface facilities of a gas field development project. It provides a feasible, economical and proven solution to address the foregoing challenges. Furthermore, in this paper we present a snapshot of how to use the latest data-science technology to bring out the value of the gold mine - big data generated by the I&C and SCADA systems.

Unsupervised transfer learning for condition monitoring of a fleet of wind turbines

The condition monitoring and health status prediction of a fleet of wind turbines are essential for the safety of wind turbines. At present, the Supervisory Control And Data Acquisition (SCADA) system has been widely used in wind turbines, which can monitor and collect various physical information and sensor information of wind turbines in real-time. Due to the fact that the amount of data obtained by SCADA systems is extremely large, developing an intelligent decision-making system based on deep learning is a very valuable research. Therefore, this paper is committed to exploring a health status prediction algorithm of wind turbines based on deep learning and SCADA systems. However, yet in actual industrial applications, it is very time-consuming and expensive to obtain a large amount of labeled data. In addition, as failures rarely occur, there is a serious sample imbalance problem in the datasets. More importantly, due to the difference in working environment and physical parameters, there are significant differences in the feature distribution of different wind turbines data, which lead to a significant drop in the performance of the deep learning model on unknown wind turbines. Therefore, we propose an unsupervised transfer learning algorithm based on Generative Adversarial Networks for wind turbine health status prediction (WT-GAN). WT-GAN can not only remove the domain shift between wind turbines, but also it is an unsupervised learning method. This practically means that only the unlabeled data for the target domain is required, which solves the problem of labeling data. In order to evaluate the effectiveness of WT-GAN on the condition monitoring of a fleet of wind turbines, we apply this method to one dataset about blade icing detection of wind turbines. The experimental results prove that the proposed method can predict the health of the wind turbine well. In addition, it can significantly reduce the domain shift among different wind turbines, thereby achieving excellent performance on unknown wind turbines.

Improvement of nuclear facilities DNP3 protocol data transmission security using super encryption BRC4 in SCADA systems

Background Data transmissions using the DNP3 protocol over the internet in SCADA systems are vulnerable to interruption, interception, fabrication, and modification through man-in-the-middle (MITM) attacks. This research aims to improve the security of DNP3 data transmissions and protect them from MITM attacks. Methods This research describes a proposed new method of improving DNP3 security by introducing BRC4 encryption. This combines Beaufort encryption, in which plain text is encrypted by applying a poly-alphabetic substitution code based on the Beaufort table by subtracting keys in plain text, and RC4 encryption, a stream cipher with a variable-length key algorithm. This research contributes to improving the security of data transmission and accelerating key generation. Results Tests are carried out by key space analysis, correlation coefficient analysis, information entropy analysis, visual analysis, and time complexity analysis.The results show that to secure encryption processes from brute force attacks, a key of at least 16 characters is necessary. IL data correlation values were IL1 = −0.010, IL2 = 0.006, and IL3 = 0.001, respectively, indicating that the proposed method (BRC4) is better than the Beaufort or RC4 methods in isolation. Meanwhile, the information entropy values from IL data are IL1 = 7.84, IL2 = 7.98, and IL3 = 7.99, respectively, likewise indicating that the proposed method is better than the Beaufort or RC4 methods in isolation. Both results also show that the proposed method is secure from MITM attacks. Visual analysis, using a histogram, shows that ciphertext is more significantly distributed than plaintext, and thus secure from MITM attacks. The time complexity analysis results show that the proposed method algorithm is categorized as linear complexity.

APPLICATION OF INTERNET ARCHITECTURE IN CENTRALIZED AUTOMATED PROCESS CONTROL SYSTEMS

This article discusses the use of Internet architecture in centralized automated process control systems for the purpose of monitoring and managing geographically distributed objects. The hardware components of the proposed architecture are described and the required functions are formulated. The methods of implementing these functions of centralized control systems based on this architecture are proposed: using internal algorithms of SCADA systems, or using microprocessor subsystems. The difficulties that are likely to be encountered when implementing all the required functions in the system being developed are described.