Towards cyber-security protection of critical infrastructures by generating security policy for SCADA systems

SCADA (Supervisory Control and Data Acquisition) systems are required to deal with increasingly complex and critical situation. They must constantly evolve towards integrated decision making and policy driven by cyber security requirements. The current research stream in that domain aims, accordingly, to foster the smartness of the field equipment's and processes, which principally exist through the generic concept of SCADA components. Those components are governed by policies which depending on the components roles and the evolution of the crisis, also confer to the latter the latitude to react based on their own perception of the crisis evolution. These components latitude is calculated based on as the component smartness and is strongly determined by, and depending on, the cyber safety of the component environment. Actual work related to crisis management tends to consider that components evolve and are organized in systems but as far as we know, no systemic solution exists which integrates all of the above requirements. Therefore, we do believe that such an integrated solution could bring many advantages including the integration of cyber-security protection by means of security policy generation. Therefore, in the frame of the CockpitCI project, we have decided to frame an innovative version of ArchiMate for the SCADA component modeling purpose to enrich the SCADA component collaborations and, more particularly, the description of their behavior endorsed in the cyber-policy. Our work has been illustrated in the frame of a critical infrastructure in the field of petroleum supply chains which is a highly sensitive research topic.