This leads to increased cyber risks faced in critical infrastructures, especially in the Oil and Gas sector. Such SCADA systems are known to communicate using various insecure protocols such as Modbus, DNP3, and Open Platform Communication (OPC) Data Access standards (providing access to real-time automation data), which are vulnerable to a range of attacks. Industrial Cyber-Physical Systems (ICPS) are highly dependent on Supervisory Control and Data Acquisition (SCADA) for process monitoring and control. These attacks may be from internal or external sources. Hence, these systems are vulnerable to cyberattacks. The connectivity provides remote surveillance but opens the doors for attackers. These systems are also connecting to corporate highly interconnected networks for remote monitoring. These systems are connected to Internet for remote monitoring and data sharing. As technology advances, the SCADA data is required for other applications like enterprise resource planning (ERP), energy management system (EMS), and so forth. They used mostly proprietary communication protocols. In old days, these systems were connected in local area network (LAN). The PLC will collect the data from IO boards, process the data, and send it to human machine interface (HMI) through a suitable communication protocol. The physical parameters such as pressure, temperature, and pump status will be sensed by suitable sensors and the electrical signal will be passed to PLC through input-output cards. It contains different levels of connectivity, systems to differentiate the functionality, and services provided by them. Figure 1 displays a typical SCADA system. SCADA system contains data acquisition servers, display-monitoring and controlling clients, historian systems, field instruments, and programmable logic controllers (PLC). These systems are in different forms such as supervisory control and data acquisition (SCADA) systems and distributed control systems (DCS). They are used for surveillance and controlling a plant. Industrial control systems are very crucial for automation of process plants. The solution enhanced the security of SCADA systems with Modbus protocol. It protects SCADA systems from attackers, which is a core component of industrial control systems. It blocked 97% of malicious Modbus transactions or attacks to reach the PLC. Numbers of attacks were simulated and the performance of the method was measured using attack block rate (ABR). We proposed and developed (a) a method to detect replay attacks by incorporating time stamp and sequence number in Modbus communications and (b) a frame filtering module which will block unauthorized attacks like False Command Injection and False Access Injection attacks to reach programmable logic controller (PLC). We assumed that the attacks penetrated the LAN network. In this work, we used local area network (LAN) environment only for simulating the attacks. Initially, a real-time SCADA testbed was set up, and we envisaged the impact of these attacks on Modbus protocol data using the testbed. In this paper, we worked for False Command Injection attack, False Access Injection attack, and replay attacks on Modbus protocol. There is no security in design of Modbus protocol, and it is vulnerable to numerous cyberattacks. Modbus is a widely deployed communication protocol for SCADA communications. These attacks may be external or internal. Cybersecurity threats are more prevalent than ever in ICS systems. This leads to vulnerabilities of the system to cyberattacks. They are also using open protocols and operating systems. In recent times, these ICS systems have been connected to Internet and corporate networks for data sharing and remote monitoring. Legacy SCADA systems are working in isolated networks and using proprietary communication protocols which made them less exposed to cyber threats. Supervisory control and data acquisition (SCADA) system is a core component in ICS systems for continuous monitoring and controlling these process plants. Industrial control systems (ICS) are being used for surveillance and controlling numerous industrial process plants in national critical infrastructures.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |