Recently, as a demand for connecting Supervisory Control and Data Acquisition (SCADA) systems to open networks increases, the study of SCADA system security becomes an issue. Many researchers have proposed key management schemes for SCADA systems. However, previous studies lack the proper considerations for availability. In this paper, the authors build up cryptographic security requirements for robust SCADA systems. In addition, they propose hybrid key management architecture for robust SCADA systems which supports replace protocol for availability and reduce the number of keys to be stored in a master terminal unit.