Autonomic Critical Infrastructure Protection (ACIP) system

The dependency of critical infrastructures on the Supervisory Control And Data Acquisition (SCADA) systems has increased rapidly in the last few years to perform remote monitoring and control services for a wide range of utilities such as power distribution, gas production, and waste water treatment. The trend toward operating the grid over IP networks using open standard protocols, and the growing number of attacks targeting critical infrastructure made the security of SCADA systems an important research issue. Most of the currently used SCADA communication protocols have no encryption, authentication, or authorization, which makes them vulnerable and easy target for cyber-attacks. This paper presents an Autonomic Critical Infrastructure Protection (ACIP) system that is based on anomaly-based intrusion detection and autonomic computing to secure the control functions and management tasks of critical infrastructure control systems with a little or no involvement from the users or administrators. We will show how we applied ACIP to the widely used Modbus communication protocol to securely transfer commands and data between RTUs and industrial control systems in smart grids.