Security-Oriented Cloud Platform for SOA-Based SCADA

Abstract

During the last 10 years, experts in critical infrastructure security have been increasingly directing their focus and attention to the security of control structures such as Supervisory Control and Data Acquisition (SCADA) systems in the light of the move toward Internet-connected architectures. However, this more open architecture has resulted in an increasing level of risk being faced by these systems, especially as they became offered as services and utilised via Service Oriented Architectures (SOA). For example, the SOA-based SCADA architecture proposed by the AESOP project concentrated on facilitating the integration of SCADA systems with distributed services on the application layer of a cloud network. However, whilst each service specified various security goals, such as authorisation and authentication, the current AESOP model does not attempt to encompass all the necessary security requirements and features of the integrated services. This paper presents a concept for an innovative integrated cloud platform to reinforce the integrity and security of SOA-based SCADA systems that will apply in the context of Critical Infrastructures to identify the core requirements, components and features of these types of system. The paper uses the SmartGrid to highlight the applicability and importance of the proposed platform in a real world scenario.