Secure internet-based communication protocol for scada networks

Supervisory control and data acquisition (SCADA) networks are used to control and monitor field devices from a central station by the companies that form the critical national infrastructure of many countries. SCADA networks are also popular within process control industries for monitoring and control. A terrorist attack on a SCADA network could cause extreme destructive consequences to public health and safety. This research offers a new set of DNP3-based protocols that are inherently secure and provide end-to-end security to SCADA-communications: These protocols use cryptographic security models not previously evaluated for SCADA applications. Additionally, various alternative methods of securing SCADA communication are proposed and evaluated in this research including using SSL/TLS, IPsec, and object security. This research also proposes an innovative method of correctness proof for SCADA cryptographical protocol models and then uses formal logical verification methods to confirm the soundness of the new security models. The use of the Internet can facilitate the remote monitoring of the SCADA systems but the sharp increase in actual and potential threats against SCADA has made it dangerous to use unsecured communication protocols. An innovative architecture is presented in this research to securely monitor and control SCADA-controlled devices remotely using the Internet. The new Internet-based secure network was implemented and tested to monitor and control a simple chemical process at the University of Louisville Intelligent Systems Laboratory and Process Control Laboratory. An experimental analysis of the communication times indicates acceptable performance for process monitoring and supervisory control activities in most applications where SCADA systems would be applicable.

[1]  Sandip C. Patel,et al.  Security Enhancements for Distributed Control Systems , 2007, Critical Infrastructure Protection.

[2]  Sandip C. Patel,et al.  Analysis of SCADA Security Models , 2007 .

[3]  Suneel Maheshwari,et al.  INFORMATION SYSTEM AND PERFORMANCE MEASUREMENT LIFE CYCLE , 2000 .

[4]  Sandip C. Patel,et al.  Improvements in SCADA and DCS Systems Security , 2007, CATA.

[5]  Sandip C. Patel,et al.  CASE STUDY: TEACHING AN ELECTRONIC COURSE , 2002 .

[6]  Sandip C. Patel,et al.  Quantitatively assessing the vulnerability of critical information systems: A new method for evaluating security enhancements , 2008, Int. J. Inf. Manag..

[7]  Ujjwal Bhattacharya,et al.  Color Texture Analysis of Rice Leaves Diagnosing Deficiency in the Balance of Mineral Levels towards Improvement of Crop Productivity , 2007 .

[8]  Pritimoy Sanyal,et al.  Pattern recognition method to detect two diseases in rice plants , 2008 .

[9]  Sandip C. Patel,et al.  Securing SCADA systems , 2008, Inf. Manag. Comput. Secur..

[10]  Sandip C. Patel,et al.  Security enhancement for SCADA communication protocols using augmented vulnerability trees , 2006, CAINE.

[11]  Frederick C. Harris,et al.  Computer Applications in Industry and Engineering , 2008 .

[12]  Sandip C. Patel,et al.  Secure SCADA Communications, Monitoring and Control over the Internet , 2005, CAINE.

[13]  Sandip C. Patel,et al.  Information-technology security in higher-education curricula , 2008 .

[14]  Sandip C. Patel,et al.  Internet-Application Development Using the Six Sigma Approach , 2007, International Conference on Internet Computing.