PROPOSAL OF POLLED-CSMA PROTOCOL FOR AN AD HOC SCADA SYSTEM

Yuxiang, Yang, Xiaoyu, Dang, Tingxian, Zhou

10 1900

International Telemetering Conference Proceedings / October 23-26, 2000 / Town & Country Hotel and Conference Center, San Diego, California / In this paper we introduce an ad hoc distributed supervisory control and data acquisition (SCADA) system, which covers two types of traffic, a small number of slave stations with stream traffic and much larger number of slave stations with burst traffic. To improve the system’s real-time transmission and channel allocation efficiency, a MAC scheme, named Polled-CSMA, is designed by integrating the merits of polling and CSMA protocols. Extensive analysis shows that this MAC protocol meets the system’s QOS requirements.

MAC

QOS

CSMA

SCADA

Automationsfabriken

Olsson, Anders

January 2012

Möjligheternas värld är en utställning som ska presenteras på olika mässor. Hjärtat i utställningen är automationsfabriken som är en automatiserad anläggning som ska tillverka leksaksbilar. Automationsfabriken ska invigas på mässan Scanautomatic och ProcessTeknikden 9-11 oktober 2012. Då möjligheternas värld är ett samarbete mellan näringsliv och skola bidrar företag och skolor med hjälp och samarbetar för att projektet ska bli lyckat. Prevas del i projektet är att ta fram ett styrsystem i form av ett MES och SCADA system till fabriken samtatt göra hemsidan där bilar kan beställas och integrera den med styrsystemet. Målet med examensarbetet är att utveckla styrsystemet och ta fram ett HMI genom att använda programvaror från Wonderware. Slutprodukten är i form av kod och objekt, och den funktionalitet de skapar tillsammans. Styrsystemet ska kunna kopplas upp mot fabriken och styra produktionen, förutsatt att övriga delar i projektet levererar det de ska. Arbetet började med att studera fabriken och etablera ett gränssnitt mellan styrsystemet ochPLCn som styr produktionsutrustningen, samt att ta fram ett grundläggande HMI. Sedan har ett simuleringsläge tagits fram med utgångspunk från gränssnittet för att simulera produktionsmiljön. Utifrån den här simuleringsmiljön och ett HMI har sedan funktioner tagits fram en i taget och testats, för att tillsammans senare utgöra den helhet som är styrsystemet. Här finns funktioner som beslutsprocesser för skapandet av nya produktions- och leveransordrar, hämtning av kundordrar, styrning av pick´n place enheten, informationshantering av innehållet i bufferten, samt registrering av alla ordrar och operationer i ett manufacturing execution system (MES). Styrsystemet har slutsligen kopplats samman med databasen där nya kundordrar registreras och genom att använda simuleringsmiljön och det HMI som utvecklats för fabriken har styrsystemet testats med goda resultat där styrsystemet klarar av att hantera hela produktionen från orderingång till leverans. / Möjligheternas värld is an exhibition that will be presented at various fairs. The heart of the exhibition is Automationsfabriken which is an automated facility that will manufacture toy cars. Automationsfabriken will be introduced at the fair Scanautomatic & ProcessTeknik, which takes place 9-11 October 2012. As Möjligheternas värld is a collaboration between industry and school, both businesses and schools are included in the project and work towards the success of the project. Prevas part of the project is to develop a control system in the form of a MES and SCADA system for the factory, to create the website where cars can be ordered, and to integrate the website with the control system. The goal of my thesis job is to develop the control system and to create an HMI using software from Wonderware. The final product is in the form of code and objects, and the functionality they create together. The control system should be able to connect to the factory and manage the production, provided that the other parts of the project are delivered according to the plan. The work began with a study of the factory, and to establish an interface between the control system and the PLC that controls the production equipment, as well as developing a basic HMI. After this was done a simulation environment was developed from the established interface in order to simulate the production environment. Based on this simulation environment and the HMI, functions has been developed one by one and tested in order to later become the whole which is the control system. It features functions such as decision-making for the creation of new production- and delivery orders, retrieval of customer orders, control of the pick´n placeunit, information handling of the content of the buffer, as well as registration of all orders and operations in the manufacturing execution system (MES). Finally the control system was connected to the database containing new customer order, and by using the simulation environment and the developed HMI for the factory the control system could be tested in order to confirm that the control system could handle the entire production from the intake of customer orders to delivery.

MES

SCADA

HMI

A Virtual Hydroelectric Power System for Distributable Industrial Control System Security Research

Mudd, David Brian

15 August 2014

Cyber security for industrial control systems (ICS) has been a rapidly growing area of interest and research for the last several years. The lack of an easily distributable platform on which ICS components can be built for use in security testing and result comparison among researchers presents a major issue. This thesis details the use of a virtual testbed environment to build a representative virtual hydroelectric power system (VHPS). The VHPS generates realistic Modbus/TCP network traffic between two separate ICS devices, a Master and a Slave, located on separate VMs. For security testing purposes, a method of session hijacking has been implemented as well as a Function Code Scan attack and a Setpoint Manipulation attack. The virtual environment, the VHPS, and the attacks have been packaged into an LXDE-based Fedora Spin VM for easy distribution.

cyber security

SCADA

Cryptographic Integrity For Scada Communications

Govind, Sandeep

10 December 2010

Supervisory Control and Data Acquisition (SCADA) systems are responsible for automatic control of several critical infrastructures like power grids. An important requirement of SCADA systems is to provide cryptographic protection of its communications. Many key management schemes have been proposed to provide cryptographic protection. But cryptographic modules are seen as more appropriate solution as it provides cryptographic protection of keys. Recently I has proposed a draft standard SCADA cryptographic module(SCM) which provides direct link security. The goal of this research is joint design of a comprehensive key distribution scheme for SCADA systems, and the architecture of simple SCM to support key distribution and mutual authentication of messages exchanged between any two SCADA entities. Furthermore, unlike the I module, our SCM will be transparent to the type of SCADA communication protocol employed, and will not be restricted to the Bump in the Wire (BITW) mode of operation.

SCADA cryptographic integrity

Integrated anaesthesia software : data acquisition, controlled infusion schemes and intelligent alarms

Bressan, Nadja Mench

January 2011

Tese de doutoramento. Engenharia Biomédica. Universidade do Porto. Faculdade de Engenharia. 2011

Anestesia

SCADA

Infusão Alvo Controlada

A physical overlay framework for insider threat mitigation of power system devices

Formby, David

12 January 2015

Nearly every aspect of modern life today, from businesses, transportation, and healthcare, depends on the power grid operating safely and reliably. While the recent push for a “Smart Grid” has shown promise for increased efficiency, security has often been an afterthought, leaving this critical infrastructure vulnerable to a variety of cyber attacks. For instance, devices crucial to the safe operation of the power grid are left in remote substations with their configuration interfaces completely open, providing a vector for outsiders as well as insiders to launch an attack. This paper develops the framework for an overlay network of gateway devices that provide authenticated access control and security monitoring for these vulnerable interfaces. We develop a working prototype of such a device and simulate the performance of deployment throughout a substation. Our results suggest that such a system can be deployed with negligible impact on normal operations, while providing important security mechanisms. By doing so, we demonstrate that our proposal is a practical and efficient solution for retro-fitting security onto crucial power system devices.

SCADA security

Power grid security

A Virtualized Scada Laboratory for Research and Teaching

Thornton, Joseph Zachary

09 May 2015

This thesis describes a virtual Supervisory Control and Data Acquisition (SCADA) laboratory. This virtual laboratory was built using virtual devices that simulate industrial processes, emulate control system ladder logic functionality, and utilize control system communication protocols. Human machine interfaces (HMIs) were developed for distribution and testing, and commercially available HMIs were implemented. In addition to virtual devices and HMIs, attacks were implemented against this virtual system. Uses for this laboratory include both SCADA security research and pedagogy. The laboratory serves research purposes, as it utilizes industry standard SCADA communication protocols as well as commercial HMIs, and is capable of interfacing with physical SCADA equipment, and is also capable of producing volumes of industrial control system traffic. It also serves pedagogical purposes as several laboratory exercises were developed in conjunction with the simulators to demonstrate the workings of cyber-physical security in a classroom environment.

SCADA

Cyber-Security

Virtual

Laboratory

A retrofit network transaction data logger for SCADA control systems

Pavurapu, Kalyan

07 August 2010

SCADA (Supervisory Control and Data Acquisition) control systems are widely used to control critical processes in various economically and safety critical commercial industries. SCADA control systems are often vulnerable to attacks due to previous industry reliance on security by obscurity to protect control systems. There is a need for an architecture which can log the communications traffic in the SCADA networks. In this work a forensic network traffic data logger retrofit solution for MODBUS and DNP3 network appliances is presented. The data logger uses a bump-in-wire configuration to capture the network transactions, timestamp, cryptographically sign, encrypt and store the network transactions. The data logger is developed to run on embedded and virtual machine platforms. Thus, a retrofit forensic network traffic data logger logs the network traffic in a SCADA control system efficiently without affecting the normal functionality of the control system and the logger data supports post incident forensics analysis.

scada

data logger

control systems

Secure Reprogramming of a Network Connected Device : Securing programmable logic controllers

Tesfaye, Mussie

January 2012

This is a master’s thesis project entitled “Secure reprogramming of network connected devices”. The thesis begins by providing some background information to enable the reader to understand the current vulnerabilities of network-connected devices, specifically with regard to cyber security and data integrity. Today supervisory control and data acquisition systems utilizing network connected programmable logic controllers are widely used in many industries and critical infrastructures. These network-attached devices have been under increasing attack for some time by malicious attackers (including in some cases possibly government supported efforts). This thesis evaluates currently available solutions to mitigate these attacks. Based upon this evaluation a new solution based on the Trusted Computing Group (TCG’s) Trusted Platform Modules (TPM) specification is proposed. This solution utilizes a lightweight version of TPM and TCG’s Reliable Computing Machine (RCM) to achieve the desired security. The security of the proposed solution is evaluated both theoretically and using a prototype. This evaluation shows that the proposed solution helps to a great extent to mitigate the previously observed vulnerabilities when reprogramming network connected devices. The main result of this thesis project is a secure way of reprogramming these network attached devices so that only a valid user can successfully reprogram the device and no one else can reprogram the device (either to return it to an earlier state, perhaps with a known attack vector, or even worse prevent a valid user from programming the device). / Avhandlingen börjar med att ge lite bakgrundsinformation för att läsaren att förstå de nuvarande sårbarheten i nätverksanslutna enheter, särskilt när det gäller IT-säkerhet och dataintegritet. Idag övervakande kontroll och datainsamlingssystem använder nätverksanslutna programmerbara styrsystem används allmänt i många branscher och kritisk infrastruktur. Dessa nätverk anslutna enheter har under ökande attacker under en tid av illvilliga angripare (inklusive i vissa fall eventuellt regeringen stöds insatser). Denna avhandling utvärderar för närvarande tillgängliga lösningar för att minska dessa attacker. Baserat på denna utvärdering en ny lösning baserad på Trusted Computing Group (TCG) Trusted Platform Modules (TPM) specifikation föreslås. Denna lösning använder en lätt version av TPM och TCG:s pålitliga dator (RCM) för att uppnå önskad säkerhet. Säkerheten i den föreslagna lösningen utvärderas både teoretiskt och med hjälp av en prototyp. Utvärderingen visar att den föreslagna lösningen bidrar i stor utsträckning för att minska de tidigare observerade sårbarheter när omprogrammering nätverksanslutna enheter.  Huvudresultatet av denna avhandling projektet är ett säkert sätt omprogrammering dessa nätverksanslutna enheter så att endast ett giltigt användarnamn framgångsrikt kan omprogrammera enheten och ingen annan kan programmera enheten (antingen att återställa den till ett tidigare tillstånd, kanske med en känd attack vector, eller ännu värre förhindra en giltig användare från programmering av enheten).

SCADA

PLC

SCADA security

SCADA networks

PLC security

Trusted computing

TCM

TPM

Embedded security

Digital security

SCADA

PLC

SCADA säkerhet

SCADA-nätverk

PLC säkerhet

pålitlig datoranvändning

TCM

TPM

inbäddad säkerhetlösningar

datasäkerhet

Communication Systems

Kommunikationssystem

Online intrusion detection design and implementation for SCADA networks

Wang, Hongrui

25 April 2017

The standardization and interconnection of supervisory control and data acquisition (SCADA) systems has exposed the systems to cyber attacks. To improve the security of the SCADA systems, intrusion detection system (IDS) design is an effective method. However, traditional IDS design in the industrial networks mainly exploits the prede fined rules, which needs to be complemented and developed to adapt to the big data scenario. Therefore, this thesis aims to design an anomaly-based novel hierarchical online intrusion detection system (HOIDS) for SCADA networks based on machine learning algorithms theoretically and implement the theoretical idea of the anomaly-based intrusion detection on a testbed. The theoretical design of HOIDS by utilizing the server-client topology while keeping clients distributed for global protection, high detection rate is achieved with minimum network impact. We implement accurate models of normal-abnormal binary detection and multi-attack identification based on logistic regression and quasi-Newton optimization algorithm using the Broyden-Fletcher-Goldfarb-Shanno approach. The detection system is capable of accelerating detection by information gain based feature selection or principle component analysis based dimension reduction. By evaluating our system using the KDD99 dataset and the industrial control system datasets, we demonstrate that our design is highly scalable, e fficient and cost effective for securing SCADA infrastructures. Besides the theoretical IDS design, a testbed is modi ed and implemented for SCADA network security research. It simulates the working environment of SCADA systems with the functions of data collection and analysis for intrusion detection. The testbed is implemented to be more flexible and extensible compared to the existing related work on the testbeds. In the testbed, Bro network analyzer is introduced to support the research of anomaly-based intrusion detection. The procedures of both signature-based intrusion detection and anomaly-based intrusion detection using Bro analyzer are also presented. Besides, a generic Linux-based host is used as the container of different network functions and a human machine interface (HMI) together with the supervising network is set up to simulate the control center. The testbed does not implement a large number of traffic generation methods, but still provides useful examples of generating normal and abnormal traffic. Besides, the testbed can be modi ed or expanded in the future work about SCADA network security. / Graduate

Intrusion detection

SCADA networks

Machine learning