Secure process control system of industrial networks

Recently there are more cyber-attacks in industrial networks. Stuxnet, the worm that attacked Iran nuclear power station highlights the traditional cyber threat in modern industrial infrastructures. Current process control systems (PCS) are vulnerable to cyber-attacks due to lack of means of verifying the legitimacy of control code and monitoring changes of controller devices. This paper proposed a secure, scalable, deployable architecture for PCS. A HMAC-based digital signature method was proposed to realize control code verification, and two active/passive schemes were proposed to monitor controller devices. At the end of this paper, we also analyzed the performance implications of proposed measures.

[1]  Nei Kato,et al.  Towards a light-weight message authentication mechanism tailored for Smart Grid communications , 2011, 2011 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).

[2]  Andrei V. Gurtov,et al.  A layered encryption mechanism for networked critical infrastructures , 2013, IEEE Network.

[3]  Ralph Langner,et al.  Stuxnet: Dissecting a Cyberwarfare Weapon , 2011, IEEE Security & Privacy.

[4]  T. M. Chen,et al.  Stuxnet, the real start of cyber warfare? [Editor's Note] , 2010, IEEE Netw..

[5]  Francesco Parisi-Presicce,et al.  DNPSec: Distributed Network Protocol Version 3 (DNP3) Security Framework , 2007 .

[6]  Juan Manuel González Nieto,et al.  Mitigating Sandwich Attacks Against a Secure Key Management Scheme in Wireless Sensor Networks for PCS/SCADA , 2010, 2010 24th IEEE International Conference on Advanced Information Networking and Applications.

[7]  Igor Nai Fovino,et al.  Design and Implementation of a Secure Modbus Protocol , 2009, Critical Infrastructure Protection.