Security Issue of WirelessHART Based SCADA Systems

The security of Supervisory Control and Data Acquistition systems (SCADA) has become these last years, a major worldwide concern. Indeed, several incidents and cyber-attacks stressed the emergency to make more efforts to secure these systems which manage important economical infrastructures. The increasing use of wireless sensors also brings their security vulnerabilities. Therefore, several communication protocols were developed to meet real time and security requirements needed by this kind of systems. WirelessHART is the first approved international standard for industrial wireless devices. It implements several mechanisms to ensure hop-by-hop and end-to-end security. However, despite these mechanisms, it remains possible for an attacker to conduct an attack against such wireless networks. In this paper, we give the first description of a Sybil attack specially tailored to target WirelessHART based SCADA systems. This attack can lead to harmful consequences such as disturbing the infrastructure functioning, interrupting it or more again causing its destruction (overheating of a nuclear reactor).

[1]  David A. Wagner,et al.  Secure routing in wireless sensor networks: attacks and countermeasures , 2003, Ad Hoc Networks.

[2]  Michael R. Grimaila,et al.  Evaluation of security solutions in the SCADA environment , 2014, DATB.

[3]  S. Carlsen,et al.  WirelessHART Versus ISA100.11a: The Format War Hits the Factory Floor , 2011, IEEE Industrial Electronics Magazine.

[4]  Ulf Lindqvist,et al.  An intrusion detection system for wireless process control systems , 2008, 2008 5th IEEE International Conference on Mobile Ad Hoc and Sensor Systems.

[5]  Igor Nai Fovino,et al.  Modbus/DNP3 State-Based Intrusion Detection System , 2010, 2010 24th IEEE International Conference on Advanced Information Networking and Applications.

[6]  Cristina Alcaraz,et al.  A Security Analysis for Wireless Sensor Mesh Networks in Highly Critical Systems , 2010, IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews).

[7]  S. Shankar Sastry,et al.  Rethinking security properties, threat models, and the design space in sensor networks: A case study in SCADA systems , 2009, Ad Hoc Networks.

[8]  Karen A. Scarfone,et al.  Guide to Industrial Control Systems (ICS) Security , 2015 .

[9]  Song Han,et al.  Reliable and Real-Time Communication in Industrial Wireless Mesh Networks , 2011, 2011 17th IEEE Real-Time and Embedded Technology and Applications Symposium.

[10]  Jill Slay,et al.  Lessons Learned from the Maroochy Water Breach , 2007, Critical Infrastructure Protection.

[11]  Luigi Coppolino,et al.  An Intrusion Detection System for Critical Information Infrastructures using Wireless Sensor Network technologies , 2010, 2010 5th International Conference on Critical Infrastructure (CRIS).

[12]  Vinay M. Igure,et al.  Security issues in SCADA networks , 2006, Comput. Secur..

[13]  Karthik Pattabiraman,et al.  A Model-Based Intrusion Detection System for Smart Meters , 2014, 2014 IEEE 15th International Symposium on High-Assurance Systems Engineering.

[14]  Song Han,et al.  WirelessHART: Applying Wireless Technology in Real-Time Industrial Process Control , 2008, 2008 IEEE Real-Time and Embedded Technology and Applications Symposium.

[15]  Sujeet Shenoi,et al.  Attack taxonomies for the Modbus protocols , 2008, Int. J. Crit. Infrastructure Prot..

[16]  A. Perrig,et al.  The Sybil attack in sensor networks: analysis & defenses , 2004, Third International Symposium on Information Processing in Sensor Networks, 2004. IPSN 2004.

[17]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[18]  Thiemo Voigt,et al.  Security considerations for the WirelessHART protocol , 2009, 2009 IEEE Conference on Emerging Technologies & Factory Automation.

[19]  Anna N. Kim,et al.  When HART goes wireless: Understanding and implementing the WirelessHART standard , 2008, 2008 IEEE International Conference on Emerging Technologies and Factory Automation.