Impact of Network Infrastructure Parameters to the Effectiveness of Cyber Attacks Against Industrial Control Systems
Keywords:
cyber attacks, Industrial Control Systems, SCADA, securityAbstract
The fact that modern Networked Industrial Control Systems (NICS) depend on Information and Communication Technologies (ICT), is well known. Although many studies have focused on the security of SCADA systems, today we still lack the proper understanding of the effects that cyber attacks have on NICS. In this paper we identify the communication and control logic implementation parameters that influence the outcome of attacks against NICS and that could be used as effective measures for increasing the resilience of industrial installations. The implemented scenario involves a powerful attacker that is able to send legitimate Modbus packets/commands to control hardware in order to bring the physical process into a critical state, i.e. dangerous, or more generally unwanted state of the system. The analysis uses a Boiling Water Power Plant to show that the outcome of cyber attacks is influenced by network delays, packet losses, background traffic and control logic scheduling time. The main goal of this paper is to start an exploration of cyber-physical effects in particular scenarios. This study is the first of its kind to analyze cyber-physical systems and provides insight to the way that the cyber realm affects the physical realm.
References
S. East, J. Butts, M. Papa, S. Shenoi, A Taxonomy of Attacks on the DNP3 Protocol, in Proceedings of IFIP Advances in Information and Communication Technology, 311:67-81, 2009.
T.C. Aseri, N. Singla, Enhanced Security Protocol in Wireless Sensor Networks, International Journal of Computers Communications & Control, 6(2):214-221, 2011.
The Symantec Stuxnet Dossier, 2010, http://www.wired.com/images_blogs/threatlevel/2010/11/w32_stuxnet_dossier.pdf
A.S. Brown, SCADA vs. the Hackers - Can Freebie Software and a Can of Pringles Bring Down the U.S. Power Grid?, Mechanical Engineering, 124(12), 2002.
I. Nai Fovino, M. Masera, L. Guidi, G. Carpi, An Experimental Platform for Assessing SCADA Vulnerabilities and Countermeasures in Power Plants, in Proceedings of Human System Interactions, pp. 679-686, 2010.
I. Nai Fovino, A. Carcano, T. De Lacheze Murel, M. Masera, A. Trombetta, Distributed Critical State Detection System for Industrial Protocols, in Proceedings of IFIP International Conference on Critical Infrastructure Protection, pp. 95-110, 2010.
B. Genge, C. Siaterlis, I. Nai Fovino, M. Masera, A Cyber-Physical Experimentation Environment for the Security Analysis of Networked Industrial Control Systems, Computers & Electrical Engineering, In Press, 2012. http://dx.doi.org/10.1016/j.compeleceng.2012.06.015
B. White, J. Lepreau, L. Stoller, R. Ricci, S. Guruprasad, M. Newbold, M. Hibler, C. Barb, A. Joglekar, An Integrated Experimental Environment for Distributed Systems and Networks, in Proceedings of the 5th symposium on Operating systems design and implementation, pp. 255-270, 2002. http://dx.doi.org/10.1145/1060289.1060313
C. Siaterlis, A. Garcia, B. Genge, On the Use of Emulab Testbeds for Scientifically Rigorous Experiments, IEEE Communications Surveys & Tutorials, PP(99):1-14, 2012.
R.D. Bell, K.J. Åström, Dynamic Models for Boiler-Turbine Alternator Units: Data Logs and Parameter Estimation for a 160MW Unit, Lundt Institute of Technology, Report TFRT- 3192, Sweden, 1987.
L. Rizzo, Dummynet: A Simple Approach to the Evaluation of Network Protocols, ACM Computer Communication Review, 27(1):31-41, 1997. http://dx.doi.org/10.1145/251007.251012
M Carbone, L. Rizzo, Dummynet Revisited, ACM SIGCOMM Computer Communication Review, 40(2):12-20, 2010. http://dx.doi.org/10.1145/1764873.1764876
NLANR/DAST, Iperf: The TCP/UDP Bandwidth Measurement Tool, http://sourceforge.net/projects/iperf/
W. Tan, H.J. Marquez, T. Chen, J. Liu, Analysis and Control of a Nonlinear Boiler-Turbine Unit, Journal of Process Control, Elsevier, 15(8):883-891, 2005. http://dx.doi.org/10.1016/j.jprocont.2005.03.007
C. Queiroz, A. Mahmood, J. Hu, Z. Tari, X. Yu, Building a SCADA Security Testbed, in Proceedings of the International Conference on Network and System Security, pp. 357-364, 2009.
C.M. Davis, J.E. Tate, H. Okhravi, C. Grier, T.J. Overbye, D. Nicol, SCADA Cyber Security Testbed Development, in Proceedings of the North American Power Symposium, pp. 483-488, 2006.
R. Chabukswar, B. Sinopoli, G. Karsai, A. Giani, H. Neema, A. Davis, Simulation of Network Attacks on SCADA Systems, First Workshop on Secure Control Systems, April, 2010.
A. Cárdenas, S. Amin, Z.S. Lin, Y.L. Huang, Chi-Y. Huang, S. Sastry, Attacks Against Process Control Systems: Risk Assessment, Detection, and Response, in Proceedings of the ACM Symposium on Information, Computer and Communications Security, pp. 355-366, 2011.
Published
Issue
Section
License
ONLINE OPEN ACCES: Acces to full text of each article and each issue are allowed for free in respect of Attribution-NonCommercial 4.0 International (CC BY-NC 4.0.
You are free to:
-Share: copy and redistribute the material in any medium or format;
-Adapt: remix, transform, and build upon the material.
The licensor cannot revoke these freedoms as long as you follow the license terms.
DISCLAIMER: The author(s) of each article appearing in International Journal of Computers Communications & Control is/are solely responsible for the content thereof; the publication of an article shall not constitute or be deemed to constitute any representation by the Editors or Agora University Press that the data presented therein are original, correct or sufficient to support the conclusions reached or that the experiment design or methodology is adequate.