SCADA (supervisory control and data acquisition)\nsystems are used for controlling and monitoring industrial\nprocesses.We propose a methodology to systematically\nidentify potential process-related threats in SCADA. Process-\nrelated threats take place when an attacker gains user\naccess rights and performs actions, which look legitimate,\nbut which are intended to disrupt the SCADA process. To\ndetect such threats, we propose a semi-automated approach\nof log processing. We conduct experiments on a real-life\nwater treatment facility. A preliminary case study suggests\nthat our approach is effective in detecting anomalous events\nthat might alter the regular process workflow.
Loading....