scholarly journals Detection and Blocking of Replay, False Command, and False Access Injection Commands in SCADA Systems with Modbus Protocol

2021 ◽  
Vol 2021 ◽  
pp. 1-15
Author(s):  
Rajesh L ◽  
Penke Satyanarayana
Keyword(s):  
Control Systems ◽  
Area Network ◽  
Core Component ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Modbus Protocol ◽  
Replay Attacks ◽  
Scada Systems ◽  
Process Plants ◽  
The Impact

Industrial control systems (ICS) are being used for surveillance and controlling numerous industrial process plants in national critical infrastructures. Supervisory control and data acquisition (SCADA) system is a core component in ICS systems for continuous monitoring and controlling these process plants. Legacy SCADA systems are working in isolated networks and using proprietary communication protocols which made them less exposed to cyber threats. In recent times, these ICS systems have been connected to Internet and corporate networks for data sharing and remote monitoring. They are also using open protocols and operating systems. This leads to vulnerabilities of the system to cyberattacks. Cybersecurity threats are more prevalent than ever in ICS systems. These attacks may be external or internal. Modbus is a widely deployed communication protocol for SCADA communications. There is no security in design of Modbus protocol, and it is vulnerable to numerous cyberattacks. In this paper, we worked for False Command Injection attack, False Access Injection attack, and replay attacks on Modbus protocol. Initially, a real-time SCADA testbed was set up, and we envisaged the impact of these attacks on Modbus protocol data using the testbed. In this work, we used local area network (LAN) environment only for simulating the attacks. We assumed that the attacks penetrated the LAN network. We proposed and developed (a) a method to detect replay attacks by incorporating time stamp and sequence number in Modbus communications and (b) a frame filtering module which will block unauthorized attacks like False Command Injection and False Access Injection attacks to reach programmable logic controller (PLC). Numbers of attacks were simulated and the performance of the method was measured using attack block rate (ABR). It blocked 97% of malicious Modbus transactions or attacks to reach the PLC. It protects SCADA systems from attackers, which is a core component of industrial control systems. The solution enhanced the security of SCADA systems with Modbus protocol.

scholarly journals Industrial Control Intrusion Detection Approach Based on Multiclassification GoogLeNet-LSTM Model

2019 ◽  
Vol 2019 ◽  
pp. 1-11 ◽  
Author(s):  
Ankang Chu ◽  
Yingxu Lai ◽  
Jing Liu
Keyword(s):  
Intrusion Detection ◽  
Control Systems ◽  
Short Term Memory ◽  
False Positive Rate ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Softmax Classifier ◽  
Modbus Protocol ◽  
Communication Processes ◽  
Detection Approach

Intrusion detection is essential for ensuring the security of industrial control systems. However, conventional intrusion detection approaches are unable to cope with the complexity and ever-changing nature of industrial intrusion attacks. In this study, we propose an industrial control intrusion detection approach based on a combined deep learning model for communication processes that use the Modbus protocol. Initially, the network packets are classified as carrying information and noncarrying information based on key fields according to the communication protocol used. Next, a template comparison approach is employed to detect the network packets that do not carry any information. Furthermore, an approach based on a GoogLeNet-long short-term memory model is used to detect the network packets that do carry information. This approach involves network packet sequence construction, feature extraction, and time-series level detection. Subsequently, the detected intrusions are classified into multiple categories through a Softmax classifier. A gas pipeline dataset of the Modbus protocol is used to evaluate the proposed approach and compare it with existing strategies. The accuracy, false-positive rate, and miss rate are 97.56%, 2.42%, and 2.51%, respectively, thus confirming that the proposed approach is suitable for intrusion detection in industrial control systems.

scholarly journals Pandora’s Net

2015 ◽  
Vol 137 (01) ◽  
pp. 28-33
Author(s):  
Brittany Logan
Keyword(s):  
Control Systems ◽  
Supervisory Control ◽  
Soft Power ◽  
Critical Infrastructure ◽  
Industrial Processes ◽  
Computer Language ◽  
Physical Processes ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Scada Systems

This study analyses potential weaknesses of supervisory control and data acquisition (SCADA) systems and possible workarounds to safeguard the critical infrastructure. SCADA systems are the hardware and software that control and monitor infrastructure and industrial processes. In the world of energy, the industrial control systems monitoring the physical processes of machines are less tangible than the actual physical machines they control. One of the benefits of soft power is that it offers the ability to use coercive force and create confusion without using overt means. Disconnecting any unnecessary network connections and restricting personnel access to only essential programs will limit unwanted access to SCADA systems through backdoor networks. It has been recommended that the energy sector ought to implement back-up and defense-in-depth systems. The concept of a common computer language for SCADA has also been mentioned in the security community, but could come with challenges.

Challenges in Securing Industrial Control Systems Using Future Internet Technologies

2022 ◽  
pp. 561-586
Author(s):  
Mirjana D. Stojanović ◽  
Slavica V. Boštjančič Rakas
Keyword(s):  
Control Systems ◽  
Fog Computing ◽  
Future Internet ◽  
Future Research ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Internet Technologies ◽  
Scada Systems ◽  
Scada Networks ◽  
And Migration

This chapter explores challenges in securing industrial control systems (ICS) and Supervisory Control And Data Acquisition (SCADA) systems using Future Internet technologies. These technologies include cloud computing, fog computing, Industrial internet of things (IIoT), etc. The need to design specific security solutions for ICS/SCADA networks is explained. A brief overview of cyber vulnerabilities and threats in industrial control networks, cloud, and IoT environments is presented. The security of cloud-based SCADA systems is considered, including benefits and risks of SCADA migration to the cloud, challenges in securing such systems, and migration toward fog computing. Challenges in securing IIoT are addressed, including security risks and operational issues, key principles for securing IIoT, the functional security architecture, and the role of fog computing. Authors point out current standardization activities and trends in the area, and emphasize conclusions and future research directions.

scholarly journals Risk Assessment For Industrial Control Systems Quantifying Availability Using Mean Failure Cost (MFC)

2015 ◽  
Vol 5 (3) ◽  
pp. 205-220 ◽  
Author(s):  
Qian Chen ◽  
Robert K. Abercrombie ◽  
Frederick T. Sheldon
Keyword(s):  
Risk Assessment ◽  
Control Systems ◽  
Durable Goods ◽  
Security Risk ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
External Threats ◽  
Scada Systems ◽  
Food And Beverage ◽  
Failure Cost

Abstract 1 Industrial Control Systems (ICS) are commonly used in industries such as oil and natural gas, transportation, electric, water and wastewater, chemical, pharmaceutical, pulp and paper, food and beverage, as well as discrete manufacturing (e.g., automotive, aerospace, and durable goods.) SCADA systems are generally used to control dispersed assets using centralized data acquisition and supervisory control. Originally, ICS implementations were susceptible primarily to local threats because most of their components were located in physically secure areas (i.e., ICS components were not connected to IT networks or systems). The trend toward integrating ICS systems with IT networks (e.g., efficiency and the Internet of Things) provides significantly less isolation for ICS from the outside world thus creating greater risk due to external threats. Albeit, the availability of ICS/SCADA systems is critical to assuring safety, security and profitability. Such systems form the backbone of our national cyber-physical infrastructure. Herein, we extend the concept of mean failure cost (MFC) to address quantifying availability to harmonize well with ICS security risk assessment. This new measure is based on the classic formulation of Availability combined with Mean Failure Cost (MFC). The metric offers a computational basis to estimate the availability of a system in terms of the loss that each stakeholder stands to sustain as a result of security violations or breakdowns (e.g., deliberate malicious failures).

scholarly journals Measuring Impact of Cybersecurity on the Performance of Industrial Control Systems

2014 ◽  
Vol 136 (12) ◽  
pp. S4-S7 ◽  
Author(s):  
Keith Stouffer ◽  
Rick Candell
Keyword(s):  
Control Systems ◽  
Power Plants ◽  
Performance Metrics ◽  
Industrial Process ◽  
Transportation Systems ◽  
Critical Infrastructures ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Security Standards ◽  
The Impact

This article examines the impact of cybersecurity on the performance of industrial control systems (ICS). Control systems are embedded in essentially all engineered systems, such as our cars, homes, offices, industrial plants, and in critical infrastructures such as power plants, water treatment plants, and transportation systems. To ensure the security of ICS, particularly for critical infrastructures, standards are being developed to ensure ICS cybersecurity. The NIST ICS cybersecurity testbed will be constructed to facilitate the measurement of industrial process performance for systems instrumented with cybersecurity technologies. This testbed will allow for validation of existing security standards and guidelines and will allow researchers to provide valuable feedback to the community on methods, practices, and pitfalls when applying a cybersecurity program to an ICS. Additional work will be required to identify new use cases and pertinent performance metrics. The testbed will provide an opportunity for collaboration between government, research institutions, and industry partners. Interested parties are encouraged to contact the authors directly to discuss opportunities for collaboration.

Challenges in Securing Industrial Control Systems Using Future Internet Technologies

2020 ◽  
pp. 1-26
Author(s):  
Mirjana D. Stojanović ◽  
Slavica V. Boštjančič Rakas
Keyword(s):  
Control Systems ◽  
Fog Computing ◽  
Future Internet ◽  
Future Research ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Internet Technologies ◽  
Scada Systems ◽  
Scada Networks ◽  
And Migration

This chapter explores challenges in securing industrial control systems (ICS) and Supervisory Control And Data Acquisition (SCADA) systems using Future Internet technologies. These technologies include cloud computing, fog computing, Industrial internet of things (IIoT), etc. The need to design specific security solutions for ICS/SCADA networks is explained. A brief overview of cyber vulnerabilities and threats in industrial control networks, cloud, and IoT environments is presented. The security of cloud-based SCADA systems is considered, including benefits and risks of SCADA migration to the cloud, challenges in securing such systems, and migration toward fog computing. Challenges in securing IIoT are addressed, including security risks and operational issues, key principles for securing IIoT, the functional security architecture, and the role of fog computing. Authors point out current standardization activities and trends in the area, and emphasize conclusions and future research directions.

Sign in / Sign up

Export Citation Format

Share Document