Search

Premium Membership

Learn about power engineering and HV/MV/LV substations. Study specialized technical articles, electrical guides, and papers.

Home / Download Center / Electrical Engineering Books and Technical Guides / Power substation guides / Best Practices In Substation SCADA Cybersecurity

Vulnerability to malicious cyber attacks

There are over 3000 electricity providers in the United States, encompassing investor and publicly owned utilities as well as electric cooperatives. There has been ongoing trends to increasingly automate and provide remote control and monitoring of electric energy delivery systems.

Best Practices In Substation SCADA Cybersecurity
Best Practices In Substation SCADA Cybersecurity

The deployment of computer network technologies has increased the efficiency and reliability of electric power infrastructure. However, the increased use of digital communications has also increased the vulnerability to malicious cyber attacks.

In 2004 the National Research Councils (National Academies) formed a committee of specialists to address these vulnerabilities and propose possible solutions with an objective to prioritize the R&D needs for developing countermeasures. The committee addressed many potential concerns in the electric power delivery system and classified them based upon different criteria and presented recommendations to minimize the gap between the academic research directions and the needs of the electric utility industry.

The complexity and diversity of the electric power delivery system in the U.S. has opened many ports for attackers and intruders. This complexity and diversity is attributed to the fact that power delivery system is a network of substations, transmission and distribution lines, sub-networks of controlling, sensing and monitoring units, and human operator involvement for running the system.

Accordingly, any incident such as the occurrence of a fault or disturbance in this complex network cannot be deferred and should be resolved within an order of milliseconds, otherwise there is risk of large-scale outages similar to the occurrences in India and the U.S. in 2003.

There are three main vulnerabilities in supervisory control and data acquisition (SCADA) systems commonly identified: physical vulnerability, cyber vulnerability and personal vulnerability.

Schematic layout illustrates the communication protocols used between the Substation and the Control Center and between the Substation and Data Warehouse for transferring the operation and nonoperation data respectively
Schematic layout illustrates the communication protocols used between the Substation and the Control Center and between the Substation and Data Warehouse for transferring the operation and nonoperation data respectively

In terms of cyber threats, SCADA systems are the most critical elements in the electric power grid in the U.S. Unauthorized access to a SCADA system could enable/disable unexpected equipment (such as disable the protection system or a circuit breaker) which could cause large scale disruptions of electric power delivery.

This paper provides an overview of power system SCADA technologies in transmission substations (Section 2) and summarizes the best practices for implementing a cyber security program. After introducing SCADA system operations in Section 2, a description of the security challenges for SCADA systems is presented in Section 3.

In Section 4, NECRC Critical Infrastructure Protection standards CIP-002 through CIP-009 are summarized. An overview of industry best practices is presented in Section 5.


SCADA’s Historical Background and Definition

A supervisory control and data acquisition (SCADA) system is the network that provides a capability of real time-remote monitoring the state of an electric power and as well as the ability to remote control its operation. The first attempts to control and monitor systems remotely began as early as the 1890s when more patents started to be issued.

These efforts were translated into real applications in the early of 1900s when different remote control and monitoring techniques were developed. The first SCADA platform, which was developed by John B. Harlow in 1921, had two main functions: detecting the system status remotely and then updating the control center automatically.

In the 1980s, the development of remote terminal units (RTU) by using microprocessor-based electronics and intelligent electronic devices (IEDs) increased the flexibility of the SCADA system in terms of functionality and capability.

Title:Architecture and Methods for Substation SCADA Cybersecurity: Best Practices – Hamdi Albunashee, Muthanna Alsarray and Roy A. McCann at Department of Electrical Engineering, University of Arkansas
Format:PDF
Size:1.0 MB
Pages:12
Download:Right here | Video Courses | Membership | Download Updates
Best Practices In Substation SCADA Cybersecurity
Best Practices In Substation SCADA Cybersecurity

Premium Membership

Get access to premium HV/MV/LV technical articles, advanced electrical engineering guides, papers, and much more! It will help you to shape up your technical skills in your everyday life as an electrical engineer.
More Information

Leave a Comment

Tell us what you're thinking... we care about your opinion!

EEP Academy Video Courses

The learning platform for LV/MV/HV electrical engineers. Learn from experienced engineers and sharpen up your knowledge.
Schneider Electric - Coming back stronger together!