Implementation of Secure Communication With Modbus and Transport Layer Security protocols

Industrial Control Systems (ICS) and Supervisory Control systems and Data Acquisition (SCADA) networks implement industrial communication protocols to enable their operations. Unfortunately, wide used protocols, such as Modbus and DNP3, lack basic security mechanisms that lead to multiple vulnerabilities. The exploitation of such flaws may greatly impact companies and the general population, especially for attacks targeting critical infrastructural assets such as power plants, water distribution, and railway transportation systems. Such problem gets worse in the context of photovoltaic Distributed Energy Resources (DER), where devices are commonly located in customers facilities, making difficult to enforce appropriate security policies. This paper addresses the security problems of the Modbus protocol, proposing a new secure version based on the Transport Layer Security protocol. Experimental results shows that the proposed solution achieves request/response times way below the 16.67 ms period of the power grid 60 Hz cycle, revealing a negligible impact in power grids applications.

[1]  Naixue Xiong,et al.  Real Time MODBUS Transmissions and Cryptography Security Designs and Enhancements of Protocol Sensitive Information , 2015, Symmetry.

[2]  Igor Nai Fovino,et al.  An experimental investigation of malware attacks on SCADA systems , 2009, Int. J. Crit. Infrastructure Prot..

[3]  Taskin Koçak,et al.  Smart Grid Technologies: Communication Technologies and Standards , 2011, IEEE Transactions on Industrial Informatics.

[4]  Randy L. Ekl,et al.  Security Technology for Smart Grid Networks , 2010, IEEE Transactions on Smart Grid.

[5]  Eric Rescorla,et al.  The Transport Layer Security (TLS) Protocol Version 1.2 , 2008, RFC.

[6]  Igor Nai Fovino,et al.  Design and Implementation of a Secure Modbus Protocol , 2009, Critical Infrastructure Protection.

[7]  Rolf Oppliger SSL and TLS: Theory and Practice , 2009 .

[8]  R. Greco The protocol , 2008, Nature.

[9]  Lixia Zhang,et al.  Stream Control Transmission Protocol , 2000, RFC.

[10]  Khalil El-Khatib,et al.  Securing modbus transactions using hash-based message authentication codes and stream transmission control protocol , 2013, 2013 Third International Conference on Communications and Information Technology (ICCIT).

[11]  E.J. Byres,et al.  Industrial cybersecurity for power system and SCADA networks , 2005, Record of Conference Papers Industry Applications Society 52nd Annual Petroleum and Chemical Industry Conference.

[12]  David A. McGrew,et al.  AES-CCM Cipher Suites for Transport Layer Security (TLS) , 2012, RFC.

[13]  Stuart Cheshire,et al.  Internet Assigned Numbers Authority (IANA) Procedures for the Management of the Service Name and Transport Protocol Port Number Registry , 2011, RFC.

[14]  Wesley M. Eddy,et al.  TCP SYN Flooding Attacks and Common Mitigations , 2007, RFC.

[15]  Sujeet Shenoi,et al.  Attack taxonomies for the Modbus protocols , 2008, Int. J. Crit. Infrastructure Prot..

[16]  Karen A. Scarfone,et al.  Guide to Industrial Control Systems (ICS) Security , 2015 .