Supervisory Control and Data Acquisition (SCADA) systems are attractive targets for attackers, as they offer an avenue to attack critical infrastructure (CI) systems controlled by SCADA systems. Ultimately, an attack on any system exploits some undesired (malicious or accidental) functionality in the components of the system. Unfortunately, it is far from practical to eliminate undesired functionality in every component of a system. The contribution of this paper is a novel architecture for securing SCADA systems that guarantee that “any malicious modification of the deployment configuration or the design configuration of the SCADA system will be detected”—even if undesired functionality may exist in SCADA system components.
References
[1]
Matrosov, A., Rodionov, E., Harley, D. and Malcho, J. (2010) Stuxnet under the Microscope.
https://www.esetnod32.ru/company/viruslab/analytics/doc/Stuxnet_Under_the_Microscope.pdf
[2]
Turk and Robert, J. (2005) Cyber Incidents Involving Control Systems. Idaho National Engineering and Environmental Laboratory, Idaho Falls.
[3]
Lynch, L.E., Comey, J.B. and Carlin, J.P. (2016) Manhattan U.S. Attorney Announces Charges Against Seven Iranians for Conducting Coordinated Campaign of Cyber Attacks against U.S. Financial Sector on Behalf of Islamic Revolutionary Guard Corps-Sponsored Entities. News, Southern District of New York.
[4]
Eric, A. and Jim, F. (2015) Ukraine Utility Cyber Attack Wider than Reported: Experts.
http://www.reuters.com/article/us-ukraine-crisis-malware-idUSKBN0UI23S20160104
[5]
McWhorter, D. (2013) Mandiant Exposing APT1—One of China’s Cyber Espionage Units & Releases 3,000 Indicators.
[6]
Reid, W. (2013) Spear Phishing Attempt. Digital Bond.
http://www.digitalbond.com/blog/2012/06/07/spear-phishing-attempt/
[7]
Gorman, S. (2013) Chinese Hackers Suspected in Long-Term Nortel Breach. The Wall Street Journal.
[8]
Fidler and David, P. (2011) Was Stuxnet an Act of War? Decoding a Cyberattack. IEEE Security & Privacy, 9, 56-59. https://doi.org/10.1109/MSP.2011.96
[9]
Sood, A. and Enbody, R. (2013) Targeted Cyber Attacks—A Superset of Advanced Persistent Threats. IEEE Security & Privacy, 11, 54-61.
[10]
Ramkumar, M. (2016) Cybersecurity: It’s All about the Assumptions. National Cyber Summit (NCS), Huntsville, 8-9 June 2016.
[11]
Weaver, N., Paxson, V., Staniford, S. and Cunningham, R. (2003) A Taxonomy of Computer Worms. Proceedings of the 2003 ACM Workshop on Rapid Malcode, Washington DC, 27 October 2003, 11-18. https://doi.org/10.1145/948187.948190
[12]
Reid, W. (2011) Cyber Attacks on Texas Utility.
http://www.washingtontimes.com/news/2011/nov/18/hackers-apparently-based-in-russia-attacked-a-publ
[13]
Moore, D., Paxson, V., Savage, S., Shannon, C., Staniford, S. and Weaver, N. (2003) Inside the Slammer Worm. IEEE Security and Privacy, 99, 33-39.
https://doi.org/10.1109/MSECP.2003.1219056
[14]
Lampson, B., Abadi, M., Burrows, M. and Wobber, E. (1992) Authentication in Distributed Systems: Theory and Practice. ACM Transactions on Computer Systems (TOCS), 8, 18-36. https://doi.org/10.1145/138873.138874
[15]
Wright, A., Kinast, J. and McCarty, J. (2004) Low-Latency Cryptographic Protection for SCADA Communications. Applied Cryptography and Network Security. Lecture Notes in Computer Science, Vol. 3089, Springer, Berlin, 263-277.
https://doi.org/10.1007/978-3-540-24852-1_19
[16]
Tsang, P. and Smith, S.W. (2007) YASIR: A Low-Latency, High-Integrity Security Retrofit for Legacy SCADA Systems. Proceedings of the Ifip Tc 11 23rd International Information Security Conference, Vol. 278, Springer, Boston, 445-459.
https://doi.org/10.1007/978-0-387-09699-5_29
[17]
Wang, Y. and Chu, B.-T. (2012) sSCADA: Securing SCADA Infrastructure Communications. International Journal of Communication Networks and Distributed Systems, 6, 59-78. https://doi.org/10.1504/IJCNDS.2011.037328
[18]
Majdalawieh, M., Parisi-Presicce, F. and Wijesekera, D. (2006) DNPSec: Distributed Network Protocol Version 3 (DNP3). Security Framework. In: Elleithy, K., Sobh, T., Mahmood, A., Iskander, M. and Karim, M., Eds., Advances in Computer, Information, and Systems Sciences, and Engineering, Springer, Dordrecht, 227-234.
https://doi.org/10.1007/1-4020-5261-8_36
[19]
Hieb, J., Graham, J. and Patel, S. (2007) Security Enhancements for Distributed Control Systems, Mathematics and Its Applications. 2nd Edition, Critical Infrastructure Protection, Springer, Berlin, 133-146.
https://doi.org/10.1007/978-0-387-75462-8_10
[20]
Shahzad, A. and Musa, S. (2012) Cryptography and Authentication Placement to Provide Secure Channel for SCADA Communication. International Journal of Security, 6, 28.
[21]
Patel, A., Joaquim Jr., C. and Pedersen, J. (2013) An Intelligent Collaborative Intrusion Detection and Prevention System for Smart Grid Environments. Computer Standards & Interfaces. https://doi.org/10.1016/j.csi.2013.01.003
[22]
Berthier, R. and Sanders, W.H. (2010) Intrusion Detection for Advanced Metering Infrastructures: Requirements and Architectural Directions. 2010 First IEEE International Conference on Smart Grid Communications (SmartGridComm), Gaithersburg, 4-6 October 2010, 350-355.
https://doi.org/10.1109/SMARTGRID.2010.5622068
[23]
Zhu, B., Sastry, S. and Fefferman, C. (2010) SCADA-Specific Intrusion Detection/Prevention Systems: A Survey and Taxonomy. Proceedings of the 1st Workshop on Secure Control Systems (SCS), Stockholm, 12 April 2010, 34.
[24]
Merkle, R.C. (1980) Protocols for Public Key Cryptosystems. IEEE Symposium on Security and Privacy, Oakland, 14-16 April 1980, 122.
https://doi.org/10.1109/SP.1980.10006
[25]
Ramkumar, M. (2008) On the Scalability of an Efficient Nonscalable Key Distribution Scheme. 2008 International Symposium on a World of Wireless, Mobile and Multimedia Networks, Newport Beach, 23-26 June 2008, 1-6.
