SCADA Test Environment for Cybersecurity Analysis of Critical Infrastructure Systems

Compton, Peter (2021) SCADA Test Environment for Cybersecurity Analysis of Critical Infrastructure Systems. [USQ Project]

Text (Project)
COMPTON Peter dissertation_redacted.pdf

Download (7MB) | Preview


Critical infrastructure systems around the world are currently being controlled and monitored by out of date computer systems that are running on out of date operating systems, leaving them vulnerable to various malware attacks. The world we live in is becoming increasingly “connected” with the rise of technology, combining this with the fact that there are hundreds of thousands of new malicious programs discovered each day, it is imperative that we protect our most critical assets from cyber attack.

The primary purpose of this project was to highlight the potential risks that industrial control systems are exposed to through the design and development of a small scale control system. It was hoped that many of the issues that are present in industrial settings would be replicated within a lab environment, providing an insight into the dangers that exist in these systems and how they can be potentially mitigated.

Throughout history there have been numerous examples of critical systems being brought down due to malware. Some of these attacks include the infamous Stuxnet attack, Russian attacks on Ukraine’s Electricity Grid and more recently, attacks on a water treatment facility in Florida. However, with proper system design and testing, it is possible to mitigate the risk posed by malicious software and prevent malicious agents from impacting our critical assets.

There were a broad range of tasks required to accomplish the outcomes of this project. A functional description was prepared to describe the control system operation and outline the system equipment. Software, electrical and networking components were then designed and built which included an electrical control panel, PLC programming, SCADA system interface development, as well as the construction of a physical process that could be controlled. This system was then tested using standard penetration testing techniques utilising the Kali Linux operating system distribution to detect and analyse any security vulnerabilities within the system.

This project has successfully achieved it’s primary purpose. Through the research provided, many of the security flaws prevalent in industrial systems have been highlighted, showing the dangers present in these systems and the disastrous consequences that can occur as a result. Through highlighting these dangers, mitigation factors have also been identified that can help prevent the attacks from this project; from happening in the real world.

Statistics for USQ ePrint 51806
Statistics for this ePrint Item
Item Type: USQ Project
Item Status: Live Archive
Faculty/School / Institute/Centre: Historic - Faculty of Health, Engineering and Sciences - School of Mechanical and Electrical Engineering (1 Jul 2013 - 31 Dec 2021)
Supervisors: Low, Tobias
Qualification: Bachelor of Engineering (Computer Systems)
Date Deposited: 03 Jan 2023 00:22
Last Modified: 26 Jun 2023 01:03
Uncontrolled Keywords: IT infrastructure, malware, vulnerability, SCADA, cybersecurity, critical infrastructure, Linux, interface

Actions (login required)

View Item Archive Repository Staff Only