Public utilities, like water, gas and electricitity facilities, are often based on Supervisory Control and Data Acquisition (SCADA) networks. Increasingly often, such systems are connected to public computer networks. That makes them vulnerable to the same threats that we see on the public internet. Recently, the internet worm Stuxnet infected SCADA systems all over the world.
In view of the potentially very serious consequences of attacks, it is important to already in the design phase of SCADA systems make a tradeoff between countermeasures to such attacks, and the extent to which the system can 'survive' after a successful attack. This 'survivability' is defined as the probability that the SCADA system (or sometimes even the primary process that controls the system) will behave acceptably within a pre-specified time after a successful attack.
We use software tools to calculate such probabilities, based on models. This makes it possible to make cost/effect trade-offs for given scenarios. In particular the integration of these combined analyses with the design processes for SCADA systems has our attention; it enables an integrated analysis of system reliability and system safety.
For more information on assignments in this area, please contact Anne Remke, firstname.lastname@example.org.