-
Otavio Augusto Maciel Camargo
Escola de Aperfeiçoamento de Oficiais, Rio de Janeiro, RJ
-
Elson Costa Gomes
Fundação Parque Tecnológico Itaipu – Brasil, Foz do Iguaçu, PR
-
Antônio Nascimento Filho
Instituto Militar de Engenharia, Rio de Janeiro, RJ
-
Anderson Fernandes Pereira dos Santos
Instituto Militar de Engenharia, Rio de Janeiro, RJ
-
Antonio Eduardo Carrilho da Cunha
Instituto Militar de Engenharia, Rio de Janeiro, RJ
-
Paulo César Pellanda
Instituto Militar de Engenharia, Rio de Janeiro, RJ
Keywords:
Cyber attacks, Real-time simulations, ICS, SCADA, Cyber-physical systems
Abstract
Industrial Control Systems (ICS) are responsible for controlling critical infrastructures that often are targets of cyber attacks motivated by political, military, or financial interests. Supervisory Control and Data Acquisition (SCADA) systems are among the main components of ICS, are highly interconnected systems, and employ solutions common to conventional computer systems. Malware is among the top cyber threats to these systems. However, testing the cyber resilience of a real ICS requires testbeds and simulations to verify the harmful behavior of these threats without putting the original system at risk. This paper presents the results of an experiment that analyzed the impact of attacks with real malware on a SCADA system connected to a real-time simulated electrical system model in a hardware-in-the-loop testbed. The results show that even generic malware can impact the Modbus/TCP communication, causing interruptions and delays that can harm the SCADA system operation. This effect may affect the electrical system controls and protection actions, which require low latency reactions.