Refine your search
Collections
Co-Authors
Journals
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z All
Kalluri, Rajesh
- Hardening of the modbus protocol
Abstract Views :191 |
PDF Views:0
Authors
Affiliations
1 PES Institute of Technology, Bangalore, IN
2 Centre for development of advanced computing, Bangalore, IN
1 PES Institute of Technology, Bangalore, IN
2 Centre for development of advanced computing, Bangalore, IN
Source
Power Research, Vol 13, No 3 (2017), Pagination: 423-432Abstract
A large section of industrial control where network security is of paramount importance and where glitches can cause massive disruptions in societies has mostly been overlooked and ignored in recent times. Modern critical infrastructure assets (e.g., power plants, refineries and water supply systems) use ICT systems to provide reliable services and offer new features. Many maintenance and management operations at these installations involve the use of SCADA systems are controlled remotely using public networks, mostly over the Internet. While the automation and inter connectivity contribute to increased efficiency and reduced costs, they expose critical installations to new threats. Thus, issues relevant to the securing of this information when it's being transmitted via unsafe channels and unsecured protocols were chosen to be addressed. Various protocols that are used have either no provisions for secure transmission of its information or have outdated security structures. Our focus was on the Modbus protocol because of its wide application and lack of security features in the protocol structure. The objective was to establish a novel approach to the transmission via the Modbus protocol preserving the lower level attributes of transmission and at the same time adding a layer of security without adding significant delay.Keywords
Modbus, security, SCADA, ICT, encryption, key exchange,CHAP
- Transient Analysis of Cyber-Attacks on Power SCADA using RTDS
Abstract Views :181 |
PDF Views:0
Authors
Abhiram Amaraneni
1,
Mahendra Lagineni
2,
Rajesh Kalluri
2,
R. K. Senthilkumar
2,
G. L. Ganga Prasad
2
Affiliations
1 Real Time Systems & Smart Grid Group, Center for Development of Advanced Computing, No. 1, Old Madras Road, Byappanahalli, Bengaluru - 560038, IN
2 Real Time Systems & Smart Grid Group, Center for Development of Advanced Computing, No. 1, Old Madras Road, Byappanahalli, Bengaluru - 560038,, IN
1 Real Time Systems & Smart Grid Group, Center for Development of Advanced Computing, No. 1, Old Madras Road, Byappanahalli, Bengaluru - 560038, IN
2 Real Time Systems & Smart Grid Group, Center for Development of Advanced Computing, No. 1, Old Madras Road, Byappanahalli, Bengaluru - 560038,, IN
Source
Power Research, Vol 11, No 1 (2015), Pagination: 79-92Abstract
Cyber security in the SCADA domain has become one of the major concerns of all the stakeholders in the energy sector. The SCADA architecture that the power industry adopts is drawing more attention from a dedicated cyber attacker due to the extent of damage a catastrophe can promise. The usage of open standard protocols for communication among SCADA components that are not designed with security in mind is one of those vulnerable areas for any attacker. The SCADA components in the control region viz., the MTU and the RTU communicate via these insecurely designed open protocols without any authentication. An attacker can target this communication; launch an attack like the manin- the-middle attack resulting in a disastrous situation. An experiment was conducted at CPRI using their Real Time Digital Simulator (RTDS) simulating a substation to study the impact of an attack. This paper brings out the details of the experiment conducted and the results thus obtained.Keywords
SCADA, RTU, MTU, RTDS, IEC 60870-5-104/101 protocol& vulnerabilities, cyber-attack. *Real- Hybrid SCADA Security Testbed as a Service
Abstract Views :300 |
PDF Views:0
Authors
Affiliations
1 Center for Development of Advanced Computing (C-DAC), Knowledge Park, No 1, Old Madras Road, Byappanahalli, Bangalore – 560038, Karnataka, IN
1 Center for Development of Advanced Computing (C-DAC), Knowledge Park, No 1, Old Madras Road, Byappanahalli, Bangalore – 560038, Karnataka, IN
Source
Power Research, Vol 16, No 2 (2020), Pagination: 153-162Abstract
Supervisory Control and Data Acquisition (SCADA) systems are deployed for control and management of critical infrastructures (power, oil, gas, water, etc.), industries (manufacturing, production, etc.) and public facilities (airport, ships, transport etc.). With the evolution of the technologies in communication, SCADA systems are connected to different networks using heterogeneous communication infrastructure. Thus, SCADA systems became vulnerable to threats of connected systems along with its legacy threats. A security assessment is required to understand the security posture of the system. However, it is not possible to simulate and analyze attacks on a real SCADA system. Hence, a testbed is needed to conduct any security assessment by modeling the architecture on the SCADA testbed. In this paper, we will discuss the need for testbeds, hybrid testbeds, how we established a hybrid testbed, simulation and impact analysis of attacks on the hybrid testbed and the process of providing the testbed as a service.Keywords
Hybrid Testbed, SCADA Security, Simulation of Attacks, SPADE, Testbed, Testbed as a Service.References
- Hemsley, Kevin E, Fisher E. History of industrial control system cyber incidents. No. INL/CON-18-44411-Rev002. Idaho National Lab. (INL), Idaho Falls, ID (United States); 2018.
- Abrams M, Weiss J. Malicious control system cyber security attack case study - Maroochy Water Services, Australia. Technical Report, Mitre.org.; 2008. p. 1–16.
- Babu B, et al. Security issues in SCADA based industrial control systems. 2017 2nd International Conference on Anti-Cyber Crimes (ICACC). IEEE; 2017. https:// doi.org/10.1109/Anti-Cybercrime.2017.7905261. PMid: 29199662. PMCid:PMC5750623
- Qassim Q, et al. A survey of SCADA testbed implementation approaches. Indian Journal of Science and Technology. 2017; 10(26).
- Hahn A, et al. Development of the PowerCyber SCADA security testbed. Proceedings of the sixth annual workshop on cyber security and information intelligence research; 2010. https://doi.org/10.1145/1852666.1852690
- Queiroz C, Mahmood A, Tari Z. SCADASim-A framework for building SCADA simulations. IEEE Transactions on Smart Grid. 2011; 2(4):589–97. https://doi.org/10.1109/ TSG.2011.2162432
- Daniels J. Server virtualization architecture and implementation. Crossroads. 2009; 16(1):8–12. https://doi. org/10.1145/1618588.1618592
- Reaves B, Morris T. An open virtual testbed for industrial control system security; 2012. https://doi.org/10.1007/ s10207-012-0164-7
- Mallouhi M, et al. A testbed for analyzing security of SCADA control systems (TASSCS). ISGT 2011. IEEE; 2011. https://doi.org/10.1109/ISGT.2011.5759169
- McLaughlin S, Konstantinou C, Wang X, Davi L, Sadeghi A, Maniatakos M, et al. The cybersecurity landscape in industrial control systems. Proceedings of the IEEE. 2016 May 5; 104:1039–57.
- Holm H, Karresand M, Vidström A, Westring E. A survey of industrial control system testbeds. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Buchegger S, Dam M, (Eds), Springer; 2015. 9417. https:// doi.org/10.1007/978-3-319-26502-5_2
- Amaraneni A, et al. Transient analysis of cyber-attacks on power SCADA using RTDS. Power Research. 2015; 11(1):79–92.
- Rao MS, Kalluri R, Kumar RKS, Prasad GLG, Bindhumadhava BS. Impact analysis of attacks using agentbased SCADA testbed. In ISGW 2017: Compendium of Technical Papers, Springer, Singapore; 2018. p. 41–54. https://doi.org/10.1007/978-981-10-8249-8_4
- Stranahan J, Soni T, Heydari V. Supervisory control and data acquisition testbed vulnerabilities and attacks. SoutheastCon, Huntsville, AL, USA; 2019. p. 1–5. https:// doi.org/10.1109/SoutheastCon42311.2019.9020436
- Stranahan J, Soni T, Heydari V. Supervisory control and data acquisition testbed for research and education. 2019 IEEE 9th Annual Computing and Communication Workshop and Conference (CCWC), Las Vegas, NV, USA; 2019. p. 85–9. https://doi.org/10.1109/CCWC.2019.8666482
- Rosa L, Cruz T, Simões P, Monteiro E, Lev L. Attacking SCADA systems: A practical perspective. 2017 IFIP/ IEEE Symposium on Integrated Network and Service Management (IM), Lisbon; 2017. p. 741–6. https://doi. org/10.23919/INM.2017.7987369. PMid:28246669
- Available from: www.gns3.com.
- Available from: www.scilab.org.