Industrial control systems (ICSs) vulnerabilities analysis and SCADA security enhancement using testbed encryption

Abstract

The scope of SCADA communication (protocols) was limited to specific industry or for specific operations within industry (real time automation systems). The scalability, interoperability and reliability of data (communication) had been the major issues, while development of proprietary protocols within SCADA communication. The uses of advance information technology (I.T) infrastructures and several open standards (non- proprietary) protocols. SCADA systems have been also connected with number of networks and provides centralized control center to control thousand (or more) of field devices over distance placed via internet technology. SCADA systems have number of benefits, while connecting with open standard networks (or protocols) included cost less development, interoperability between several vendors' devices, utilization of several open standard protocols (and networks) without translators, fast data access between nodes, end-user testing and more accurate performance results (conformance testing and several other tests) and more scalability, etc. Current research reviews the security implementations (existing implementations) and major attacks that have been interacting within SCADA/DNP3 protocol communication. Based on existing and current SCADA/DNP3 security issues, the security solutions (using cryptography implementations) have been proposed to protect the communication (SCADA/DNP3 protocol communication). Attack (abnormal) scenarios have been created within each testbed implementation (cryptography testbed), and level of security is measured and compare with attack detection level and attack impact level.