Secure internet-based communication protocol for scada networks

Quantified Score

Visualization

Abstract

Supervisory control and data acquisition (SCADA) networks are used to control and monitor field devices from a central station by the companies that form the critical national infrastructure of many countries. SCADA networks are also popular within process control industries for monitoring and control. A terrorist attack on a SCADA network could cause extreme destructive consequences to public health and safety. This research offers a new set of DNP3-based protocols that are inherently secure and provide end-to-end security to SCADA-communications: These protocols use cryptographic security models not previously evaluated for SCADA applications. Additionally, various alternative methods of securing SCADA communication are proposed and evaluated in this research including using SSL/TLS, IPsec, and object security. This research also proposes an innovative method of correctness proof for SCADA cryptographical protocol models and then uses formal logical verification methods to confirm the soundness of the new security models. The use of the Internet can facilitate the remote monitoring of the SCADA systems but the sharp increase in actual and potential threats against SCADA has made it dangerous to use unsecured communication protocols. An innovative architecture is presented in this research to securely monitor and control SCADA-controlled devices remotely using the Internet. The new Internet-based secure network was implemented and tested to monitor and control a simple chemical process at the University of Louisville Intelligent Systems Laboratory and Process Control Laboratory. An experimental analysis of the communication times indicates acceptable performance for process monitoring and supervisory control activities in most applications where SCADA systems would be applicable.