Loading in 2 Seconds...
Loading in 2 Seconds...
Improving the Cyber Security of SCADA Communication Networks. by Sandip C. Patel, Ganesh D. Bhatt, and James H. Graham communications of the acm july 2009 ， vol. 52 ， no. 7 報告人：俞丞峯. content. Abstract SCADA Architectures How secure are today’s SCADA systems?
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
Improving the Cyber Security of SCADA Communication Networks by Sandip C. Patel, Ganesh D. Bhatt, and James H. Graham communications of the acm july 2009 ，vol. 52 ，no. 7 報告人：俞丞峯
content • Abstract • SCADA Architectures • How secure are today’s SCADA systems? • Proposed Solutions to SCADA - Communication Security • Test-Bed Evaluation • Conclusion
Abstract • SCADA： Supervisory control and data acquisition • SCADA networks enable operating many devices remotely such as track switches, traffic signals, electric circuit breakers, valves, relays, sensors, and water and gas pumps.
Abstract • modern SCADA networks, integrated with corporate networks and the Internet, have become far more vulnerable to unauthorized cyber attacks. • for example, can manipulate traffic signals, electric-power switching stations, chemical process-control systems, or sewage-water valves, creating major concerns to public safety and health • http://www.cyberhunter.com.tw/portal/index.php/2009-01-03-02-19-42/900-scada
SCADA應用領域 • 溫濕度記錄系統 • 空調計費系統 • 用電資料擷取 • 空氣品質監控
How secure are today’s SCADA systems? • Typical SCADA security measures consist of physically securing MTUs, RTUs, and transmission media, and employing common cyber security defenses such as password protection and anti-virus utilities • Communication security • a “secret” phone number and “secret” proprietary protocols
Proposed Solutions to SCADA - Communication Security • wrap SCADA protocols • use Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocol • use IPsec protocol • Enhance SCADA protocols with selected cryptography techniques • Authentication Octets • Authentication via Challenge Response
Proposed Solutions to SCADA - Communication Security • Authentication Octets. This technique is based on digital-signature algorithm.
Proposed Solutions to SCADA - Communication Security • Authentication via Challenge Response • This technique verifies the identity of an RTU or an MTU by using the challenge-response cryptography to protect against the man-in-the-middle attack.
Correctness Proofs for Cryptography Techniques • selected On-the-Fly Model-Checker (OFMC), and Security Protocol Engineering and Analysis Resources (SPEAR) version II • OFMC was found to be appropriate because it succeeded in finding intruder attacks • SPEAR II, which uses Prolog-based analyzer, was found to be appropriate in verifying that the protocols functioned as intended
Test-Bed Evaluation • Table 1 shows a comparison of the performance among different security methods
Conclusion • focused on the security of SCADA communication protocols and presented two possible security alternatives to confirm the soundness of these enhancements