Analysis of SCADA Security Using Penetration Testing: A Case Study on Modbus TCP Protocol

This paper presents an insight into attacks on Supervisory Control and Data Acquisition (SCADA) systems specifically focusing on systems that use the Modbus TCP protocol. A penetration testing approach is adopted using a novel penetration testing tool to (i) test the effectiveness and efficiency of the tool, (ii) examine the insider threat as well as the external threat through internal and external penetration testing respectively and (iii) rate the vulnerabilities identified through the penetration tests according to the Common Vulnerability Scoring System. The study also examines and tests the existing security countermeasures that are unique to SCADA systems and outlines some recommendations that may improve security in SCADA systems. The experimental results show that some of the attacks may severely impact integrity and availability.

[1]  Taeshik Shon,et al.  Grammar-based adaptive fuzzing: Evaluation on SCADA modbus protocol , 2016, 2016 IEEE International Conference on Smart Grid Communications (SmartGridComm).

[2]  H. T. Mouftah,et al.  Latency-aware segmentation and trust system placement in smart grid SCADA networks , 2016, 2016 IEEE 21st International Workshop on Computer Aided Modelling and Design of Communication Links and Networks (CAMAD).

[3]  M.M. Ahmed,et al.  Supervisory Control and Data Acquisition System (SCADA) based customized Remote Terminal Unit (RTU) for distribution automation system , 2008, 2008 IEEE 2nd International Power and Energy Conference.

[4]  TU MarioHermann Design Principles for Industrie 4 . 0 Scenarios , 2015 .

[5]  Dale Peterson,et al.  Quickdraw: Generating Security Log Events for Legacy SCADA and Control System Devices , 2009, 2009 Cybersecurity Applications & Technology Conference for Homeland Security.

[6]  Dilip Patel,et al.  Autonomic computing meets SCADA security , 2017, 2017 IEEE 16th International Conference on Cognitive Informatics & Cognitive Computing (ICCI*CC).

[7]  Chet Sandberg,et al.  Cyber security primer for legacy process plant operation , 2017, 2017 Petroleum and Chemical Industry Technical Conference (PCIC).

[8]  Rajesh Kalluri,et al.  Simulation and impact analysis of denial-of-service attacks on power SCADA , 2016, 2016 National Power Systems Conference (NPSC).

[9]  Zia Saquib,et al.  A testbed for SCADA cyber security and intrusion detection , 2015, 2015 International Conference on Cyber Security of Smart Cities, Industrial Control System and Communications (SSIC).

[10]  Sujeet Shenoi,et al.  Attack taxonomies for the Modbus protocols , 2008, Int. J. Crit. Infrastructure Prot..