Abstract
Today, security is a prominent issue when any type of communication is being undertaken. Like traditional networks, supervisory control and data acquisition (SCADA) systems suffer from a number of vulnerabilities. Numerous end-to-end security mechanisms have been proposed for the resolution of SCADA-system security issues, but due to insecure real-time protocol use and the reliance upon open protocols during Internet-based communication, these SCADA systems can still be compromised by security challenges. This study reviews the security challenges and issues that are commonly raised during SCADA/protocol transmissions and proposes a secure distributed-network protocol version 3 (DNP3) design, and the implementation of the security solution using a cryptography mechanism. Due to the insecurities found within SCADA protocols, the new development consists of a DNP3 protocol that has been designed as a part of the SCADA system, and the cryptographically derived security is deployed within the application layer as a part of the DNP3 stack.
Highlights
Application-layer security is essential for each type of protocol and/or communication because the bytes are constructed and the sender/response headers are deployed at the application layer
Like other supervisory control and data acquisition (SCADA) protocols, the distributed network protocol version 3 (DNP3) protocol sender/response bytes are distinguished in the application layer through the employment of application protocol control information (APCI), while the sender/responder APCI bytes are distinguished by the field designated as the IIN
The entire DNP3 protocol was designed in C#, with the use of its open library, but due to the copyright restrictions and the future developments in the lower layers of the DNP3 protocol, the approximate performance has been measured at the application level only; as defined by the protocol, the other layers participate during the normal byte flow
Summary
Supervisory control and data acquisition (SCADA) systems have been accorded a prestigious status and play important roles within the real-time industrial processing and automation fields [1,2].Along with the massive changes in the field of information technology (IT) and the increasing use of IT by humans throughout their daily lives, SCADA systems have changed from simple stand-alone systems, or “relay logic”, to network-based systems like a traditional computer network [2,3].Typically, a SCADA system is governed by a central controller or main controller that is a part of its hierarchical network structure that is designed and configured to comprise several remote stations or remote terminal units (RTUs); these remote devices collect information from physical devices and transfer the information back to the main controller for scrutiny and control purposes [3,4].Sensors 2016, 16, 37; doi:10.3390/s16010037 www.mdpi.com/journal/sensorsSCADA-system protocols were originally designed and used as proprietary protocols; each protocol was developed by a specific manufacturer for a specific industry as a part of a proprietarySCADA system to fulfill the basic needs of that specific industry [3,4]. Many open-standard protocols such as distributed network protocol version 3 (DNP3), Modbus, and Fieldbus have been developed by SCADA organizations, and have resolved the dilemma of interoperability by providing connectivity for the devices and equipment of different manufacturers and vendors [5]. Given the evolution of the open-standard protocols that are used within SCADA communication, users can purchase and use equipment such as master terminal units (MTUs), RTUs, and other physical devices from a variety of manufacturers. This larger interconnectivity between a number of open-standard protocols and the proprietary protocols, has resulted in the heightened vulnerability of SCADA systems to several types of security attacks [6,7]
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
