Content uploaded by Shashi Rekha
Author content
All content in this area was uploaded by Shashi Rekha on May 19, 2016
Content may be subject to copyright.
International Journal of Trend in Research and Development, Volume 3(3), ISSN: 2394-9333
www.ijtrd.com
IJTRD | May-Jun 2016
Available Online@www.ijtrd.com 178
Novel Methodology for SCADA Security
1Ranjana H and 2Shashirekha H
1M.Tech (4th SEM) and 2Assistant Professor,
1,2Computer Science and Engineering, Department of PG studies,
Visvesvaraya Technological University, Mysuru, India
Abstract: Today’s world filled with anti-social activities.
Crimes increase from hundreds to thousands day by day. Cyber
security is key factor. Data security provided to avoid attacks.
There are very few security methods to detect attacker’s
movements. New trend proposed in this paper to enhance the
security level. Virtual system deployed into SCADA for
additional level of security. The main aim is to suggest
recommendation to authorized data owner. Mimic the services
of SCADA by virtual system is introduced. Data security
achieved at supervisory level. Monitoring of next step of attack
carried out by latest methodology. Secure transmission of data
from SCADA to remote terminal unit done using cryptography
techniques.
Keywords: HMI, Honeypot, RTU, SCADA
I. INTRODUCTION
THE critical industrial processes undergo critical monitoring
and control of field devices. The system possessing control
ability and capability to acquire data called as SCADA
(Supervisory Control and Data Acquisition System). Data
acquisition is fetching the details from devices or field
equipment’s through sensors. Sensor acquire large amount of
data from water plants, gas, pipelines, weather, temperature etc.
External environment effect the working of data monitoring.
Earlier security to such data not considered as primary step.
System moved to open network chances of attack and severity
raised.
A. SCADA System Architecture
The system consists of major components
1. SCADA Server: server is responsible for set up commands
for SCADA.
2. Remote Terminal Units (RTU): Multiple RTU present in
SCADA network. It secures the data in cipher text form.
3. Human Machine Interface (HMI): it has complete control
of system and ability to change the data links.
4. Communication Infrastructure: the connection of various
the components done by communication network such as
Figure 1: SCADA System Architecture
B. Need of SCADA and its functionalities
1. Acquisition of data: Real time data acquired from sensors.
2. Control management: human used as operator. Trigger of
alert message in case of emergency accidents.
3. Data storage: RTU the data obtained from sensors.
4. Alarm: alert message in the form of alarm ringed during
attack.
5. Report: log history sent to master.
C. Security measures for SCADA
Protection to confidential data is very crucial. Utility companies
such as oil gas, power plants and wind energy sectors need
multiple layers of security. One of the primary security layers is
firewall protection using strategy called defense in depth
strategy.This strategy comprise of many sub layers. Each layer
placed at different corners within the company. Data centers, large
organizations with various compartments protect their devices
from risk of attack through defense in depth strategy.
In organizations, data flows from inside corporate network to
outside network. Integrity of the system taken care by SCADA
master. Demilitarized zone abbreviated as DMZ allows employers
of organization to directly access data from middle ground of the
system. Username and password used to provide authentication.
Only the data owner will have authority to rewrite the contents.
All traffic within network handled without congestion. Utility
companies adapt congestion-controlling mechanisms. Virtual
private network is been used when people from outside try to
access private data. Anti-virus updates made to avoid entry of
virus.
II. RELATED WORK
Secure infrastructure need provided and step carried out by
NERC or NIIST organization groups. Severity of attack increased
in industrial areas. Training, guidelines, protection methods,
encryption techniques are developed. Threats and vulnerability
that cause serious damage to people and infrastructure prevented.
High level of analysis, design and implementation of advance
security techniques carried out undergone by researchers. Author
suggested the metrics to secure data at top level. Solution
formulated to create SCADA specific IDS. High risk of attack
caused due to major attacks. Secure user authentication provided
by using safe methods.
Authorization violation, Bypassing Controls, Data
Modification are further threads in SCADA system.Poor test
environment, poor analyses of threads and risk. SCADA system
lacks in defining the false positive, false negative intrusion
detection system. Author suggested a strategyto create
securesignatures and Security Metrics.
Researchers suggest firmware technique and simulation results
of analyzing changed firmware with the realistic firmware. The
main goal was to detect the modification and the reason behind
the attack. Isolation of network is the best strategy to secure
SCADA systems. Un-used services discarded. This saves memory
space and increase work efficiency of system.
III. NOVEL METHODOLOGY
A honeypot creates virtual mode so it attracts the attacker. The
behavior of attackers should be monitored by virtual or physical
system remotely. Defending against the attack is the major
concern. Honeypot provide platform for additional level of
security. Amount of attack and time during which attack made
differ from countries.
Most of countries like Asia, Europe are under thread. Attacker
tries to find out secret, security code and decode it by taking the
help of experts. Level of attack and counter measure to prevent
such attacks introduced the concept of honeypot into SCADA.
Figure 2: Deployment of Honeypot System
International Journal of Trend in Research and Development, Volume 3(3), ISSN: 2394-9333
www.ijtrd.com
IJTRD | May-Jun 2016
Available Online@www.ijtrd.com 179
IV. PROPOSED ARCHITECTURE
In our system, there exist following components. They are
1. Admin: Creates a security key secure transmission of
dataand sends remote signals to supervisory systems.
2. SCADA System: It is the heart of the system. Encryption,
secure transmission, cryptography are its functionalities.
3. RTU: help in securing data sent from SCADA.
4. Attacker: sends command to access data.
5. Sensor: real time data fetch from sensor.
Figure 3:Proposed System Architecture
CONCLUSION AND FUTURE WORK
Security to real time data is one of the major issues. Tracking
attacker actions, systematically analyses, and encryption of data
for reliable transmission is providing by novel method of securing
SCADA. This method helps in investigation of crimes and tries to
prevent future attacks.
References
[1] Igure, Vinay M., Sean A. Laughter, and Ronald D.
Williams. “Security issues in SCADA networks."
Computers & Security 25.7 (2006): 498-506.
[2] Matrosov, Aleksandr, et al. "Stuxnet under the
microscope." ESET LLC (September 2010).
[3] Stouffer, Keith, Joe Falco, and Karen Scarfone. "Guide
to industrial control systems (ICS) security." NIST special
publication (2011): 800-82.
[4] Provos, Niels, and Thorsten Holz. Virtual honeypots:
from botnet tracking to intrusion detection. Pearson
Education, 2007
[5] Dong-Joo Kang ; Jong-Joo Lee ; Seog-Joo Kim ;
Jong-Hyuk Park “Analysis on Cyber Threats to SCADA
systems ” Transmission & Distribution Conference &
Exposition: Asia and Pacific, 2009.
[6] Gunnar Björkman; Diana Koshy; “SCADA Security
Measures”; Expository; Systems and Internet
Infrastructure Security (SIIS) Laboratory, Pennsylvania
State University, June, 2011
[7] Scott, “Designing and Implementing a Honeypot for a
SCADA Network”, Sans Institute, June 7, 2014.
[8] Dong-Joo Kang ; Jong-Joo Lee ; Seog-Joo Kim ;
Jong-Hyuk Park “Analysis on Cyber Threats to SCADA
systems ” Transmission & Distribution Conference &
Exposition: Asia and Pacific, 2009.
[9] Haji.F; Lindsay, L ;Shaowen Song; “ Practical Security
Strategyfor SCADA automation system and Networks”
Saskatoon, Sask, 1-4 May 2005.
