DocumentCode :
2283738
Title :
A retrofit network transaction data logger and intrusion detection system for transmission and distribution substations
Author :
Morris, Thomas ; Pavurapu, Kalyan
Author_Institution :
Electr. & Comput. Eng., Mississippi State Univ., Starkville, MS, USA
fYear :
2010
fDate :
Nov. 29 2010-Dec. 1 2010
Firstpage :
958
Lastpage :
963
Abstract :
SCADA systems are widely used in electricity generation, distribution, and transmission control systems. NERC CIP 002-009 requires bulk electric providers to secure critical cyber assets electronically and physically. Transmission and distribution substations contain cyber critical assets including remote terminal units (RTU), intelligent electronic devices (IED) such as relays, phasor measurement units (PMU) and phasor data concentrators (PDC). Substation critical cyber assets are isolated in electronic security perimeters using firewalls. In this paper a retrofit data logger solution for serial communication based MODBUS and DNP3 network appliances is offered. The retrofit data logger allows existing control systems to be updated to log network transactions in support of substation based network intrusion detection. Substation based intrusion detection supports a defense in depth approach to cyber security in which multiple overlapping layers of security are used to protect critical cyber assets. The data logger is an embedded bump-in-the-wire retrofit device which captures, time stamps, cryptographically signs, encrypts, and store network traffic. Network traffic is forwarded to the existing network. Additionally, the data logger architecture supports use of signature based and statistics based intrusion detection algorithms at the network appliance edge.
Keywords :
SCADA systems; data loggers; security of data; substations; SCADA; distribution substation; intrusion detection system; network traffic; phasor measurement unit; remote terminal unit; retrofit network transaction data logger; serial communication; substation; Data Logging; Intrusion Detection; Process Control System Cyber Security; SCADA Cyber Security;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Power and Energy (PECon), 2010 IEEE International Conference on
Conference_Location :
Kuala Lumpur
Print_ISBN :
978-1-4244-8947-3
Type :
conf
DOI :
10.1109/PECON.2010.5697717
Filename :
5697717
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2283738
بازگشت