Note: This content is accessible to all versions of every browser. However, this browser does not seem to support current Web standards, preventing the display of our site's design details.

  

Society is increasingly dependent on the proper functioning of the electric power system, which in turn supports most other critical infrastructures: water and sewage systems; telecommunications, internet and computing services; air traffic, railroads and other transportation. Many of these other infrastructures are able to operate without power for shorter periods of time, but larger power outages may be difficult and time consuming to restore. Such outages might thus lead to situations of fully non-functioning societies with devastating economical and humanitarian consequences.

SCADA Security
Fig. 1: Examples of important security areas in modern integrated SCADA systems

The operation and management of the electric power system depend on computerized industrial control systems and the corresponding telecommunication network. Keeping these systems secure and resilient to external attacks as well as to internal operational errors is thus vital for uninterrupted service. However, this is challenging since the control systems are extremely complex: they contain highly advanced functionality; they are heterogeneous and include several third party components; they are extensively networked, both internally and with external systems, and they depend on the human organization that manages and uses them. Yet, the systems are operating under stringent requirements on availability and performance: If control and supervision are not done in real-time, the power network may come to a collapse.
The vision of this project is to increase the understanding of vulnerabilities of integrated control systems and their impact on the electric power transmission and distribution system, as well as to devise solutions to eliminate or to mitigate these vulnerabilities. The overall goal is to make the information and control systems robust against attacks and operational errors. In order to attain this goal, VIKING has formulated four strategic objectives described below
  • Provide a holistic framework for identification and assessment of vulnerabilities for SCADA systems.
  • Provide a reference model of potential consequences of misbehaving control systems in the power transmission and distribution network that can be used as a base for evaluating control system design solutions.
  • Develop and demonstrate new technical security and robustness solutions able to meet the specific operational requirements that are posed on control systems for our target area.
  • Increase the awareness of the dependencies and vulnerabilities of cyber-physical systems in the power industry.

In this project, ETH aims to look at the theoretical issues mentioned above and adapts some of these concepts to the following objectives:

  • Threat and vulnerability identification
  • Cyber-physical models
  • Impact analysis of adverse events