Seguretat en sistemes SCADA en aeroports
Tutor / directorLeón Abarca, Olga
Document typeBachelor thesis
Rights accessOpen Access
Airports are critical facilities mostly controlled by SCADA systems, which can be vulnerable to cyberattacks if not properly protected. In this document, we present an analysis of such systems from the security point of view, by analysing the potential attack points and providing a set of countermeasures. SCADA systems are used to control, monitor and interact with the facilities remotely by means of devices such as the MTU, which is the main computer that is responsible for monitoring and collecting information from the RTUs, the RTUs that control the substations and receive signals from the field devices, the communications network responsible for managing the information that is sent between the devices, and the field devices that allow the automation of the system. Communication between devices is guaranteed by means of several protcols such as OPC, BACnet, Profibus, Profinet, MQTT and Modbus protocols. In terms of vulnerabilities, there are three major areas: the control center, the communications network, and the technical processes where DoS attacks, simple integrity attacks, or stealth integrity attacks can take place. In order to detect attacks, we can follow different approaches focused either on information security, data or models. It is also desirable to follow cybersecurity standards in order to ensure the security of systems where the best known are the IEC6443, the NERC-CIP, or the NIST 800-2. On the other hand, Machine Learning algorithms might be a good ally in order to protect the system since it can allow us to create a model from a data-set and be able to classify network traffic as normal or malicious, and in the latter, take the appropiate action to protect the system. In this document we present some of these algorithms and provide simulation results of their application to a SCADA system.
DegreeGRAU EN ENGINYERIA DE SISTEMES AEROESPACIALS (Pla 2015)