A domain where we have found the threat modeling approach to IT security to be particularly suitable is within the critical infrastructure sector. This includes power distribution, power generation and related areas, as well as several production line and factory setups, where a SCADA solution is typically used.
If you are familiar with SCADA environments, this article will mainly be a repetition of what you already know. If so, you are welcome to skip down to the end where you can download the securiCAD SCADA model.
In essence, a SCADA solution is a set of systems for controlling distributed physical equipment. Operators control and monitor the physical processes via the centralized system which in turn is communicating with more local systems until the physical equipment is reached.
Apart from distributing commands from the staff, the central system is also involved in the delivery of measurements and status signals collected at the actual hardware in the field back to the operators and because of this, the SCADA abbreviation reads out to Supervisory Control and Data Acquisition.
Furthermore, a traditional “office-like” approach to IT security involving network- and vulnerability scanning, penetration testing and other active investigation methods, are prohibited due to the potential hazard of provoking irregular behavior and maybe overthrowing the whole solution. Therefore, the offline threat modeling approach using securiCAD is particularly suitable.
In order to create a basis for security analysis of critical and confidential solutions like these, the SEGRID research project was carried out resulting in a the the Load balancing of renewable energy: a cyber security analysis research paper being published in June of 2018. It involved both threat modeling experts from the Royal Institute of Technology in Sweden, as well as experts with thorough experience within the power distribution domain.
The SCADA Reference Architecture Example Model material will guide you through the SEGRID material to show how a SCADA system is typically represented in securiCAD.
Downloads and references
The detailed map of the environment outlined by the SEGRID project, where the above screen shots are coming from, is available for download here.
The securiCAD model coming from the SEGRID project is available for download here.
The complete description of the SEGRID use case is available at the project website.