Abstract
Modern technology enhancements have been used worldwide to fulfill the requirements of the industrial sector, especially in supervisory control and data acquisition (SCADA) systems as a part of industrial control systems (ICS). SCADA systems have gained popularity in industrial automations due to technology enhancements and connectivity with modern computer networks and/or protocols. The procurement of new technologies has made SCADA systems important and helpful to processing in oil lines, water treatment plants, and electricity generation and control stations. On the other hand, these systems have vulnerabilities like other traditional computer networks (or systems), especially when interconnected with open platforms. Many international organizations and researchers have proposed and deployed solutions for SCADA security enhancement, but most of these have been based on node-to-node security, without emphasizing critical sessions that are linked directly with industrial processing and automation. This study concerns SCADA security measures related to critical processing with specified sessions of automated polling, analyzing cryptography mechanisms and deploying the appropriate explicit inclusive security solution in a distributed network protocol version 3 (DNP3) stack, as part of a SCADA system. The bytes flow through the DNP3 stack with security computational bytes within specified critical intervals defined for polling. We took critical processing knowledge into account when designing a SCADA/DNP3 testbed and deploying a cryptography solution that did not affect communications.
Highlights
Supervisory control and data acquisition (SCADA) systems have been playing crucial roles in industrial automation and control
From the above supervisory control and data acquisition (SCADA)/distributed network protocol version 3 (DNP3) security analysis, we can conclude that DNP3 lacks security, even when employing and depending on other protocols, which we examine in order to better understand the current security of DNP3
Two cryptography algorithms are employed; the Advanced Encryption Standard (AES) and SHA-2 are deployed at the data link layer and an SHA-2 hashing algorithm is deployed at the pseudo-transport layer and application layer of DNP3
Summary
Supervisory control and data acquisition (SCADA) systems have been playing crucial roles in industrial automation and control. The DNP3 is an important SCADA communication protocol that is employed and designed for electric and water industries. These protocols provide interconnectivity with DNP3 over the Internet This protocol is defined as an open or non-proprietary protocol in SCADA systems [1,2,3,6,7,8,9,10,11]. The send or receive message is specified at an application layer by means of the application protocol control information (APCI) or header fields. The transport layer adds one byte of header with each data block, and transport protocol data unit (TPDU) or a segment is formed. The data link layer assembles each upcoming TPDU as a link service data unit (LSDU), and adds a header field of 10 bytes, which is called link protocol control information (LPCI).
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
