Abstract
The ability to detect cyberattacks in industrial installations depends heavily on in-advance learning about potential threats and vulnerabilities, which is best done through extensive modeling. Three general types of modeling approaches exist, which are based on three pillars of science: theory, experiments, and simulation. The paper reviews the author’s take to integrate all three views.
Using the theoretical approach, the author with coworkers previously applied the Non-Functional Requirements (NFR) method to security analysis of SCADA installations. The objective of the current work is to complement and enhance it with the use of simulation and practical experiments. With respect to simulation, building models with the Monterey Phoenix tool has been applied to an IEEE standard related to SCADA security. Experimental approaches to cybersecurity rely on applying penetration testing, with tools such as Nmap or Shodan that can be useful in studying security vulnerabilities. Here, we advocate a comprehensive approach, where software tools, such as those mentioned above, could complement theoretical analysis. Work is reported on building an NFR model for SCADA security for the laboratory example with three kinds of devices (valves, flowmeters and sensors), in terms of architectural properties of the SCADA system. A practical NFR model with the use of both Monterey Phoenix tool and respective penetration experiments has been developed.