Title :
Collaborative, Trust-Based Security Mechanisms for a Regional Utility Intranet
Author :
Coates, Gregory M. ; Hopkinson, Kenneth M. ; Graham, Scott R. ; Kurkowski, Stuart H.
Author_Institution :
Dept. of Electr. & Comput. Eng., Air Force Inst. of Technol., Wright-Patterson AFB, OH
Abstract :
This paper investigates network policies and mechanisms to enhance security in SCADA networks using a mix of TCP and UDP transport protocols over IP. It recommends creating a trust system that can be added in strategic locations to protect existing legacy architectures and to accommodate a transition to IP through the introduction of equipment based on modern standards such as IEC 61850. The trust system is based on a best-of-breed application of standard information technology (IT) network security mechanisms and IP protocols. The trust system provides seamless, automated command and control for the suppression of network attacks and other suspicious events. It also supplies access control, format validation, event analysis, alerting, blocking, and event logging at any network-level and can do so on behalf of any system that does not have the resources to perform these functions itself. Latency calculations are used to estimate limits of applicability within a company and between geographically separated company and area control centers, scalable to hierarchical regional implementations.
Keywords :
IEC standards; SCADA systems; authorisation; command and control systems; control engineering computing; groupware; intranets; transport protocols; IEC 61850; IP protocols; SCADA networks; TCP transport protocols; UDP transport protocols; automated command and control; collaborative mechanisms; legacy architectures; regional utility intranet; trust-based security mechanisms; Computer network security; computer networks; power system security; supervisory control and data acquisition (SCADA) systems;
Journal_Title :
Power Systems, IEEE Transactions on
DOI :
10.1109/TPWRS.2008.926456
