Simulation of Network Attacks on SCADA Systems
暂无分享,去创建一个
Network security is a major issue affecting SCADA systems designed and deployed in the last decade. Simulation of network attacks on a SCADA system presents certain challenges, since even a simple SCADA system is composed of models in several domains and simulation environments. Here we demonstrate the use of C2WindTunnel to simulate a plant and its controller, and the Ethernet network that connects them, in different simulation environments. We also simulate DDOS-like attacks on a few of the routers to observe and analyze the effec ts of a network attack on such a system. I. I NTRODUCTION Supervisory Control And Data Acquisition (SCADA) systems are computer-based monitoring tools that are used to manage and control critical infrastructure functions in re al time, like gas utilities, power plants, chemical plants, tr affic control systems, etc. A typical SCADA system consists of a SCADA Master which provides overall monitoring and control for the system, local process controllers called Re mot Terminal Units (RTUs), sensors and actuators and a network which provides the communication between the Master and the RTUs. A. Security of SCADA Systems SCADA systems are designed to have long life spans, usually in decades. The SCADA systems currently installed and used were designed at a time when security issues were not paramount, which is not the case today. Furthermore, SCADA systems are now connected to the Internet for remote monitoring and control making the systems susceptible to network security problems which arise through a connection to a public network. Despite these evident security risks, SCADA systems are cumbersome to upgrade for several reasons. Firstly, adding security features often implies a large downtime, which is not desirable in systems like power plants and traffic contro l. Secondly, SCADA devices with embedded codes would need to be completely replaced to add new security protocols. Lastly, the networks used in a SCADA system are usually customized for that system and cannot be generalized. Security of legacy SCADA systems and design of future systems both thus rely heavily on the assessment and rectification of security vulnerabilities of SCADA implementatio ns in realistic settings. B. Simulation of SCADA Systems In a SCADA system it is essential to model and simulate communication networks in order to study mission critical situations such as network failures or attacks. Even a simpl e SCADA system is composed of several units in various domains like dynamic systems, networks and physical environments, and each of these units can be modeled using a variety of available simulators and/or emulators. An example system could include simulating controller and plant dynamics in Simulink or Matlab, network architecture and behavior in a network simulator like OMNeT++, etc. An adequate simulation of such a system necessitates the use of an underlying software infrastructure that connects and re lates the heterogeneous simulators in a logically and temporally coherent framework.
[1] N. Lawrence Ricker,et al. Model predictive control of a continuous, nonlinear, two-phase reactor , 1993 .
[2] P. Barham,et al. The high level architecture , 1999, Proceedings IEEE Virtual Reality (Cat. No. 99CB36316).
[3] G. Karsai,et al. Rapid Synthesis of HLA-Based Heterogeneous Simulation : A Model-Based Integration Approach , 2008 .