• DocumentCode
    3121007
  • Title

    Modbus/DNP3 state-based filtering system

  • Author

    Carcano, Andrea ; Fovino, Igor Nai ; Masera, Marcelo

  • Author_Institution
    Univ. of Insubria, Insubria, Italy
  • fYear
    2010
  • fDate
    4-7 July 2010
  • Firstpage
    231
  • Lastpage
    236
  • Abstract
    The security of SCADA systems is one of the most pressing subjects in industrial systems, especially for those installation actively using the public network in order to provide new features and services. In this paper we present an innovative approach to the design of Filtering Systems based on the state analysis of the system being monitored. The aim is to detect attacks composed of a set of “SCADA” commands that, while licit when considered in isolation on a single-packet basis, can disrupt the correct behavior of the system when executed in particular operating states. The proposed firewall detects these complex attacks thanks to an internal representation of the controlled SCADA system. Furthermore, we detail the design of the architecture of the IDS for systems using the ModBus and DNP3 protocols, and the implementation of a prototype, providing experimental comparative results that confirm the validity of the proposed approach.
  • Keywords
    SCADA systems; protocols; security of data; telecommunication security; DNP3 protocols; DNP3 state-based filtering system; Modbus; SCADA systems; industrial systems; public network; single packet basis; state analysis; Coils; Fires; IP networks; Power generation; Protocols; SCADA systems; Security;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Industrial Electronics (ISIE), 2010 IEEE International Symposium on
  • Conference_Location
    Bari
  • Print_ISBN
    978-1-4244-6390-9
  • Type

    conf

  • DOI
    10.1109/ISIE.2010.5637577
  • Filename
    5637577
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3121007