A Study on Vulnerabilities and Threats to SCADA Devices


  • Dawn Silverman Norfolk State University
  • Yen-Hung (Frank) Hu Norfolk State University
  • Mary Ann Hoppa Norfolk State University


Industrial Control System, SCADA


SCADA devices have increasingly become targets of malicious actors, alerting industries, governments and even private citizens to the need for more effective security measures, particularly for critical infrastructure and industrial control systems. To address concerns on this issue, a thorough survey and investigation was conducted on cyber-attacks targeting SCADA systems to propose solutions and recommendations for mitigating such attacks. This research first studied some historical perspectives on SCADA and associated risks, including examples of typical attacks. After summarizing known SCADA vulnerabilities and some attempts to harden these systems, a deeper-dive was taken on a breach of the Schneider Triconex Tricon 3008 safety system as an instructive use case. Some general recommendations were made for methodically securing SCADA networks. The long-term objective of this research is to better secure the future of SCADA and, by implication, the critical infrastructures that depend on this technology, through more focused cybersecurity vulnerability assessment and mitigation.