Application Filters for TCP/IP Industrial Automation Protocols

The use of firewalls is a common approach usually meant to secure Automation Technology (AT) from Information Technology (TI) networks. This work proposes a filtering system for TCP/IP-based automation networks in which only certain kind of industrial traffic is permitted. All network traffic which does not conform with a proper industrial protocol pattern or with specific rules for its actions is supposed to be abnormal and must be blocked. As a case study, we developed a seventh layer firewall application with the ability of blocking spurious traffic, using an IP packet queueing engine and a regular expression library.

[1]  J. Pollet Developing a solid SCADA security strategy , 2002, 2nd ISA/IEEE Sensors for Industry Conference,.

[2]  T. Paukatong SCADA Security: A New Concerning Issue of an In-house EGAT-SCADA , 2005, 2005 IEEE/PES Transmission & Distribution Conference & Exposition: Asia and Pacific.

[3]  Igor Nai Fovino,et al.  Scada Malware, a Proof of Concept , 2008, CRITIS.

[4]  E.J. Byres,et al.  Industrial cybersecurity for power system and SCADA networks , 2005, Record of Conference Papers Industry Applications Society 52nd Annual Petroleum and Chemical Industry Conference.

[5]  Roberto Setola,et al.  Critical Information Infrastructure Security, Third International Workshop, CRITIS 2008, Rome, Italy, October 13-15, 2008. Revised Papers , 2009, Critical Information Infrastructures Security.

[6]  Thomas P. von Hoff,et al.  Security for Industrial Communication Systems , 2005, Proceedings of the IEEE.

[7]  Karen A. Scarfone,et al.  SP 800-82. Guide to Industrial Control Systems (ICS) Security: Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS), and other control system configurations such as Programmable Logic Controllers (PLC) , 2011 .

[8]  Paulo S. Motta Pires,et al.  Security Aspects of SCADA and Corporate Network Interconnection: An Overview , 2006, 2006 International Conference on Dependability of Computer Systems.

[9]  Ronald L. Krutz Securing SCADA systems , 2005 .

[10]  A. Treytl,et al.  Security measures for industrial fieldbus systems - state of the art and solutions for IP-based approaches , 2004, IEEE International Workshop on Factory Communication Systems, 2004. Proceedings..

[11]  Christian Benvenuti Understanding Linux Network Internals , 2005 .

[12]  Paulo S. Motta Pires,et al.  Using a packet manipulation tool for security analysis of industrial network protocols , 2007, 2007 IEEE Conference on Emerging Technologies and Factory Automation (EFTA 2007).