Skip to Main Content
Industries are always concerned with reducing their operational costs and related expenses. Therefore, companies are constantly searching for solutions that improve their systems’ stability, fault tolerance, flexibility, and cost efficiency. By adopting such solutions, the complexity and interactivity of communications within the industrial systems is expected to expand. One such solution to fulfil the current needs of industrial systems is the concept of IoT, which involves cloud computing. The IoT-cloud combination offers the advantage of integrating CPSs such as SCADA systems. This integration leads to the concept of “smart” industrial systems .
The advent of the IoT-cloud combination has brought multiple benefits to the information technology (IT) industry that includes embedded security, cost reductions, improved uptime, and an increase in redundancy and flexibility. Critical infrastructures (CI) are also being integrated with the IoT-cloud services. IoT-cloud appears to exactly meet the uptime, flexibility, cost, and redundancy requirements of these systems in a reasonable way. We can describe CPSs as smart systems encompassing both physical and computational components that are seamlessly integrated and interact closely to sense changing states in the real world. CPS applications include—but are not limited to—smart transportation, smart medical technologies, smart electric grids, air traffic control, and so on. Under the IoT architecture it is not easy to clearly differentiate between Wireless Sensor Networks (WSN), machine-to-machine technologies, and CPSs. However, the study in  makes an effort to provide a general CPS model to show the overlapping concepts involved in these systems, as shown in Fig. 1.
At a supervisory level, the major responsibility of SCADA systems is to monitor a system’s processes and apply the appropriate controls accordingly. SCADA systems are basically CPSs used in industries. These systems include a wide number of application sectors, as presented in Fig. 2, and currently a lot of research has been conducted in this regard –    . For example, one application is in the healthcare sector –. SCADA systems that provide medical solutions enable doctors and associated healthcare team members to monitor and control a patient’s state of health in a cost effective and efficient manner. One such solution present in the industry is WebSCADA , which provides multiple benefits that include anywhere/anytime accessibility to the system through a secure web browser connection. WebSCADA is a scalable and flexible system that can easily integrate with new project features, easy maintenance, and is customizable for other industrial applications such as oil, manufacturing, gas utilities, security monitoring, and so on.
The future Internet is considered as a new concept for classical SCADA systems that have already been in operation for many years. We are aware that, with time, new technologies replace old technologies, but unfortunately, these existing SCADA systems are being retrofitted to combine the capabilities of both the old and the new technologies. Due to this overlapping use of both technologies, the security of SCADA systems is at risk. Hence, we can say that the integration of industrial business systems and the IoT-cloud concept has made the integrated SCADA systems more vulnerable compared with classical SCADA systems. In general, SCADA systems architecture contains a Human Machine Interface (HMI), hardware, software, Remote Terminal Units (RTUs), a supervisory station, sensors and actuators . The general architecture of SCADA systems in an IoT-cloud environment is illustrated in Fig. 3.
Standard protocols and wired communications were used when SCADA systems first came into existence and were solely aimed at monitoring and controlling system processes. However, when these systems were exposed to the IoT environment, which involves cloud computing and complex network environments, they became more vulnerable to cyberthreats and attacks. Table 1 describes the journey of SCADA systems from first generation to the IoT-based SCADA systems being used now.
The remainder of this paper is divided as follows. Section II presents the challenges of IoT-cloud based SCADA systems by identifying their major vulnerabilities and threats. Based on these identifications, Section III describes the current efforts to secure industrial SCADA systems in IoT-cloud environments. Section IV provides a number of recommendations and best practices being proposed to secure these systems. Section V describes a wide range of future research options for securing the industrial SCADA systems in an IoT-cloud environment, and Section VI concludes the paper.
The Siberian Pipeline Explosion happened in 1982 and is considered to be the first cybersecurity incident in the history of SCADA systems. In this explosion, an attacker exploited a system vulnerability using a virus called a Trojan horse. In 2000, a former worker hacked into the Maroochy Shire water plant control system, flooding the hotel grounds with raw sewage . In 2010, Iran’s nuclear system was disrupted by the Stuxnet worm . In 2011, another form of Stuxnet was discovered and given the name Duqu. Most recently, the Flame worm  brought devastation to Industrial Control Systems (ICS) and to SCADA systems.
A detailed literature review and analysis of the major attacks on SCADA systems can help focus attention on the reasons why these critical infrastructures are so vulnerable. Particularly in cases where these systems are integrated with the IoT and cloud based environments, they are far more exposed to such vulnerabilities. A number of vulnerabilities exist in these environments that could possibly implant malware in SCADA systems, some of which are listed below , , :
The vulnerabilities mentioned above form the basis for why CIs are exposed to threats that have a negative impact on the performance of these systems. A general statistical representation of the threats to SCADA systems before their exposure to the IoT-cloud environment is shown in Fig. 4. Insider threats are considered to be the most prominent type of attacks on IoT-based SCADA systems . Based on the current literature, a few threats to the SCADA systems in IoT-cloud environments are defined below:
To protect the SCADA systems from the above mentioned threats, many efforts have been made in terms of security frameworks, protection mechanisms and assurance approaches. The following section summarizes these efforts by first focusing on the efforts to secure SCADA systems outside of the IoT-cloud environment and then within the IoT-cloud environment.
The following general security considerations apply to SCADA systems:
Weak Communication: According to Wang , the communication links of SCADA systems can be attacked easily because they do not typically provide encryption and authentication mechanisms. The American Gas Association (AGA) has played a vital role in securing SCADA system communications and introduced the concept of cryptography within these systems’ communication. Secure SCADA (sSCADA), a plugin device, is presented in  as Part 1 of the AGA’s cryptographic standard, with two vulnerabilities that lead to man-in-the-middle and replay attacks. To address these vulnerabilities, the authors propose four channels of communication, each fulfilling different security services. The job of an attacker is made easy by the use of a weak protocol. The communication protocols used in SCADA systems are responsible for communicating messages over the entire industry network. Many protocols are used including DNP3, PROFIBUS, Ethernet/IP, etc., but based on the system requirements a particular protocol is selected for communication. The devices that were considered as trusted were connected to the SCADA systems network long before security issues were taken into consideration. Use of the new Internet-based technologies established untrusted connections. Hence, we can say that the built-in vulnerability of the communication protocols makes the systems weak. Igure and Williams  described three challenges that must be considered to improve SCADA system networks, as follows:
To assess and analyze the Modbus communication protocol’s vulnerability and risks, Byres et al.  used an attack tree model, revealing that the Modbus protocol is weak and lacks basic security requirements such as integrity, confidentiality and authentication. They recommended  using firewalls, Intrusion Detection Systems (IDSs) and encryption techniques for secure communications.
To secure the communication channels of SCADA systems, Patel and Sanyal  presented some solutions based on IP-Sec and SSL/TLS. The strengths and weakness of both presented solutions are also described in detail. On the network layer IP-Sec is presently capable of providing protection to each application responsible for carrying out communication tasks between two hosts. IP-Sec can secure the IP traffic, prevent DoS attacks, and is also able to stop any arbitrary communication packet from entering the TCP layer. Over TCP/IP, communications between (Remote Terminal Unit) RTUs and (Master Terminal Units) MTUs are secured by SSL/TLS, which is an efficient and fast solution and at the same time provides protection against man-in-the-middle and replay attacks. However, IP-Sec is also a complex and less scalable solution that is unable to provide nonrepudiation and authentication . In addition, IP-Sec encrypts all the traffic. Similarly, SSL/TLS is considered to be an expensive solution with known vulnerabilities and is also unable to provide nonrepudiation. Although both IP-Sec and SSL have their drawbacks, the clients need determine which solution to use. Security in IP-based SCADA systems is addressed in detail in .
In another approach to securing the communication channels of SCADA systems, two middleware methods are described by Khelil et al. . In the first method, the aim of the authors is to maintain data integrity and availability based on peer-to -peer protection by maintaining more than one copy of data. This data access technique can protect SCADA systems from router crashes as well as from data modifications. However, this approach is considered to be intrusive and requires modifications to be made on existing networks. In the second method, data availability is approached by using GridStat middleware. To ensure data availability, this methodology adds some new components to the architecture that require no changes to the original components: it follows a nonintrusive approach.
Antonini et al.  addressed security challenges to SCADA systems, and Baker et al.  presented a security oriented cloud platform for Service Oriented Architecture (SOA) based SCADA systems. The main idea of this proposal is to deliver an innovative solution to integrate cloud platforms into SOA based SCADA systems. It also focuses on the enhancement of security and integrity concerns for these systems. Smart Grid systems are used in the proposed approach through a real-world scenario. This paper directs readers’ attention toward building a secure cloud platform that supports the use of SOA based SCADA systems. Another threat stems from APTs, which are focused on networks. In this type of attack, an unauthorized person manages to enter a network and then tries to steal data from the system. The focus of this attack is not to cause damage but rather to stay undetected as long as possible, steal data and then leave, all the while keeping the attacker’s identity hidden. Bere and Muyingi  addressed these types of threats and claim that APTs use zero-day vulnerabilities to steal data from systems.
Security risks related to data logging are also a challenge in IoT-based SCADA systems because of the presence of the cloud . Compared to localized logging, keeping track of cloud-based system logs is difficult.
Use of third party cloud services in IoT-based SCADA systems takes ownership privileges from the SCADA systems organization and puts them under the control of the Cloud Service Provider (CSP) . Hence, we can say that these systems have lack of control.
There is a lack of authentication and encryption mechanisms for IoT-based SCADA systems. If these systems use weak communication protocols such as Modbus  while utilizing the cloud, an attacker can easily gain access to IP addresses, usernames, and other private credentials, as the result of weak authentication and encryption. Modern cyber security attacks have also taken over ICS, as described in , in which the vulnerabilities of SCADA systems are exploited more often because the International Electrotechnical Commission (IEC) 61850 standard itself lacks security. According to the authors , SCADA systems networks still face key management issues.
Web applications are frequently used in these systems. Based on the literature , , –                            , web applications have their own security needs that are currently not addressed by IoT-cloud based SCADA systems.
Ongoing research on SCADA systems is presented by Nicholson et al. , who emphasize that the threats and risks to SCADA systems are not completely addressed because of their integration with corporate networks, making them more vulnerable to cyberattacks. Identification of risk mitigation techniques is a positive contribution from . Research challenges faced by SCADA systems in risk assessment are outlined in  and .
Because classical IT systems differ from CPS such as SCADA systems, existing concepts of information security cannot be adopted. To defend against the privacy and security risks, the Industrial IoT requires a cyber security concept capable of addressing such risks at all possible levels of abstraction. Some solutions for protecting the embedded devices at the core of industrial IoT-based SCADA systems are shown in the Table 2.
The major difference between SCADA systems and Distributed Control Systems (DCSs) is that they differ in size: SCADA systems are restricted to large areas while DCSs are restricted to smaller areas. Originally, SCADA systems were developed as isolated systems, but that is no longer true due to the usage of commercial off the shelf solutions and widely expanded networked environments such as the IoT-based SCADA systems. There is a need to develop a more secure solution that considers the security requirements and constraints faced by these systems. Although some security improvement actions have been implemented since 2010 to protect these systems against major attacks, still, they remain vulnerable to intrusions, data modifications, denial of service attacks, threats from legitimate users, and many more security-related threats. IoT-based SCADA systems are vulnerable to network attacks as well. The differences between IoT-based SCADA system security in particular and IT systems security in general must be clearly understood because this understanding can help in developing more efficient and secure solutions that focus on IoT-based SCADA systems security.
SCADA systems in IoT-cloud environment are not like regular IT systems; we cannot assume that by simply using some strong password policies, updated antivirus protection, firewalls, or frequent patching will solve the problems (as they would for simpler IT systems). Therefore, countermeasures are required that directly address the security needs of SCADA systems in IoT-cloud environments. Recently, the Internet Engineering Task Force (IETF) has been working on a new draft that focuses on security considerations for Industrial IoT (IIoT) in IP-based environments. This draft standard also provides an overview on the present state of the art (as of 2013) and emphasizes that future connections are moving towards an all-IP solution. The current draft standard defines five security profiles: IoT devices for home use, IoT devices with no security requirements, IoT devices for industrial usage, IoT devices for managed home use, and IoT devices for advanced industrial usage. When considering the future for secure and flexible industrial IoT networks, this draft identifies that Datagram Transport Layer Security (DTLS) will form the basic building block for these systems. However, the draft argues that there is a need to introduce more interconnectivity among the multiple layers of security in the IoT and cloud based industrial systems.
Similarly, the methodology named “Prevention, Protection and REaction to CYber attackS to critical infrastructurEs” (PRECYSE) is a security methodology intended to improve by design the reliability, resilience and security of Information and Communication Technology (ICT) that supports CI’s such as CPS, SCADA, IIoT, and so on. PRECYSE is built on research standards already in existence and has a special focus on relevant security, policy, privacy, ethical and legal issues for CIs. The major goals of PRECYSE for CIs such as SCADA systems  are as follows:
Some basic principles can be considered for protecting Industrial IoT and IIoT-cloud based SCADA systems, as shown in Fig. 5. These principles have the objective of protecting vulnerable infrastructure by surrounding these systems with a combination of security tools based on currently available good practices. Following is a brief overview of few such good practices that helps in improving the security of IoT and cloud based SCADA systems, keeping in view the guidelines of NIST SP 800-53 , NIST SP 800-53, Revision 4 , NIST SP 800-82, Revision 2 , and other literature reviewed in the reference section.
An approach to segregate networks introduces security tools that surround each network and as a result effectively segregate and monitor network activities, preventing policy violations.
The computers involved in SCADA systems are performing critical tasks that often make the computer systems complex. Due to the increased frequency of attacks, there is a need to continuously monitor and analyze the activities these computer systems perform.
Activity logs are kept by nearly all computer software and devices including operating systems, network devices, applications and other intelligent programmable devices. These logs play a vital role in troubleshooting, compliance checking, forensic analysis and intrusion detections. Tracking via these logs can identify and help control many attacks. Such log analysis is typically supported by host-based IDS.
File integrity analysis is used to validate the integrity of some software and operating systems. The cryptographic checksum method is the most frequently used verification method. Harmful files (black lists) and allowed files (white lists) can be easily identified using checksum verification methods. Checksum methods are also supported by host-based IDS.
Malicious activities can sometimes be detected though network monitoring by performing network packet analysis. Malicious activities can also be detected based on behavioral or pattern analysis. For sophisticated malware, where the information is hidden inside covert channels, network analysis can detect only the number of network packets or the destination for that packet; hence, other techniques are required to detect malicious behaviors within covert channels.
Both known and unknown malicious activity present within the memory of an operating system can be detected by memory dump analysis. Using advanced technologies, a volatility framework can analyze multiple types of memory dumps. This type of analysis makes it easy to detect system libraries and hidden processes, which also helps in detecting the sophisticated attacks and intrusions.
Third-party software is used by IoT-cloud SCADA systems, and keeping this software continuously up to date is a challenge. Unknown errors in such software can trigger the possibility of arbitrary code execution by attackers. Monitoring the current security news and following the best approaches for updating and patching this critical infrastructure software is a requirement.
To a large extent, the design of a system determines its security level. Unknown errors in cloud systems are easily discovered by continuous monitoring and vulnerability testing. These tests can be applied to either the whole system or to particular system components, but should be performed at regular intervals because new threats are revealed through analysis over time.
To increase the security of these systems, proxy solutions are used to build a fine layer of protection around vulnerable or legacy solutions. Proxy solutions can perform filtering and inspections, implement access control, and limit the range of instructions sent to the network or to devices. When a supplier needs access to the critical network this protection can be removed for the subset of data required; for example, a Demilitarized Zone (DMZ) can be used as a trusted process.
In addition to all the practices mentioned above, it is a requirement to regularly use intrusion detection and prevention systems, antivirus software, and so on, and to keep these up to date, ensuring that attack patterns are kept current in the database to help in improving the security of these systems.
To secure CPSs in the future, more research needs to be performed. Because the concepts related to the future Internet such as IoTs and cloud computing, specifically, are at an early stage of deployment in industrial SCADA systems, more focus is required on preventing cyberattacks on industrial SCADA systems. A few research directions for securing IIoT-based CPSs  are briefly explained below and presented in Fig. 6.
There is a need to develop new methods capable of managing complex and large-scale systems because thousands of IoT devices will be active in such industrial settings, including smart industries, smart cities, and so forth.
The CPSs are responsible for controlling real-world infrastructures and, thus, have a real-world impact on them. Failure to secure these critical infrastructures can have devastating impacts. There is a need to answer questions such as: “To what extent will future CIs be vulnerable?” and “To what level can we ensure that they are trustworthy, resilient and reliable?”
CPSs such as IIoT, which are primarily based on supervising and controlling data acquisitions, need to collect and analyze the data in real time and make business decisions; these systems cannot afford delays. For such decision making, classical CPSs utilize local decision loops, but with the cloud and IoT, they are becoming more dependent on external services. Therefore, aspects of timely interaction need to be revisited.
The effectiveness of these systems depends on collaboration among the involved platforms that are responsible for delivering services in a service-based infrastructure. However, these complex collaborations possess multiple requirements from both the business and technical worlds that are based on specific application scenarios. To make the CPS ecosystem flourish, people need assurance that these complex collaborations can deliver services efficiently and effectively—but providing that assurance is not an easy task and needs more research.
To build complex services and behaviors for critical CPSs the underlying core API functionalities must be standardized. API consolidation can be applied as a short term solution until new solutions are developed that work through semantically driven interactions.
The large-scale impact of CPSs needs to be carefully assessed and investigated; however, this is a challenging task. It is expected that CPSs will replace the classical approaches gradually in the future. Therefore, new strategies are required to migrate these classical systems to CPS.
Cloud-based CPSs promise to provide more efficient and optimized usage of global resources. Therefore, sustainable strategies for managing the business and information structures are required—e.g., energy-driven management. There is a need to understand and implement new solutions with respect to a greater context such as applications that apply at smart citywide scales, cross-enterprise scales, etc. To effectively integrate such solutions in large-scale CPSs, new approaches and tools are needed.
Within complex environments, there is a need for new engineering and development tools that can help ease the complexity of service creation in CPS ecosystems.
The first step in the data lifecycle involves acquiring data from the cyber physical world; however, the second step is sharing these data and managing them because building sophisticated services is a challenge. This challenge becomes ever more complex now that the security and privacy of these data must also be ensured in cloud environments. The entire topic needs more research and new and innovative solutions.
Massive CPS infrastructures integrated with the cloud will acquire enormous amounts of data. The term for such data volumes is “Big Data”. It is possible to analyze big data in the cloud to deliver new insights on industrial processes, which can result in the ability to better identify optimized solutions and enterprise operations. Approaches based on data science and big data are expected to have a positive impact on the way in which CPS infrastructures are designed and operated.
The objective of this study was to highlight some important facts about industrial SCADA systems with an emphasis on threats, vulnerabilities, management and the current practices being followed. CPSs such as SCADA systems are widely used. The objective of IoT-based SCADA systems is to increase their flexibility, cost efficiency, optimization capability, availability and scalability of such systems. For this purpose, industrial SCADA systems utilize the benefits of IoT and cloud computing. However, these benefits are accompanied by numerous critical risks. Major security risks related to the industrial SCADA systems in the cloud may vary from one scenario to another. In such environments, the nature of data is such that it must be stored on server/s for backup or sharing purposes, and these server/s are mostly managed by a third party. This third party management means that these servers are likely to contain large numbers of clients and their confidential information. The result is that the privacy of data on these cloud servers cannot be guaranteed, as the data may or may not be shared with other clients. Therefore, such security breaches must be considered before integrating industrial SCADA systems with IoT-cloud environments. The purpose of this paper was to highlight the unique importance of critical industrial SCADA systems from the perspective of IoT and cloud computing. The efforts being made to secure these systems within the future Internet environment were described and discussed extensively. After performing this study, it can be concluded that several of the vulnerabilities described in this paper are particularly relevant to industrial IoT based SCADA systems, and it is extremely important to note that each specific IoT device is a separate entity and will typically possess an attack surface of its own. Therefore, there is a clear need to perform more research on securing these systems because attacks not only have the potential for devastating effects to both industrial machines and to individuals associated with them but also are expected to become even more critical in the future.
This work was supported by the National Plan of Science, Technology and Innovation, King Abdulaziz City for Science and Technology, Saudi Arabia, under Grant 12-INF2817-02.
Corresponding author: H. Abbas
Back to Top