Search

Premium Membership ♕

Save 50% on all EEP Academy courses with Enterprise Membership Plan and study specialized LV/MV/HV technical articles, guides and courses.

Home / Download Center / Electrical Engineering Books and Technical Guides / Power substation guides / Best Practices In Substation SCADA Cybersecurity

Vulnerability to malicious cyber attacks

There are over 3000 electricity providers in the United States, encompassing investor and publicly owned utilities as well as electric cooperatives. There has been ongoing trends to increasingly automate and provide remote control and monitoring of electric energy delivery systems.

Best Practices In Substation SCADA Cybersecurity
Best Practices In Substation SCADA Cybersecurity

The deployment of computer network technologies has increased the efficiency and reliability of electric power infrastructure. However, the increased use of digital communications has also increased the vulnerability to malicious cyber attacks.

In 2004 the National Research Councils (National Academies) formed a committee of specialists to address these vulnerabilities and propose possible solutions with an objective to prioritize the R&D needs for developing countermeasures. The committee addressed many potential concerns in the electric power delivery system and classified them based upon different criteria and presented recommendations to minimize the gap between the academic research directions and the needs of the electric utility industry.

The complexity and diversity of the electric power delivery system in the U.S. has opened many ports for attackers and intruders. This complexity and diversity is attributed to the fact that power delivery system is a network of substations, transmission and distribution lines, sub-networks of controlling, sensing and monitoring units, and human operator involvement for running the system.

Accordingly, any incident such as the occurrence of a fault or disturbance in this complex network cannot be deferred and should be resolved within an order of milliseconds, otherwise there is risk of large-scale outages similar to the occurrences in India and the U.S. in 2003.

There are three main vulnerabilities in supervisory control and data acquisition (SCADA) systems commonly identified: physical vulnerability, cyber vulnerability and personal vulnerability.

Schematic layout illustrates the communication protocols used between the Substation and the Control Center and between the Substation and Data Warehouse for transferring the operation and nonoperation data respectively
Schematic layout illustrates the communication protocols used between the Substation and the Control Center and between the Substation and Data Warehouse for transferring the operation and nonoperation data respectively

In terms of cyber threats, SCADA systems are the most critical elements in the electric power grid in the U.S. Unauthorized access to a SCADA system could enable/disable unexpected equipment (such as disable the protection system or a circuit breaker) which could cause large scale disruptions of electric power delivery.

This paper provides an overview of power system SCADA technologies in transmission substations (Section 2) and summarizes the best practices for implementing a cyber security program. After introducing SCADA system operations in Section 2, a description of the security challenges for SCADA systems is presented in Section 3.

In Section 4, NECRC Critical Infrastructure Protection standards CIP-002 through CIP-009 are summarized. An overview of industry best practices is presented in Section 5.


SCADA’s Historical Background and Definition

A supervisory control and data acquisition (SCADA) system is the network that provides a capability of real time-remote monitoring the state of an electric power and as well as the ability to remote control its operation. The first attempts to control and monitor systems remotely began as early as the 1890s when more patents started to be issued.

These efforts were translated into real applications in the early of 1900s when different remote control and monitoring techniques were developed. The first SCADA platform, which was developed by John B. Harlow in 1921, had two main functions: detecting the system status remotely and then updating the control center automatically.

In the 1980s, the development of remote terminal units (RTU) by using microprocessor-based electronics and intelligent electronic devices (IEDs) increased the flexibility of the SCADA system in terms of functionality and capability.

Title:Architecture and Methods for Substation SCADA Cybersecurity: Best Practices – Hamdi Albunashee, Muthanna Alsarray and Roy A. McCann at Department of Electrical Engineering, University of Arkansas
Format:PDF
Size:1.0 MB
Pages:12
Download:Here 🔗 (Get Premium Membership) | Video Courses | Download Updates

Suggested Reading – Should we be concerned about the cybersecurity of modern digital substations?

Should we be concerned about the cybersecurity of modern digital substations?

Premium Membership

Get access to premium HV/MV/LV technical articles, advanced electrical engineering guides, papers, and much more! It will help you to shape up your technical skills in your everyday life as an electrical engineer.
50% Discount 💥 - Save 50% on all 90+ video courses with Enterprise Membership plan.

More Information

Leave a Comment

Tell us what you're thinking. We care about your opinion! Please keep in mind that comments are moderated and rel="nofollow" is in use. So, please do not use a spammy keyword or a domain as your name, or it will be deleted. Let's have a professional and meaningful conversation instead. Thanks for dropping by!

four  +  four  =  

Learn How to Design Power Systems

Learn to design LV/MV/HV power systems through professional video courses. Lifetime access. Enjoy learning!

EEP Hand-Crafted Video Courses

Check more than a hundred hand-crafted video courses and learn from experienced engineers. Lifetime access included.
Experience matters. Premium membership gives you an opportunity to study specialized technical articles, online video courses, electrical engineering guides, and papers written by experienced electrical engineers.