Abstract
Supervisory control and data acquisition (SCADA) systems are widely used in the critical infrastructure. These systems are high risk targets for cyber attacks due to their criticality, interconnectedness and Internet accessibility. SCADA systems employ programmable logic controllers to monitor and issue control instructions to other devices. Unfortunately, programmable logic controllers are typically configured in a persistent manner – they are configured once and designed to operate continuously. They are, therefore, ill-suited to operate in virtual, dynamic and cyber-resilient environments. SCADA systems must employ cyber-resilient architectures to enable them to endure and recover from cyber attacks.
This chapter describes a secure methodology for storing SCADA system states that can be used by redundant, non-persistent devices during operations and recovery. The proposed methodology realizes a non-persistent, Byzantine fault-tolerant, virtual industrial control system architecture whose state and function can be stored and restored securely, contributing to its cyber resilience. Implementation of the methodology in a SCADA environment incorporating non-persistent programmable logic controllers reveals that cyber attacks are identified quickly and secure restoration can occur without loss of state or functionality. Mathematical and timing analyses demonstrate the applicability and efficacy of the methodology in creating cyber-resilient SCADA systems.
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
Change history
04 December 2022
A correction has been published.
References
N. Ahmed and B. Bhargava, From Byzantine fault-tolerance to fault-avoidance: An architectural transformation to attack and failure resiliency, to appear in IEEE Transactions on Cloud Computing
Astrom, K., Murray, R.: Feedback Systems: An Introduction for Scientists and Engineers. Princeton University Press, Princeton, New Jersey (2008)
A. Babay, J. Schultz, T. Tantillo and Y. Amir, Toward an intrusion-tolerant power grid: Challenges and opportunities, Proceedings of the Thirty-Eighth IEEE International Conference on Distributed Computing Systems, pp. 1321–1326, 2018
J. Barrowclough and R. Asif, Securing cloud hypervisors: A survey of the threats, vulnerabilities and countermeasures, Security and Communication Networks, article no. 1681908, 2018
F. Bjorck, M. Henkel, J. Stirna and J. Zdravkovic, Cyber resilience - Fundamentals for a definition, in New Contributions in Information Systems and Technologies, Volume 1, A. Rocha, A. Correia, S. Costanzo and L. Reis (Eds.), Springer, Cham, Switzerland, pp. 311–316, 2015
Bodeau, D., Graubart, R.: Cyber Resiliency Engineering Framework, MITRE Technical Report MTR 110237. MITRE Corporation, Bedford, Massachusetts (2011)
A. Cardenas, S. Amin, B. Sinopoli, A. Giani, A. Perrig and S. Sastry, Challenges for securing cyber-physical systems, presented at the Workshop on Future Directions in Cyber-Physical Systems Security, 2009
M. Castro and B. Liskov, Practical Byzantine fault tolerance, Proceedings of the Third Symposium on Operating Systems Design and Implementation, pp. 173–186, 1999
Control Solutions Minnesota, Modbus 101 - Introduction to Modbus, St. Paul, Minnesota (www.csimn.com/CSI_pages/Modbus101.html), 2020
B. Cox, D. Evans, A. Filipi, J. Rowanhill, W. Hu, J. Davidson, J. Knight, A. Nguyen-Tuong and J. Hiser, N-variant systems: A secretless framework for security through diversity, Proceedings of the Fifteenth USENIX Security Symposium, article no. 9, 2006
M. Crosby, Nachiappan, P. Pattanayak, S. Verma and V. Kalyanaraman, Blockchain technology: Beyond Bitcoin, Applied Innovation Review, vol. 2016(2), pp. 6–10, 2016
Distributed Systems and Networks Laboratory, Spines, Department of Computer Science, Johns Hopkins University, Baltimore, Maryland (www.spines.org), 2020
G. Engel and M. Mumcouglu, Method for Detecting Anomaly Action within a Computer Network, U.S. Patent No. 0165207 A1, June 12, 2014
A. Gearhart, P. Hamilton and J. Coffman, An analysis of automated software diversity using unstructured text analytics, Proceedings of the Forty-Eighth Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops, pp. 79–80, 2018
D. Goodin, FBI tells router users to reboot now to kill malware infecting 500K devices, Ars Technica, May 25, 2018
K. Gordon, M. Davis, Z. Birnbaum and A. Dolgikh, ACE: Advanced CIP evaluator, Proceedings of the Workshop on Cyber-Physical Systems Security and Privacy, pp. 90–101, 2018
Grinberg, M.: Flask Web Development: Developing Web Applications with Python. O’Reilly Media, Sebastopol, California (2018)
E. Johansson, Virtualization in control systems: Possibilities and challenges, presented at the SANS European Community SCADA and Process Control Summit, 2009
Kushner, D.: The real story of Stuxnet. IEEE Spectrum 50(3), 48–53 (2013)
A. Melin, E. Ferragut, J. Laska, D. Fugate and R. Kisner, A mathematical framework for the analysis of cyber-resilient control systems, Proceedings of the Sixth International Symposium on Resilient Control Systems, pp. 13–18, 2013
P. Nachtwey, Feed forwards augment PID control, Control Engineering, vol. 52, pp. 42–45, March 31, 2015
T. Rodrigues Alves, M. Buratto, F. de Souza and T. Rodrigues, OpenPLC: An open-source alternative to automation, Proceedings of the IEEE Global Humanitarian Technology Conference, pp. 585–589, 2014
T. Rodrigues Alves, R. Das and T. Morris, Virtualization of industrial control system testbeds for cyber security, Proceedings of the Second Annual Industrial Control System Security Workshop, pp. 10–14, 2016
Ross, R., McEvilley, M., Oren, J.: Systems Security Engineering: Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems, NIST Special Publication 800–160, vol. 1. National Institute of Standards and Technology, Gaithersburg, Maryland (2016)
J. Sahoo, S. Mohapatra and R. Lath, Virtualization: A survey of concepts, taxonomy and associated security issues, Proceedings of the Second International Conference on Computer and Network Technology, pp. 222–226, 2010
Skormin, V.: Introduction to Automatic Control, vol. I. Linus Publications, Ronkonkoma, New York (2009)
J. Szefer, E. Keller, R. Lee and J. Rexford, Eliminating the hypervisor attack surface for a more secure cloud, Proceedings of the Eighteenth ACM Conference on Computer and Communications Security, pp. 401–412, 2011
Technology Transfer Services, The Basics of PLC Operation, Technology Transfer Blog, Tampa, Florida (www.techtransfer.com/blog/basics-plc-operation), September 9, 2014
S. Yamamoto, T. Hamaguchi, S. Jing, I. Koshijima and Y. Hashimoto, A hot-backup system for backup and restore of ICS to recover from cyber attacks, in Advances in Human Factors, Software and Systems Engineering, B. Amaba (Ed.), Springer, Cham, Switzerland, pp. 45–53, 2016
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 IFIP International Federation for Information Processing
About this paper
Cite this paper
Birnbaum, Z. et al. (2020). Cyber-Resilient SCADA Systems via Secure State Restoration. In: Staggs, J., Shenoi, S. (eds) Critical Infrastructure Protection XIV. ICCIP 2020. IFIP Advances in Information and Communication Technology, vol 596. Springer, Cham. https://doi.org/10.1007/978-3-030-62840-6_9
Download citation
DOI: https://doi.org/10.1007/978-3-030-62840-6_9
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-62839-0
Online ISBN: 978-3-030-62840-6
eBook Packages: Computer ScienceComputer Science (R0)