Title :
Critical State-Based Filtering System for Securing SCADA Network Protocols
Author :
Fovino, Igor Nai ; Coletta, Alessio ; Carcano, Andrea ; Masera, Marcelo
Author_Institution :
Global Cyber Security Center, Rome, Italy
Abstract :
The security of System Control and Data Acquisition (SCADA) systems is one of the most pressing subjects in industrial systems, particularly for those installations actively using the public network in order to provide new features and services. In this paper, we present an innovative approach to the design of filtering systems based on the state analysis of the system being monitored. The aim is to detect attacks composed of a set of “SCADA” commands that, while licit when considered in isolation on a single-packet basis, can disrupt the correct behavior of the system when executed in particular operating states. The proposed firewall detects these complex attacks thanks to an internal representation of the controlled SCADA system. Furthermore, we detail the design of the architecture of the firewall for systems that use the ModBus and DNP3 protocols, and the implementation of a prototype, providing experimental comparative results that confirm the validity of the proposed approach.
Keywords :
SCADA systems; authorisation; computer network security; field buses; transport protocols; DNP3 protocol; ModBus protocol; SCADA network protocol security; critical state-based filtering system; firewall architecture design; industrial system; public network; single packet basis; state analysis; system control and data acquisition system; IP networks; Measurement; Monitoring; Power generation; Protocols; SCADA systems; Security; Critical state analysis; SCADA systems; cyber security; firewall;
Journal_Title :
Industrial Electronics, IEEE Transactions on
DOI :
10.1109/TIE.2011.2181132
