Cyber security for a supervisory control and data acquisition (SCADA) and energy management systems (EMS) in national load dispatch center of Vietnam |b:threats, vulnerabilities, and solutions | |
| Author | Pham Manh Ha |
| Call Number | AIT Thesis no.ICT-20-01 |
| Subject(s) | Computer security Computer networks--Security measures |
| Note | A thesis submitted in partial fulfillment of the requirements for the degree of Master of Engineering in Information and Communication Technology, School of Engineering and Technology |
| Publisher | Asian Institute of Technology |
| Series Statement | Thesis ; no. ICT-20-01 |
| Abstract | In recent years, the Vietnamese government has encouraged more investors to participate in renewable energy such as solar energy or wind energy to satisfy the economy’s demands. These plants use Smart meters or Inverters (IoT devices) to connect the Internet environment to monitor and control remotely through Cloud technology, so this could lead to increasing the cyber-attacks in electricity sectors. In addition, the trend of using IEC 60870-5-104 protocol and the demand for connection between the OT network and IT network could lead to various risks to the SCADA/EMS systems. National Load Dispatch Center, Vietnam Electricity (NLDC) is the owned subsidiary of EVN, a state-owned utility and the largest power company in Vietnam. NLDC is responsible for performing load dispatching, power market trading and other electricity activities throughout Vietnam. NLDC use Supervisory Control and Data Acquisition (SCADA) system and Energy Management Systems (EMS) to monitor, control and optimize power generation, transport, and delivery to a population of more than 90 million people. This thesis studies the variety of hacking techniques, threats, vulnerabilities, risks, and solutions related to cybersecurity in the ICS/SCADA system. Risk assessment, risk response and risk monitoring are three key steps to increase cybersecurity. This study uses the CSET Tool which is recommended by The Department of Homeland Security to assess the overall compliance of NLDC with NERC CIP standard and identify the vulnerabilities to support risk assessment. This study performs risk assessment based on the guidance of NIST 800-30. In the risk response and risk monitoring step, this study customized rules of Security Onion software based on the guidance of snort.org and SAN institute to mitigate threats, vulnerabilities, and risks at NLDC. In conclusion, this study helps NLDC recognize threat events and vulnerabilities and proposed an all-in-one solution to mitigate these threats with high risk value effectively. |
| Year | 2020 |
| Corresponding Series Added Entry | Asian Institute of Technology. Thesis ; no. ICT-20-01 |
| Type | Thesis |
| School | School of Engineering and Technology (SET) |
| Department | Department of Information and Communications Technologies (DICT) |
| Academic Program/FoS | Information and Communication Technology (ICT) |
| Chairperson(s) | Teerapat Sanguankotchakorn; |
| Examination Committee(s) | Vatcharaporn Esichaikul;Teerawat Issariyakul; |
| Scholarship Donor(s) | Vietnam Electricity (EVN);Asian Institute of Technology Fellowship; |
| Degree | Thesis (M. Eng.) - Asian Institute of Technology, 2020 |