Toward Open Source Intrusion Tolerant SCADA Trevor Aron JR Charles Akshay Srivatsan Mentor: Marco Platania.

Slides:



Advertisements
Similar presentations
Distributed Systems Major Design Issues Presented by: Christopher Hector CS8320 – Advanced Operating Systems Spring 2007 – Section 2.6 Presentation Dr.
Advertisements

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
Joint Program Office for Special Technology Countermeasures Joint Program Office for Special Technology Countermeasures JPOSTCJPOSTC JPOSTCJPOSTC Briefing.
Team Dec13_11: Cole Hoven Jared Pixley Derek Reiser Rick Sutton Adviser/Client: Prof. Manimaran Govindarasu Graduate Assistant: Aditya Ashok PowerCyber.
Cyber Security and Privacy Issues in Smart Grids Presenter: Hongwei Li.
Smart Grid Projects Andrew Bui.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Smart Grid Cyber Security Framework
2/23/2009CS50901 Implementing Fault-Tolerant Services Using the State Machine Approach: A Tutorial Fred B. Schneider Presenter: Aly Farahat.
SCADA SYSTEM CLASSIFICATION
Applied Cryptography for Network Security
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
 A system consisting of a number of remote terminal units (or RTUs) collecting field data connected back to a master station via a communications system.
Introduction to wind parks SCADA systems
Secure Systems Research Group - FAU 1 SCADA Software Architecture Meha Garg Dept. of Computer Science and Engineering Florida Atlantic University Boca.
Annarita Giani, UC Berkeley Bruno Sinopoli & Aakash Shah, Carnegie Mellon University Gabor Karsai & Jon Wiley, Vanderbilt University TRUST 2008 Autumn.
A Critical Infrastructure Testbed for Cybersecurity Research and Education Ai Onda, Kalana Pothuvila, Joseph Urban, and Jordan Berg Abstract Awareness.
Title Month Year John Richmond
Towards a Distributed, Service-Oriented Control Infrastructure for Smart Grid ASU - Cyber Physical Systems Lab Professor G. Fainekos Presenter: Ramtin.
K E M A, I N C. Current Status of Cyber Security Issues 2004 Keynote Address Joe Weiss January 20, 2004.
Critical Information Infrastructure Protection: Urgent vs. Important Miguel Correia 2012 Workshop on Cyber Security and Global Affairs and Global Security.
An Introduction to SCADA Fundamentals and Implementation
SCADA and Telemetry Presented By:.
G650 Generator Protection & Control System
Cyber Security of SCADA Systems Testbed Testbed Development Group Members: Justin Fitzpatrick Rafi Adnan Michael Higdon Ben Kregel Adviser: Dr. Manimaran.
Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus
SCADA FOR WATER DISTRIBUTION IC DEPT. GECGn SEC28.
Management Information Systems
REAL-TIME SOFTWARE SYSTEMS DEVELOPMENT Instructor: Dr. Hany H. Ammar Dept. of Computer Science and Electrical Engineering, WVU.
Cryptography and Network Security
1 ● Plant Automation Security Review of Cyber Security Attack at Maroochy Water Services ● Bradley Yager ● National Business Development Manager – Telemetry.
College of Engineering and Architecture Using Information to Increase Power Reliability and Reduce Vulnerability Anjan Bose Washington State University.
1 System Models. 2 Outline Introduction Architectural models Fundamental models Guideline.
CH2 System models.
Enterprise PI - How do I manage all of this? Robert Raesemann J Jacksonville, FL.
Computer Science Open Research Questions Adversary models –Define/Formalize adversary models Need to incorporate characteristics of new technologies and.
SECURITY ZONES. Security Zones  A security zone is a logical grouping of resources, such as systems, networks, or processes, that are similar in the.
1 Monitor System Reliability alarm on demand, sag/surge, and etc. Perform Advanced Power Quality Analysis provide real-time trending. Centralized.
1 Smart Grid Cyber Security Annabelle Lee Senior Cyber Security Strategist Computer Security Division National Institute of Standards and Technology June.
Unit 5 CONTROL CENTERS AND POWER SYSTEM SECURITY.
Topics of presentation
WebCast 5 May 2003 Proposed NERC Cyber Security Standard Presentation to IT Standing Committee Stuart Brindley, IMO May 26, 2003.
Enterprise Systems Business Planning & Logistics Site Manufacturing Operations and Control Area Supervisory Control Basic Control Safety- Instrumented.
Frankfurt (Germany), 6-9 June 2011 Iiro Rinta-Jouppi – Sweden – RT 3c – Paper 0210 COMMUNICATION & DATA SECURITY.
CIP 2015 Smart Grid Vulnerability Assessment Using National Testbed Networks IHAB DARWISHOBINNA IGBETAREQ SAADAWI.
P ROTOCOL FOR COLLABORATING MOBILE AGENTS IN THE NETWORK INTRUSION DETECTION SYSTEMS. By Olumide Simeon Ogunnusi Shukor Abd Razak.
1 © A. Kwasinski, 2015 Cyber Physical Power Systems Fall 2015 Security.
Goals The DNP3 protocol is widely used in electrical power systems as a means of communicating observed sensor state information back to a control center.
Security and Resilience Pat Looney Brookhaven National Laboratory April 2016.
ARM and GPS Based Transformer monitoring system with area Identification Student Name USN NO Guide Name H.O.D Name Name Of The College & Dept.
Retele de senzori EEMon Electrical Energy Monitoring System.
A Layered Solution to Cybersecurity Dr. Erfan Ibrahim Cyber-Physical Systems Security & Resilience Center National Renewable Energy Laboratory.
SCADA Supervisory Control And Data Acquisition Pantech Solutions Here is the key to learn more.
Cyber Security of SCADA Systems Testbed Development May1013 Group Members: Ben Kregel Justin Fitzpatrick Michael Higdon Rafi Adnan Adviser: Dr. Manimaran.
Artificial Intelligence In Power System Author Doshi Pratik H.Darakh Bharat P.
OPERATES SCADA OPERATION SYSTEM Explain the operational SCADA
Chapter 6: Securing the Cloud
Office 365 is cloud-based productivity, hosted by Microsoft.
Products/Solutions/Expertise of C-DAC Mumbai in Smart City Domain
Summary of Sessions 2 and 3
How SCADA Systems Work?.
Report by: Katiuscia Zedda
Cyber Security of SCADA Systems
SCADA Communication and Architecture Principles
Architectures of distributed systems Fundamental Models
Substation Automation System
REMOTE POWER MONITORING OF MARINE SITES
Cyber Security of SCADA Systems Remote Terminal Units (RTU)
Architectures of distributed systems Fundamental Models
Presentation transcript:

Toward Open Source Intrusion Tolerant SCADA Trevor Aron JR Charles Akshay Srivatsan Mentor: Marco Platania

Outline What is SCADA? SCADA Vulnerabilities What is Intrusion Tolerance? Prime PvBrowser Our Architecture Demo Future Directions

What is SCADA? Supervisory Control and Data Acquisition Used to supervise and control national infrastructure Main components: Master HMI PLCs/RTUs Designed to work with propriety hardware and protocols Components are connected on private, isolated network

SCADA in Power Grids (1) Power grids include generation plants and transmission/distribution substations which are spread across wide areas Electrical Generation Plant: generates electrical power to be transmitted across the grid Transmission Substation: transforms power for long distance transmission and provides switching between sources/destinations to meet the needs of the grid Distribution Substation: receives power from a transmission substation(s) to be distributed on site

SCADA in Power Grids (2) SCADA system is used to monitor power substations RTUs read data from field devices Transformers Generators Switches … Data is processed by the SCADA master and presented to the user through the HMI If the values read from RTUs exceed predefined safety threshold, alarms are raised by the master

SCADA Systems moving to the Internet Traditional Security Model Perimeter based Security through obscurity Primary/Standby Architecture SCADA systems originally designed to run on private networks and are not optimized for security In the past decade, SCADA systems witnessed many changes Use of off-the-shelf hardware Standardized protocols Open networks (e.g. Internet)

SCADA vulnerabilities Attacks exploiting software vulnerabilities Stuxnet Project SHINE Attacks involving foreign governments Current solutions are ineffective against malicious intrusions

What is Intrusion Tolerance? Intrusion Tolerance: Executing correct operations even if a part of the system is controlled by an adversary Safety: all correct replicas maintain consistent state Liveness: eventual progress There are many algorithms in literature that provide byzantine fault tolerant replication, until less than one third of the system is compromised BFT Zyzzyva Prime Aardvark …

Prime: Byzantine Replication with Performance Guarantees Under Attack First BFT protocols to provide performance guarantees while under attack Limits the power of a malicious leader to achieve bounded delay performance guarantee

Defense across space and time Prime and BFT protocols in general are fragile over long system life time Solution Defense Across Space: diversify the execution environment to generate different versions of the same application Defense Across Time: periodic and proactive replica rejuvenation to clean undetected intrusions Diversity + Proactive recovery allow for long lived intrusion tolerant systems

Intrusion tolerant SCADA Use Prime to replicate SCADA masters SCADA master works correctly if no more then f replicas out of 3f+1 replicas have been intruded Diversity and proactive recovery allow for the system to function for a long time An earlier version of Prime was integrated by Siemens into their SCADA product for the power grid, but it does not include diversity and proactive recovery (no protection across space and time)

Our Goals To develop a proof-of-concept of an open source intrusion tolerant SCADA Components: PvBrowser: Open source SCADA software Prime: Intrusion tolerant replication with performance guarantees under attack RTU emulator: simulates data generation from field devices

PvBrowser Open source SCADA Master and HMI server Architecture Master Data acquisition daemon (DAD): communicates with RTUs/PLCs Shared memory: medium for communication between DAD and Pvserver ProcessViewServer: visualizes data from DAD and communicates with HMI HMI ProcessViewBrowser: presents information from the visualizer to user

PvBrowser (Modifications)

Break Shared Memory

PvBrowser (Modifications) Break Shared Memory Implement message passing between DAD and PVServer Allows us to: Eliminate nondeterministic behavior

PvBrowser (Modifications) Break Shared Memory Implement message passing between DAD and PVServer Allows us to: Eliminate nondeterministic behavior Run processes on different machines

PvBrowser (Modifications) Break Shared Memory Implement message passing between DAD and PVServer Allows us to: Eliminate nondeterministic behavior Run processes on different machines Implement replication

Modbus Standardized communication protocol used by many SCADA systems around the globe Used to communicate with Remote Terminal Units (RTUs) Values stored in memory registers, organized as: Input Registers: analog inputs of different types (e.g. voltage, amperage) Input Status: digital input used to represent dichotomous values (e.g. electrical breakers, switches) Coil Status: digital output used to switch voltage in a relay (e.g. switch power ON/OFF to field device) Holding Registers: store additional data the can be used by other devices; less commonly used

Modbus Example

Our Architecture DAD and 3f+1 PVServers all run on different physical machines DAD polls RTUs and communicates data to servers via message passing Data polled from field units is replicated consistently across all servers using Prime HMI can connect to any server and observe consistent data at each correct replica BROWSER MASTER Data Acquisition PRIME RTU MODBUS

RTU Emulator ASE2000 Version 2 RTU Test Set Allows the user to define RTUs For each RTU, it is possible to specify communication protocol (e.g. Modbus) and the number of registers Used to test how the SCADA master responds to events (e.g. change of values/states) Allows testing of newly implemented protocols (e.g. DNP3)

RTU Emulator Example

Future Directions Our Architecture provides intrusion tolerant replication of the data used by the SCADA Master BROWSER MASTER Data Acquisition PRIME RTU MODBUS

Future Directions Our Architecture provides intrusion tolerant replication of the data used by the SCADA Master Additional components: Replication of all events involving the SCADA master, allowing a client to compare the state of each server and determine the correct state (with f+1 consistency) BROWSER MASTER Data Acquisition PRIME RTU MODBUS CLIENT LIBRARY

Future Directions Our Architecture provides intrusion tolerant replication of the data used by the SCADA Master Additional components: Replication of all events involving the SCADA master, allowing a client to compare the state of each server and determine the correct state (with f+1 consistency) Implementing intrusion tolerance for data acquisition Replicating DAD Using Prime to synchronize and order data polled from RTUs/PLCs BROWSER MASTER Data Acquisition PRIME RTU MODBUS CLIENT LIBRARY Data Acquisition

Special Thanks Johns Hopkins DSN Lab Dr. Yair Amir Dr. Marco Platania

Critical Infrastructures (power grids, water plants, transportation systems, …) are at the heart of human society Power grids are particularly important because other Critical Infrastructures, systems, and human activities rely on them This is one of the factors that make power grids an increasingly important target for cyber attacks In 2013 DHS reported that in 2012 the 40% of cyber attacks targeted the energy sector “Now our enemies are also seeking the ability to sabotage our power grid, our financial institutions, and our air traffic control systems. We cannot look back years from now and wonder why we did nothing in the face of real threats to our security and our economy” Barack Obama, State of the Union 2013 Intrusion tolerance: the time is now!

Breaking the barriers Power service industry is highly regulated Power companies strictly follows the regulation requirements SCADA system manufacturers have no (or little) incentive to develop capabilities that are not demanded by power companies Because intrusion tolerance is not on the regulations, power companies and SCADA system manufacturers are not interested in working on intrusion tolerant solutions The first prototype of intrusion tolerant SCADA produced by Siemens was never translated to a product in the field, lacking customer demand and regulatory requirements

Our goal Building the first survivable intrusion tolerant open source SCADA system Impact on the energy ecosystem: Showing to regulators, power companies, and SCADA manufacturers the importance of intrusion tolerance and that the problem is solvable Making intrusion tolerant a regulatory requirement Showing and teaching SCADA manufacturers how to integrate intrusion tolerance in their own systems via open source Involving other researchers so to enlarge the SCADA community and increase the impact that it can have

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.