An approach to vulnerability assessment for Navy Supervisory Control and Data Acquisition (SCADA) system
Irvine, Cynthia E.
MetadataShow full item record
The unfortunate events of September 11, 2001 have caused a renewed effort to protect our Nation's Critical Infrastructures. SCADA systems are relied upon in a large number of the sectors that make up the critical infrastructure and their importance was reinforced during the massive power outage that occurred in August 2003. Growing reliance upon the Internet has emphasized the vulnerability of SCADA system communications to cyber attack. Only through diligent and continuous vulnerability assessment and certification and accreditation of these systems will the United States be able to mitigate some of the vulnerabilities of these systems. A case study presented here has validated the need for continued focus in this area. This thesis consolidates some of the research that has already been done in the area of SCADA vulnerability assessment and applies it by developing an initial vulnerability assessment checklist for Department of the Navy systems. This checklist can and should also be used in the certification and accreditation of DoN SCADA systems. A promising technology was also discovered during this research that should be explored further to secure SCADA communications. This will be touched on briefly.
RightsThis publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. As such, it is in the public domain, and under the provisions of Title 17, United States Code, Section 105, is not copyrighted in the U.S.
Showing items related by title, author, creator and subject.
Stauffer, Natalie (Monterey, California. Naval Postgraduate School, 2003-06);The certification process can be defined as a comprehensive evaluation of all security features, both technical and nontechnical, of an information system. This process ensures that the system design and implementation ...
Batson, Louis T., V; Wimmer, Donald R., Jr. (Monterey, California: Naval Postgraduate School, 2015-06);Information systems designed and developed without considering security and potential threats create avoidable risks to the United States and the Department of Defense (DOD). Unmanned Tactical Autonomous Control and ...
Rasmussen, Craig W.; Irvine, Cynthia E.; Dinolt, George W.; Levin, Timothy E. (DARPA DISCEX Conference, April 2003, 2003-04-00);Large complex systems need to be analyzed prior to operation so that those depending upon them for the protection of their information have a well defined understanding of the measures that have been taken to achieve ...