Supervisory Command and Data Acquisition (SCADA) system cyber security analysis using a live, virtual, and constructive (LVC) testbed

Modern critical infrastructure systems are built on a hodgepodge of complex, interconnected information systems for control and management. For electric power, the critical infrastructure includes the physical systems; comprised of power generation, transmission and distribution capabilities. The control of the physical systems is accomplished via Supervisory Command and Data Acquisition (SCADA) systems. The SCADA systems employ both new and legacy systems along with many of the same information system devices as traditional business information systems. SCADA system networks, just as business information system networks, are connected to external networks, including the Internet. Thus, SCADA systems are vulnerable to the same classes of threats as other networked computer systems in addition to threats associated with their legacy systems. Many of these systems have been put in place for decades and often have an unknown security posture. Cyber security analysis of these systems remains a significant challenge. Traditional techniques such as red-teaming, vulnerability assessments, and penetration testing are often unsatisfactory and limited in scope because power utilities do not want to risk taking the systems off-line or degrading or damaging the expensive equipment. The consequence is that the effects of a cyber-attack on these SCADA systems are often unknown. In order to provide greater SCADA system security posture insight to utilities and administrators, security experts must perform security analysis. To overcome the problems with security analysis using either an exclusive hardware SCADA testbed or a simulation of a SCADA system, Sandia National Labs has developed a cyber-security analysis capability using physical hardware, extensive virtualization and emulated machines, and simulation to answer complex system questions about SCADA systems. In this paper we will discuss the methodology, several use-cases that were executed during the course of the study w- ich leverage the methodology, the types of cyber-attacks that can be assessed and the class of questions security professionals can now ask and answer about cyber-attacks against SCADA systems.