Abstract
Several security mechanisms have been investigated and deployed that provide protection for real time platforms. Each security mechanism is contributed to enhance the SCADA system security, but at the same time, the mechanism is limited and depended on the other protocols for the purposes of message security, and its delivery. Few researches are conducted on security for SCADA broadcasting system, but these are limited to end-to-end designs and developments. The security developments for multicasting and broadcasting systems are much complicated, time consumed and/or overloaded with the cryptography mechanisms. After conducting the detail survey, a simulation environment for SCADA water pumping system is designed in-which number of nodes is configured and well known cryptography algorithms are selected, and deployed as an inclusive development for SCADA/DNP3 broadcasting system. The inclusive security development is considered with the best performance, and with predominant weakness in mind, which are present in SCADA/DNP3 broadcasting system. However, overall communication is initiated, monitored and controlled at main controller side with the user defined human machine interface (HMI).
Similar content being viewed by others
Avoid common mistakes on your manuscript.
1 Introduction
In SCADA (Supervisory control and data acquisition) system, numbers of field devices are remotely connected with main controller. At controller center, human machine interface (HMI) is designed with high definition resolution which visualizes the overall communication and performs data acquisition and operations of SCADA system. HMI is a major source for end users or operators to manage and control the field devices from control center. Usually, data acquisition and control information are visualized graphically which made convenient for SCADA operator [7, 25, 39, 42]. Meaning that, each end user can views the system processing and information in the style of mimic figures and using simulation designs [25, 39].
In simulation designs [7, 25, 28, 39], SCADA system is entirely presented and operators graphically in HMI. For example, in water pumping system the water levels are monitor using sensors. In-case water level is high or low in water tank, the sensors define the status and this status would be simultaneously visualized on HMI, at controller center. If number of sensors or other field devices are configured in SCADA system and generate the input/output points thus, all information or each device points are presented separately in integrated HMI.
In SCADA system, the nodes (or field devices) are connected with main controller and usually, the communication is also initiated and controlled from main controller. This type of communication is also designated as unbalanced systems, where main controller is authorized to initiates the communication. While in distributed network protocol (DNP3), which is designed as balanced systems [7, 42] provides advance characteristics and flexibilities, in which each and every node within SCADA hierarchical network is authorized to initializes the communication as primary or main controller with others as secondary or sub-controllers. In balanced systems, all configured nodes in the SCADA network are treated equally, and each node has right to initialize the communication. The terms unbalanced and balanced systems have created confusion at the data link layer of DNP3 protocol. At data link layer, it is difficult to identify which station is primary or secondary, when each node has equaled rights in balance systems. However, primary and secondary stations are distinguished at application layer of DNP3. Data link layer provides reliable communication between the recipients in SCADA system. At the data link layer, up to 65536 addresses are provided and the range FFF0-FFFF is designated for broadcasting communication [7, 42]. The message broadcasting is the important aspect of SCADA/ DNP3 system and usually, addresses are assigned logically to each participated node during SCADA broadcasting (transmission). In broadcasting, security is one of the major challenge because the initial design of DNP3 protocol is without any security concerns therefore, security mechanism is required that should able to provide protection [8, 9, 21, 24, 44].
A new trusted solution is implemented in SCADA system through TCP/IP protocols without accounts of performance impact [24, 28]. The research reviews the underlying security threads and specifies the recommendations for SCADA system such as intranet uses, security system requirements, security system implementation which includes active, passive, half-Active, and tunnel modes and secure system applications. Few challenges are specified against SCADA broadcasting security issues such as user authentication, access control, information interception or modification, and internet security [8, 9, 17, 21] and potential cyber-attacks are also analyzed in SCADA broadcasting transmission, such as unauthorized access, modifications, denial of service, eavesdropping, information leakage, masquerade, sniffers, repudiation, data alter, and others [10, 18, 26, 40]. As the result, security, access availability and reliability are the most importance performance factors acquired within SCADA system and must be achieved, while connected with open networks [24, 28]. Therefore, the proposed study reviews the importance of message broadcasting during unbalanced systems connectivity, over internet and subsequently, deployed an inclusive cryptography solution to overcome the security issues that are commonly founded in SCADA system [9, 21, 28, 32, 44].
Contribution
This study follows the concept of unbalance system of DNP3 protocol, the main controller is authorized to initiates the transmission, and transmits message to connected nodes in SCADA system. Using the phenomena of unbalance system, a new security development has made for SCADA/DNP3 broadcasting system.
2 Problem statement
The broadcasting communication is a main concerned of SCADA (Supervisory control and data acquisition) systems. In many situations, main controller transmits a message to each and every sub-controller which is connected in SCADA system (s). The message will be any type such as initiates communication, command, and alert alarm and file information [7]. In broadcasting transmission, security is a big issue that has been faced by SCADA systems such as electric stations, water pumping systems, wastes water system and oil and gas industries [7, 28, 33, 42]. Several security solutions have been employed to secure the SCADA systems, but they have several dependences, and limited to unicasting communication [28, 34, 41]. A cryptography based security solutions are accounted as best approaches for SCADA security enhancements, without any dependency from other protocols [12, 13, 22, 28].
At other side, the security developments via cryptography techniques are real in the case of SCADA broadcasting communication because these types of implementations are usually ponderous in the terms of key generation, and distribution with complex mathematical workflow [28, 38]. So, an optimized cryptography based security solution is required that significantly secure the SCADA broadcasting communication, without performance impact. In proposed implementation; an inclusive security mechanism via cryptography is selected with broadcasting aspects in mind and also significantly enhanced the SCADA security during message broadcasting.
Research objectives
The main objective of this study is threefold:
-
i.
A DNP3 stack is designed and security is deployed before broadcasting to open networks.
-
ii.
A new cryptography dynamic buffer (CDB) is employed, which keeps and tracks the information of protocol bytes, and security development.
-
iii.
SCADA/DNP3 testbed is designed to perform the experiments and to compute the security results for evaluation. The formal proofs are employed that validate the proposed security development.
3 Simulation model and design
In simulation, SCADA water pumping system is designed; information is collected through sensors, and delivered to sub-controllers. In system, water is collected from main storage and distributed to local storage through motor. A level sensor is directly attached with local storage which checks the water level inside the local storage (or tank) and pressure sensor is used to check water pressures (incoming/outgoing) inside the pipes. If the water level is according to set points of main controller then, operation either heating or cooling is performs. In-case, water is low inside local storage then; sub-controller deactivates the pumping operations and activates the water pump to fill the local storage according to set points.
Main controller set the points or transmits the bytes to, and remote units (RUs) set the instructions according to set points [33]. Typically, remote units (RUs) are connected with, and sensors are configured to send information that is relative with pumping system [28, 44]. In this study, word ‘simulation’ is used for water pumping system which takes the information from, and sensor controls with remote unit (RU). While each RU receives, and transmits the information from/to main controller. The word ‘testbed’ is used which shows the detail configuration and connectivity between main controller and remote units (RUs). Figure 1 shows the water pumping system with sensors connectivity.
The overall interaction between main controller and sub-controllers are specified by DNP3 protocol which employed non-proprietary protocol such as UDP (user datagram protocol) to communicate over internet [31]. In transmission, DNP3 protocol is act as upper layer or standing above then UDP [31, 34]. Meaning that, DNP3 frames are encapsulated in UDP packets and then, transmitted over internet. Upon receiving, sub-controllers response back to main controllers via TCP/IP protocols usually, the transmission is one-to-one or unicasting transmission [28]. At man controller side, human machine interface (HMI) keep and monitor the information of each sub-controller, and collected information would be simultaneously stored in historian or in database [28, 31]. In study, the historian is deployed in MySQL and DNP3 model is designed and deployed in C#.
3.1 DNP3 modeling and security development
In this section, we have explained the basic terminologies if DNP3 protocol message structure, basic bytes flow in stack, security development and formal proof, with corresponding examples.
DNP3 is a layered based open protocol, and based on enhanced performance architecture (EPA) model which has three layers in its stack such as application layer, data link layer and physical layer. DNP3 protocol adds additional layer called pseudo-transport layer which performs the limited functionalities of transport and network layers of OSI (open system interconnection) model [7, 42].
Figure 2 shows the DNP3 model design, in-which protocol bytes are constructed and security is deployed, and tested as additional layer at each layer of DNP3 protocol. Physical layer is not accounted because; DNP3 frames are directly encapsulated in UDP protocol which provides the services to make connectivity with remote devices through internet.
Random user bytes are received from human machine interface (HMI) (or user application layer) to application layer stack, these bytes are managed into fixed sized blocks called application service data units (ASDUs). Header bytes are added with ASDU/ASDUs which made the application protocol data unit (APDU). However, size of ASDU blocks are not fixed but each APDU size limited to 1990/1992 bytes, in-cases of sends/response message. Each ASDU block contains main two subfields including object header and data objects, while object header field contains 3—11 bytes information, and is further divided into three subfields including object (O), Qualifier (Q) and Range (R). More detail related with object header is depicted in Table 1 and the acronyms are not exactly defined by original documentation of DNP3 protocol [7, 28].
Two types of messages are defined at application layer such as, sending message form main controller and response message from sub-controller (s), The messages are distinct by header field or application protocol control information (APCI), sending message header contains two bytes length fields called application control AC) and function code (FC), while two additional bytes length is employed as internal indication (IIN) in response header or/and in response message [7, 28].
In APCI, number of function codes is employed to specify the meaning of message in the cases of send message and response message. The application layer function codes, and related fields information of sending/response message are as follows [7]:
In Table 2, the security bytes such as IE, EE, 1A and EE, are sampled specified bytes which indicate the security development of application layer message. In other words, these bytes represent the security codes which ensure that security has been deployed and should be tested at other side (or at receiver side). The bytes shown as ‘XX’ are bytes which are not placed in command (or message). The shaded area shows the padding bytes which ensure that bytes are constructed with security development within boundary of application layer stack.
The application layer or APDU bytes are treated as user bytes in pseudo-transport layer. We can also say that, APDU bytes are assembled as transport service data unit (TSDU) bytes in pseudo-transport layer and further subdivide into fixed size data block, and each block size is limited up to 249 bytes. One byte length of header field or transport protocol control information (TPCI) is added with each data block and transport protocol data unit (TPDU) is formed. At received side, the TPCI is stripped off from each data block and TSDU bytes are reformed which should be further employed at application layer. The keyword ‘pseudo’ is placed with transport layer which performs the limited functionalities of transport layer and network layer of OSI seven layer model.
Each TPDU is limited up to 250 bytes in length and further assemble as link service data unit (LSDU) in data link layer of DNP3 protocol. Link header field or link protocol control information (LPCI) contains 10 bytes and added with LSDU, which makes the link protocol data unit (LPDU) or frame. In link layer, each frame size is limited up to 260 bytes, plus 32 bytes of cyclic redundancy check (CRC). However, in this research the CRC bytes are considered as optional bytes or would be unitized in cryptography dynamic buffer (CDB), upon needs [28, 40].
Data link layer is used to setup the logical connection between sender and receiver and keeps reliable message (or data) communication over physical channel. In LPCI, 2 bytes are allocated to source and destination addresses, which define 65536 distinct addresses and the addresses range FFF0–FFFF is designated for broadcasting communication. The terms balance and unbalance systems are also specified at data link layer. In balance system, each node can initials the communication either main controller or sub-controller (s). In this research, unbalance system is employed therefore; only main controller is authorized to initiates communication and sub-controllers should response accordingly. In LPCI, number of function codes is defined that perform initialization operation, and also test the logical connectivity between main controller and sub-controller (s) [7]. Some link layer function codes and corresponding descriptions are depicted in Table 3.
-
Algorithm: bytes flow within DNP3 Stack: Logical ‘n’ bytes are being broadcasted from main controller to remote units (RUs). The bytes are constructed and manipulated in SCADA/DNP3 protocol (stack) and then, encapsulated in UDP protocol in internet protocol suite which defines the ways to transmit DNP3 protocol frames to the destination address.
-
1: Compute application layer message as X f(D, H), number of ‘X’ bytes are received from user application layer and function ‘f’ is performed to compute the data bytes and header bytes.
$$ {f}_1\to \mathrm{Comp}\left(\mathrm{D},\mathrm{H}\right),\kern0.5em {f}_1\in f $$Here, the compute bytes or f 1 → Comp(D) are application services data unit (ASDU) bytes and application protocol control information (APCI) bytes as f 1 → Comp(H) are added to form the application protocol data unit (APDU). Each APDU size is limited to 1992 bytes.
$$ =\sum_{k=0}^n{\left[\mathrm{Comp}\left(\mathrm{D}\right),\mathrm{Comp}\left(\mathrm{H}\right)\right]}^n $$Fragment = APDU = APCI+ ASDU
Request: APCI or header = 1 byte (AC) + 1 byte (FC) = 2 bytes
Reponses: APCI = 1 byte (AC) + 1 byte (FC) + 2 bytes (IIN) = 4 bytes
Application Control (AC):
[FIR, FIN, CON, SEQ Number] // Application Control Field
[FIR, FIN, CON, MU/RU Timeout] // Application Flow Control
Function Code (FC): Code = ‘0’ is used for confirmation and other detail codes are depicted in Table 2.
Here are some flow sequences which show the general transaction of message (or bytes) followed by format as [FIR, FIN, CON, SEQ Number] or [First APDU, Final APDU, Confirmation, sequence]. These flows are optional, and employed to understand the basic message transactions of DNP protocol.
-
Flow 1: Single APDU request from MU to RU without Confirmation:
Master application control = MU_AC [1, 1, 0, 9] // Request send to RU without Confirmation.
If RU send response to MU request .Then,
Master application control = MU_AC [1, 1, 0, 9] // Confirmation from MU
-
Flow 2: Single APDU request from MU to RU with Confirmation:
Master application control = MU_AC [1, 1, 1, 9] // Request send to RU with Confirmation
If RU sends response to MU request. Than Master application control = MU_AC [1, 1, 0, 9] // Confirmation from MU
-
Flow 3: Single APDU request from MU to RU and multiply APDUs response from RU to MU, without Confirmation:
Master application control = MU_AC [1, 1, 0, 5] // Request send to RU without Confirmation
RU send response to MU requested APDU 1
Master application control = MU_AC [1, 1, 0, 5] // Confirmation from MU
RU send response to MU requested APDU 2
Master application control = MU_AC [1, 1, 0, 6] // Confirmation from MU
-
Flow 4: Single APDU request from MU to RU and multiply APDUs response from RU to MU, with Confirmation:
Master application control = MU_AC [1, 1, 1, 5] // Request send to RU with Confirmation
RU sends confirmation to MU.
RU send response to MU requested APDU 1
Master application control = MU_AC [1, 1, 0, 5] // Confirmation from MU
RU send response to MU requested APDU 2
Master application control = MU_AC [1, 1, 0, 6] // Confirmation from MU
After construction of application protocol data unit (APDU) bytes with/without confirmation bit from application layer, control is shifted to lower layers of SCADA/DNP3 protocol.
-
-
2: Compute Pseudo-Transport message as Q f(D, B, H), ‘Q’ bytes of application layer are assembled and function ‘f’ is performed to compute the data bytes (D), data blocks (B) and header bytes (H).
APDU bytes are received from application layer and assembled as TSDU bytes (or data bytes). We can also say, the APDU bytes are directed mapped with TSDU bytes.
$$ {f}_2\to \left(\mathrm{Q}\to \mathrm{D}\right) $$The TSDU bytes are distributed in number of data blocks (B) and each block contains 249 bytes.
D ~ B (b 0, b 1, b 2, ….., b n and f 2 → Comp(B, H), f 2 ∈ f
Here, the compute bytes or f 2 → Comp(B) are data blocks and transport protocol control information (TPCI) bytes as f 2 → Comp(H) are added to form the transport protocol data unit (TPDU). Each TPDU size is limited to 250 bytes.
$$ ==\sum_{k=0}^i{\left[\mathrm{Comp}\left(\mathrm{B}\right),\mathrm{Comp}\left(\mathrm{H}\right)\right]}^i $$ -
Compute Data Link layer message as J f(D, H), maximum of ' J ' bytes are received and assembled as user bytes from pseudo-transport layer and function ‘f’ is performed to compute the data bytes (D) and header bytes (H).
$$ {f}_3\to \mathrm{Comp}\left(\mathrm{D},\mathrm{H}\right),\kern0.5em {f}_3\in f $$Here, the compute bytes or f 3 → Comp(D) are link services data unit (LSDU) bytes and link protocol control information (LPCI) bytes as f 3 → Comp(H) are added to form the link protocol data unit (LPDU). Each LPDU size is limited to 260 bytes, plus optional CRC bytes.
$$ =\sum_{k=0}^l{\left[\mathrm{Comp}\left(\mathrm{D}\right),\mathrm{Comp}\left(\mathrm{H}\right)\right]}^l $$Link Protocol Data Unit (LPDU) = LPCI+ LSDU = 292 bytes
LPCI (Link protocol control information) or header = 2 byte (Start) + 1 byte (Length) + 1 byte (Control) + 2 byte (Destination Address) + 2 byte (Source Address) + 2 byte (CRC, Optional) = 10 bytes
LSDU (Link Service Data Unit) or Data bytes = 250 byte
Subsequently, data link layer frames are encapsulated into internet protocol suite in-placed of original physical layer of DNP3 protocol. The functions or f 0, f 1, f 2, f 3 ∈ f and f 0 is employed for special purposes such as test bytes status and perform bytes padding.
More precisely, we have conducted some tests to check the DNP3 protocol stack bytes flow during request and response messages through protocol test harness [43]. More detail is visualized in following screen shots or in Figs. 3 and 4.
-
In below sections, security is implemented within DNP3 protocol stack, a new inclusive scenario is designed to visualize and representation the logical bytes of DNP3 stack with security bytes and in last section, cryptography dynamic buffer (CDB) is employed which keeps the information of whole security development.
3.2 New DNP3 stack design and bytes representation
In Fig. 5, a new detail DNP3 logical stack has been designed which shows the bytes flow from upper layer to lower layer and/or vice versa, with security implementation bytes. Logical 48 bytes are shown in application layer buffer, which represent the constructed bytes included user bytes, application layer header bytes and cryptography bytes (security implementation bytes). These bytes are constructed and placed in number of rows as RW0 to RW9 and columns ‘CL0’ to ‘CLn’ with corresponding offsets. The value ‘n’ shows the total number of bytes within columns but number of rows is fixed up to nine (or 0—9). Usually, in application layer the request or response bytes are placed and distinct by header bytes and communication is flown as unicast. While during broadcasting of bytes from main controller to several receivers, the address range such as FFF0-FFF is added in link layer header fields: source field and destination address field, based on network setup [7, 40]. The cases, which have been occurred during logical communication of application layer from sender to receiver and/or vice versa, plus pseudo-transport layer and data link layer flows are as followed:
The APDU bytes are constructed in application layer with the implementation of security, then bytes are passed to lower layer for further processing [7, 28]. The shaded bytes in whole DNP3 stack are representing the padding bytes and the bytes ‘xx,xx,xx,….’, are allocated for CDB, while the bytes in row no.9 with corresponding offset 0x0100 are reserved for especial cases or future development. The more detail related with bytes representation is depicted in Table 4.
The proposed study trends to secure the SCADA/DNP3 broadcasting system using cryptography mechanism. In cryptography [28, 38], public key encryption flow is not appropriates for broadcasting communication, the main reasons indentified by study are: the number of keys generation, keys distribution and keys utilization [19, 47]. Therefore, this study used symmetric and hashing algorithms to enhance the security of SCADA/DNP3 system during bytes broadcasting from main controller to remote units (RUs).
3.3 Security implementation
Two security developments are made to observe the level of security during SCADA/DNP3 broadcasting transmission, and designated as S-bed1 and S-bed2, In S-bed1; 3-way hashing is computed in-which SHA-2 algorithm is deployed at each layer means that, SHA-2 is deployed at application layer, pseudo-transport layer and data link layer of DNP3 and symmetric encryption using AES algorithm is deployed at application layer. In security development or S-bed2; 3-way hashing function is deployed at each layer which is application layer, pseudo-transport layer and data link layer of DNP3 and symmetric encryption is deployed at application layer and data link layer. More detail related with security development is illustrated in Fig. 6, while in Table 5 cryptography algorithms are selected at each layer in DNP3 stack and shaded area shows the absence of security implementation (or symmetric encryption).
Significance
The security developments such as S-bed1 and S-bed2 are tested in SCADA/DNP3 testbed setup (or network setup) illustrated in Fig. 8. Subsequently in Fig. 10, the range of RUs is increased up to sixteen with additional router ‘R4’ and switch ‘S3’, and also afterward, to check the level of security during traffic increased.
Proof (Security Development and message broadcasting)
The BR = (1, 2, 3,…., n-1, n) is a set of recipients R, which have received the broadcasting message ‘M’ from main controller ‘C’. The number of recipients in set ‘BR’ is static and ‘n’ is generated by controller ‘C’. Such that,
Xf ∧Qf ∧J f ⊆ Mf, which have constructed in DNP3 stack through function ' f '.
The functions μ, α, and β are security computing functions which perform the encryption (E) and hashing (H). ε
-
Bytes Broadcast:
$$ \forall {\mu}_{\left(E,H\right)}^{AL}:f\left\{{\displaystyle \sum_i^k}{\mu}^{AL}\left(f:\mathrm{X}\right)\right\}\Rightarrow \forall {\alpha}_{(H)}^{TL}:f\left\{{\displaystyle {\sum}_i^k{\alpha}^{TL}}\left(f:Q\right)\right\}\Rightarrow \forall {\beta}_{(H)}^{DL}:f\left\{{\displaystyle \sum_i^k}{\beta}^{DL}\left(f:J\right)\right\}\in {\mathrm{M}}^f\left|\right|CDB:\mathrm{B}R\left({\mathrm{R}}_{\left(i\dots ..,\ n-1,\ n\right)}\ \right) $$(1) -
Bytes Received: Direct Function
$$ \forall {\beta}_{(H)}^{DL}:f\left\{{\displaystyle \sum_i^k}{\beta}^{DL}\left(f:J\right)\right\}\Rightarrow \forall {\alpha}_{(H)}^{TL}:f\left\{{\displaystyle {\sum}_i^k{\alpha}^{TL}}\left(f:Q\right)\right\}\Rightarrow \forall {\mu}_{\left(E,H\right)}^{AL}:f\left\{{\displaystyle {\sum}_i^k{\mu}^{AL}}\left(f:X\right)\right\}\in {\mathrm{M}}^f\left|\right|CDB $$(2) -
Bytes Received: In-Direct Function. Eq. (2) ⟹
$$ \mathrm{R}:\ {f}_n:{j}_{f_{\to }{f}_n}^{DL}\left\{{f}_r:{j}_{HB}\left(f:{j}_{UB}^{DL},f:{j}_{CRC}^{DL}\right)\right\}\Rightarrow \mathrm{R}:{f}_n:{j}_{f_{\to }{f}_n}^{DL}\left({j}_{UB}^{DL}\right)\in {\mathrm{M}}^f\left|\right|CDB $$(2.1)$$ \mathrm{R}:\ {f}_n:{Q}_{f_{\to }{f}_n}^{TL}\left\{{f}_r:{\mathrm{Q}}_{HB}\left(f:{Q}_{UB}^{TL}\right)\right\}\Rightarrow \mathrm{R}:{f}_n:{Q}_{f_{\to }{f}_n}^{TL}\left({Q}_{UB}^{TL}\right)\in {\mathrm{M}}^f\left|\right|CDB $$(2.2)$$ \mathrm{R}:\ {f}_n:{\mu}_{f_{\to }{f}_n}^{AL}\left\{{f}_r:{\mu}_{HB}\left(f:{\mu}_{UB}^{AL}\right)\right\}\Rightarrow \mathrm{R}:\ {f}_n:{\mu}_{f_{\to }{f}_n}^{AL}\left({\mu}_{UB}^{AL}\right)\in {\mathrm{M}}^f\left|\right|CDB $$(2.3)Splitting of header bytes ‘HB’ from user bytes’UB’ within each layer of DNP stack and subsequently, bytes are utilized at upper layer. Where ‘i’ represents the total number of bytes generated within stack with limit ‘k’ and ‘CDB’ shows the number of bytes utilized during security deployment. If the optional confirmation bit is set in message broadcast then, each recipient reply followed by one-to-one or unicast communication.
3.4 Cryptography dynamic buffer
In Fig. 4, the cryptography dynamic buffer (CDB) contains number of fields including source address, destination broadcasting addresses, cryptography key sequence, cryptography (bytes): dynamic storage (bytes), option (bytes), padding (dynamic bytes), acknowledgment, non-critical (bytes), critical (bytes), and solution (select method) [40]. CDB is employed to keep the tracks of security in proper sequence and store and monitor the overall information of stack and security development. The CDB is based on 56 bytes from application layer stack and remaining 1992 bytes are constructed as application protocol data unit (APDU) bytes which would further utilize in lower layer (s) of DNP3. More detail related with CDB fields is depicted in Table 6.
The performance measurements in Fig. 7 shows that CDB space is sufficient during security development and relevant information storage, even in-case of maximum bytes have been received from application layer.
4 Testbed configuration and setup
In SCADA tesbed in Fig. 8, eight remote units (RUs) are employed which are indirectly connected with the physical environment through the direct access of sensors in water pumping system. Four remote units (RUs) are located in station 1 and remaining RUs are located in station 2, and are monitored and controlled from main controller (side). Main controller is superior in SCADA network, which is designed and configured to control, and to send supervisory commands to designated remote units (RUs) [28, 31]. In station 1, remote units (RUs), such as RU1, RU2, RU3, and RU4, are connected with switch ‘S1’; while in station 2, remote units (RUs), such as RU5, RU6, RU7, and RU8, are connected with switch ‘S2’. Main controller initiates the transmission and broadcast the message (or command) to each station via router ‘R1’, which is configured and further connected and/or accessed with the designated routers 2 and 3. This study follows a static structure for SCADA/DNP3 broadcasting system, in which, remote units (RUs) are defined and known in advance, and accounted at main controller side. As consequence to restrict the dynamic entry of RU, the man-in-the-middle attack could not successful in broadcasting communication [3, 14, 29]. Figure 9 shows the SCADA lab views where the measurements are conducted.
In Fig. 10, the remote units (RUs) are increased up to sixteen. The additional eight remote units (RUs), such as RU9, RU10, RU11, RU12, RU13, RU14, RU15, and RU16, are located in station 3 via switch ‘S3’ and router ‘R4’, and are statically configured and/or updated at main controller side or in routing table of Router ‘R1’.
Two security developments have been made for SCADA broadcasting communication followed by the scenario of Figs. 8 and 10. Thus, the shorter name is assigned for each security development as S-bed1 and S-bed2.
5 Performance measurement and analysis
In Table 7, the attacks including, authentication attacks: guessing shared key, brute force, and password guessing; integrity attacks: frame injection, data replay, and data deletion; and confidentiality attacks: eavesdropping, key cracking, and man-in-the-middle, are launched by employing of attack tools such as, cracking tools, sniffer, dsniff, winsniffer, and password dictionary for authentication attacks; airpwn, file2air, dinject/reinject, capture and injection tools, jamming and injection tools for integrity attacks; and ethereal, ettercap, kismet, aircrack, airsnort, dsniff, and ettercap for confidentiality attacks, which interrupt/change the normal flow of SCADA broadcasting transmission (or warm the SCADA broadcasting traffic) [12, 28, 31]. The attack tools are employed and designated as potential attackers for SCADA/DNP3 broadcasting system, and to change the normal sequence of communication in between the main controller and the remote units (RUs). The performances that were observed during abnormal scenarios prove the validation (process) of security implementation and also assess the security that attained corresponding to impact, and attack impact percentages were measured on the basis of attack detection percentages in broadcasting system. For example, some attacks were detected but their influences (or impacts) were minimal or equivalent to zero thus, these attacks are not accounted in total of attacks detection percentages.
In performance Fig. 11, the attack detection is 15 percentages, while attack impact on system is 7 percentages and security attained is approximately 93 percentages, which validate the proposed security implementation. At the other side in performance Fig. 12, the attack detection and impact percentages have decreased to 8 percentages and 3 percentages, and the security is increased up to 97 percentages in SCADA/DNP3 broadcasting system. The total number of authentication and confidentiality attacks exceed due to the absence of symmetric encryption at data link layer, which created performance difference between S-bed1 and S-bed2 measurements.
In performance Fig. 13, the network traffic has been increased and successful experiments are performed 100 times to measure the security level during abnormal communication. As results analysis, the level of security is decreased as increasing of network nodes within SCADA/DNP3 testbed. As consequence, this study also shows the significant security enhancement while comparing with existing works [1, 4–6, 11, 23, 27, 30, 32].
6 Related study
Four field devices are employed to conduct the experiments. Master station or ‘merging unit (MU)’ send the message to remote station or substation with the speed of 960 Hz. Upon remote station message receive; the intelligent electronic device (IED) collect and sends back response to master station through remote station. If IED detects any intrusion or anomaly during transmission, then response ‘GOOSE message’ is transmitted back to master station and further processing (of actuator functions) will depend on master station acknowledgment. As the result; message authentication, confidentiality and integrity mechanisms have been deployed between master station and remote station, using of advance encryption standard (AES) 256, HMAC and MD5 as part of cryptography [2, 22, 35]. The IEC 61850 standard is used to simulate the SCADA communication between the field devices and deployed the cryptography solutions for message security. The performance overhead is also calculated that is based on encryption and decryption operations [16, 36, 45].
Traditionally, control systems had been designed without security consideration in mind and emphasize only on physical security. Nowadays, large number of developments relevant with SCADA security is conducted such as using firewalls, DMZs and other Key encryption and distribution solutions, but these developments are based on end-to-end message delivery [20, 28]. Schweitzer Engineering Laboratories, Inc reviews several exiting security developments and then an inclusive security solution is proposed for SCADA electric industry, and cryptography based solutions are suggested as best approaches for SCADA system security. The research paper [13] provides detail review: on cryptography algorithms, their implementation, advantages and disadvantages of cryptography solutions, and the major attacks that creates vulnerabilities in SCADA communication [33, 34, 46].
A message is encrypted at master station and transmitted to all remote stations within SCADA network. Upon receiving, each remote station performs decryption process using asymmetric keys. This approach is infeasible because same message is encrypted many times and all stations have acquired to generate the public and private keys during SCADA broadcasting communication [38]. In another research; master station generates multiple packets and encrypts each packet with each remote station public key, but this solution acquired much time and also impact on performance. The hash function provides integrity mechanism and safety measurements from attacks, such as data reply, data modify, and data delete. Master station generates the hash digest of message that is being transmitted to remote stations and also encrypts the hash digest with private key; this function act as digital signature [28, 34]. Upon receiving at each remote station; each station uses master public key to decrypt the message. This would verify and concludes that the message is secured and unauthorized entity (or attacker) is involved during transmission. The encryption and hash functions are placed at the each end of IEC 61850 protocol message header that are to achieve the security goals, such as authentication and integrity, within SCADA communication [15, 22, 37, 45].
7 Conclusion and future work
Security is a main concern that has been accounted in information technology (IT), many security mechanisms are available but are limited in design and development for secure SCADA broadcasting system, and are also not commonly available for the traditional systems. In this study, an inclusive development was made that secure the SCADA/DNP3 broadcasting system with the best performance evaluation and validation of security, which have been measured in abnormal communication. As consequence, the performance results concluded that the level of security is successfully enhanced for SCADA/DNP3 broadcasting system, while implementing of proposed inclusive security within SCADA/DNP3 protocol before transmitting the protocol bytes to open protocols or networks.
In the future work, the proposed inclusive security solution will be deployed and tested in real environment in which hundreds of SCADA nodes are interconnected with main controller and/or several sub-controllers are interconnected with main-controller, as similar to distributed computing. However, the proposed security development was limited in the terms to contribute for other security parameter, such as non-repudiation. In cryptography, the digital signature algorithm is available and considered as a best approach for achieving of non-repudiation security for sensitive information. Therefore, digital signature algorithm would be deployed to keep the SCADA/DNP3 broadcasting system secure against non-repudiation attacks.
References
Arango IM, Izquierdo J, Campbell E, Pérez-García R (2014) Cloud-based decision making in water distribution systems. Procedia Eng 2014(89):488
Benrhouma O, Hermassi H, Benrhouma O, Hermassi H, Belghith S (2015) Security analysis and improvement of a partial encryption scheme. Multimed Tools Appl 74(11):3617–3634. doi:10.1007/s11042-013-1790-4
Bhattacherjee S, Palash S (2013) Complete tree subset difference broadcast encryption scheme and its analysis. Des Codes Crypt 66(1–3):335–362
Chen HC (2013) Secure multicast key protocol for electronic mail systems with providing perfect forward secrecy. Security Comm 2013 Net 6:100–107. doi:10.1002/sec.536
Cho EJ, Hong CS, Lee S, Jeon S (2013) A partially distributed intrusion detection system for wireless sensor networks. Sensors 13(12):15863–15879. doi:10.3390/s131215863
Chunsheng G, Jixing G (2014) Known-plaintext attack on secure kNN computation on encrypted databases. Security Comm Net 2014(7):2432–2441. doi:10.1002/sec.954
Clarke D, Reynders E Wright (2004) Practical Modern SCADA Protocols: DNP3, 60870.5 and Related Systems
Coates, G. M.Hopkinson, K.M., Graham, S. R., Kurkowski, S.H (2008) Collaborative, Trust-Based Security Mechanisms for a Regional Utility Intranet. Power Systems, IEEE Transactions 2008, Volume:23, Issue: 3, 10.1109/TPWRS.2008.926456
Coates, G. M. Hopkinson, K.M., Graham, S. R., Kurkowski, S.H. (2010) A Trust System Architecture for SCADA Network Security. Power Delivery, IEEE Transactions, Volume: 25, Issue: 1, 10.1109/TPWRD.2009.2034830
Davis JE, Okhravi TH, Grier C, Overbye TJ, Nicol D (2006) SCADA cyber security testbed development. Power Symp 2006, NAPS, 38th North American, IEEE. doi:10.1109/NAPS.2006.359615
Eghbal Ghazizadeh, Mazdak Zamani, Jamalul-lail Ab Manan, Mojtaba Alizadeh (2014) Trusted Computing Strengthens Cloud Authentication. The Scientific World Journal, vol. 2014, Article ID 260187, 17 pages, doi:10.1155/2014/260187
El Mrabet N, Fournier JJA, Louis G, Ronan L (2015) A survey of fault attacks in pairing based cryptography. Cryptogr Commun 7(1):185–205. doi:10.1007/s12095-014-0114-5
Fujisaki E, Okamoto T. (1999) Secure integration of asymmetric and symmetric metric encryption schemes. In Advances in Cryptology – CRYPTO’99, LNCS, Vol.1666. Spring-Verlag, 537–554
Gentry C, Waters B (2009) Adaptive security in broadcast encryption systems (with short Ciphertexts). advances in cryptology - EUROCRYPT 2009. Lecture Notes in Comput Science 5479:171–188. doi:10.1007/978-3-642-01001-9_10
Herbert F (2008) Securing IEC 61850. Power and Energy Society General Meeting - Conversion and Delivery of Electrical Energy in the 21st Century 2008, IEEE, doi:10.1109/PES.2008.4596335
Hong S (2010) Experiments for embedded protection device for secure SCADA communication. Power and Energy Eng Conf (APPEEC). doi:10.1109/APPEEC.2010.5448606
Jang U, Lim H, Kim H (2014) Privacy-enhancing security protocol in LTE initial attack. Symmetry 6:1011–1025
Jeong-Han Yun, Sung-Ho Jeon, Kyoung-Ho Kim, Woo-Nyon Kim (2013) Burst-based Anomaly Detection on the DNP3 Protocol. International Journal of Control and Automation, Vol. 6, No. 2
Jongkil Kim, Susilo, W., Man Ho Au, Seberry, J (2015) Adaptively Secure Identity-Based Broadcast Encryption With a Constant-Sized Ciphertext. Information Forensics and Security, IEEE Transactions on, vol.10, no.3, pp.679,693, doi: 10.1109/TIFS.2014.2388156
Kang, H. M. Kim. (2007) A Proposal for Key Policy of Symmetric Encryption Application to Cyber Security of KEPCO SCADA Network. FGCN ’07 Proceedings of the Future Generation Communication and Networking 2007,Volume 02, doi:10.1109/FGCN.2007.36
Kang DJ, Joo LJ, Joo KS, Hyuk PJ (2009) Analysis on cyber threats to SCADA systems. Trans Distrib Conf Expos Asia and Pacific 2009, IEEE. doi:10.1109/TD-ASIA.2009.5357008
Khalil IM, Khreishah A, Azeem M (2014) Cloud computing security: a survey. Computers 3(1):1–35. doi:10.3390/computers3010001
Kim I, Oh D, Yoon MK, Yi K, Ro WW (2013) A distributed signature detection method for detecting intrusions in sensor systems. Sensors 2013 13(4):3998–4016. doi:10.3390/s130403998
Kiuchi, M. Serizawa, Yoshizumi (2009) Security technologies, usage and guidelines in SCADA system networks. ICCAS-SICE, IEEE,IAN: 10982993
Krajewski J (2014) Situational awareness –the next leap in industrial human machine interface design. Schneider Electric 2014:1–11
Lee C-M (2015) Criminal profiling and industrial security. Multimed Tools Appl 74(5):1689–1696. doi:10.1007/s11042-014-2014-
Moon D, Im H, Lee JD, Park JH (2014) MLDS: multi-layer defense system for preventing advanced persistent threats. Symmetry 2014 6(4):997–1010. doi:10.3390/sym6040997
Musa, A. Shahzad, A.Aborujilah (2013) Secure security model implementation for security services and related attacks base on end-to-end, application layer and data link layer security. Proceeding ICUIMC ’13 Proceedings of the 7th International Conference on Ubiquitous Information Management and Communication 2013, doi:10.1145/2448556.2448588
Nikolic I, Wang L, Wu S (2015) The parallel-cut meet-in-the-middle attack. Cryptogr Commun 7(3):331–345. doi:10.1007/s12095-014-0118-1
Obaidat MS, Woungang I, Dhurandher SK, Koo V (2014) A cryptography-based protocol against packet dropping and message tampering attacks on mobile ad hoc networks. Security Comm Net 2014(7):376–384. doi:10.1002/sec.731
Patel SC, Bhatt GD, Graham JH (2009) Improving the cyber security of SCADA communication networks. Commun ACM 52(7):139–142. doi:10.1145/1538788.1538820
Premnath A.P., Ju-Yeon Jo, Yoohwan Kim (2014) Application of NTRU Cryptographic Algorithm for SCADA Security. Information Technology: New Generations (ITNG) 2014, 11th International Conference on, vol., no., pp.341, 346, 7–9, doi: 10.1109/ITNG.2014.38
Risley, J. Roberts, P. Ladow. (2003) Electronic Security Of Real-Time Protection and Scada Communications. Schweitzer Engineering Laboratories Inc 2003, https://www.selinc.com/WorkArea/linkit.aspx
Robles RJ, Balitanas M, Kim T-h (2011) Security encryption schemes for internet SCADA: comparison of the solutions. Commun Comput Inf Sci 2010 223:19–27. doi:10.1007/978-3-642-23948-9_4
Robles RJ, Kim T-h (2010) An encryption scheme for communication internet SCADA components. Commun Comput Inf Sci 2010 74:56–64. doi:10.1007/978-3-642-13346-6_6
Robles, R., Kim, T.H. (2012) Encryption Schemes Applied in SCADA Components Communication. 15, (3) pp. 1241–1252. ISSN 1344–8994, Refereed Article, University of Tasmania, http://ecite.utas.edu.au/8309
Saxena, O. Pal, S. Saiwan, Z. Saquib (2011) Token Based Key Management Scheme for SCADA Communication. International Journal of Distributed and Parallel Systems (IJDPS) 2011, Vol.2, No.4, http://airccse.org/journal/ijdps/papers/0711dps07.pdf
Saxena A, Pal O, Saquib Z (2011) Public Key cryptography based approach for securing SCADA communications. Commun Comput Inf Scie 142(2011):56–62. doi:10.1007/978-3-642-19542-6_10
Shahzad A, Irfan SM (2014) Deployment of New dynamic cryptography buffer for SCADA security enhancement. J Appl Sci. doi:10.3923/jas.2014.2487.24
Sommestad, T., Ericsson, G.N., Nordlander, J (2010) SCADA system cyber security — A comparison of standards. Power and Energy Society General Meeting, 2010 IEEE, vol., no., pp.1,8, doi: 10.1109/PES.2010.5590215
Stouffer J, Falco K Kent (2006) Guide to Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems Security. Recommendations of the National Institute of Standards and Technology
Test Harness, Triangle MicroWorks, www.trianglemicroworks.com
Wang Chunlei; Fang Lan; Dai Yiqi (2010) A Simulation Environment for SCADA Security Analysis and Assessment. Measuring Technology and Mechatronics Automation (ICMTMA) 2010, International Conference on, vol.1, no., pp.342,347, 13–14, doi: 10.1109/ICMTMA.2010.603
Yoo H, Shon T (2015) Novel approach for detecting network anomalies for substation automation based on IEC 61850. Multimed Tools Appl 74(1):303–318. doi:10.1007/s11042-014-1870-0
Zhang Y, Xiao Y, Ghaboosi K, Zhang J, Deng H (2012) A survey of cyber crimes. Secur Comm Net 5:422–437. doi:10.1002/sec.331
Zhu, Wen Tao (2013) Towards secure and communication-efficient broadcast encryption systems. Journal of Network and Computer Applications 36.1 (2013): 178–186.
Acknowledgment
This research was supported by next generation information computing development program through the national research foundation of Korea, and funded by the ministry of science, ICT & Future Planning (2012M3C4A7033348).
Author information
Authors and Affiliations
Corresponding authors
Rights and permissions
About this article
Cite this article
Shahzad, A., Lee, M., Lee, C. et al. The protocol design and New approach for SCADA security enhancement during sensors broadcasting system. Multimed Tools Appl 75, 14641–14668 (2016). https://doi.org/10.1007/s11042-015-3050-2
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11042-015-3050-2