Modbus monitoring for networked control systems of cyber-defensive architecture

Abstract

Technological advancement of Industrial Control Systems (ICS) and control systems automation over the past decade has brought greater interconnections of the control components. Increased interconnection provides end users with more information which facilitates improved system reliability. Modern control communication systems such as ModbusTCP are based on open standards that leverage Ethernet to allow interoperability between solutions from different vendors. The open standard and interoperability has made significant improvements to the operational aspect in networked control power systems by integrating control components hence allowing faster information exchange. The enhanced exchange of information has, as a side effect, created cyber security vulnerabilities such as entry points for hackers. This discusses a Raspberry Pi based ModbusTCP control system that enables simulation of cyberattacks, and proposes a mitigation measure by the added feature of Modbus monitoring a Snort based intrusion detection system for the networked control systems with cyberdefensive architecture. Experimental validation of the proposed approach is also discussed.