Design and Development of SCADA Firewall Security Features for Protecting Industrial Operations

This paper uses machine learning to identify malicious packets and dynamically update the firewall rules to filter malicious packets from reaching the programmable logic controllers (PLCs). Firstly, research is undertaken to understand SCADA network systems and to understand Modbus protocol. Subsequently, research is conducted on deep packet inspection, feature extraction from the training set of network packets and the appropriate model for the data to be trained. We use Pymodbus to generate malicious packets and to communicate with the server, which simulates the PLC devices we are trying to protect. Furthermore, Scapy library is used to log, read, sniff and analyze the payload of network packets. Subsequently, feature extraction and training of machine learning model with data will be carried out. Finally, the proposed scheme is implemented and tested.