A Formal Authorization Framework for Networked SCADA Systems

In this paper, we propose an application of a formal authorization framework for defining and enforcing security policies in SCADA systems. Current generation of SCADA systems are built as open networked systems often connected to public networks. Thus the security becomes an important issue, which needs to be properly addressed in these systems. The knowledge gained from securing networked computer based systems may help to develop security measures for SCADA systems too. Among such methods, a policy based security methods are the most applied. The contribution of this paper consists of an overview of security issues related to SCADA systems and a proposal to use a logic-based authorization framework in this environment for achieving scalable and efficient authentication.