Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cyber Security of SCADA Systems

Published byLeon Kolbe Modified over 6 years ago

Similar presentations

Presentation on theme: "Cyber Security of SCADA Systems"— Presentation transcript:

1 Cyber Security of SCADA Systems
Team: Anthony Gedwillo (EE) James Parrott (CPrE) David Ryan (CPrE) Client: Dr. Govindarasu, Iowa State University

2 Problem Statement “Since the mid-1990’s, security experts have become increasingly concerned about the threat of malicious cyber attacks on the vital supervisory control and data acquisition (SCADA) systems used to monitor and manage our energy systems. Most SCADA system designs did not anticipate the security threats posed by today’s reliance on common software and operating systems, public telecommunication networks, and the Internet.”

3 Functional Requirements
Virtualization Create a virtualized platform that allows network stack inspection. Create virtualized images for RTUs, Control Center, firewalls and Relays Virtualized system should be scalable to provide more realistic scenarios Cyber Security Produce report detailing security vulnerabilities of the system Implement attacks discovered during the vulnerability assessment Power System Integration Integrate DIgSILENT PowerFactory with SCADA test bed Power Simulation should represent real world scenario

4 Project Plan Power Flow Simulation Virtualization Cyber Attacks James
Tony Create 9-Bus test case on DIgSilent (NOV 2010) Configure DIgSilent with OPC connectivity (FEB 2011) “Hardware in the Loop” (MAR 2011) Develop Display for testbed (OPTIONAL) Virtualization James Setup virtual host and install virtual machines Setup a virtual RTU and connect to HMI Setup a virtual relay that can connect to RTU (FEB 2011) Create multiple substations in testbed (MAR 2011) Hardware in the Loop Cyber Attacks David Port scan all devices Document services running on each port Search for well-known network/server side vulnerabilities Search for well-known client software vulnerabilities Search for lab-specific vulnerabilities (CONTINUAL) Create attacks for significant vulnerabilities (CONTINUAL) Analyze impact of attacks on system (CONTINUAL)

5

6 Software and Hardware Used
Our SCADA network test bed consists of a few key pieces of hardware and software: Hardware Siemens SCALANCE S612 Security Module Siemens SIPROTEC 4 7SJ61 Relay (Sensor) Software Siemens Spectrum Power TG SCADA/EMS (HMI) Siemens SICAM PAS v6.00 (RTU) Siemens DIGSI (Software for SIPROTEC Protection Relays) Digsilent Power Factory v.14 Matrikon OPC Server/Explorer VmWare ESXi 4.1 Nessus Other Vulnerability Assessment Software

7 Virtualization Design
Virtual RTUs and virtual relays will be installed on the virtual machines. These virtual machines will reside on the VmWare Server These virtual machines will be connected to the SCADA Control Center via DNP 3.0 and DigSilent via OPC The virtual RTUs will communicate with the control center over ethernet behind a physical SCALANCE or virtual firewall

8 Power Flow Simulation Design
OPC := OLE for Process Control OLE := Object Linking and Embedding Power Flow Simulation Design “The Substation” “Limbo” “Control Center” Siemens Spectrum Power TG (HMI) Virtal and Real SICAM PAS (OPC Client) Virtualized and Real Relays Matrikon OPC Server DIgSilent PowerFactory (OPC Client)

9 Security Assessment Progress
Underlying OS is extremely out of date Scalances are webservers accessible over SSL User authentication is brute-forcible Upload firewall backdoor? Internal protected network is one big LAN Subject to common LAN attacks Eavesdropping MITM via ARP spoofing

10 Plan for the Semester Virtualization
Finish the RTU and virtual relay integration. Create easy deployments for substations Design virtual diagram of system for control center Power Flow Simulation Achieve “Hardware in-the-loop” connectivity Create practical system failure scenarios Develop nice display for power system Cyber Attacks Refine MITM traffic interception attack Create firewall backdoor attack

Download ppt "Cyber Security of SCADA Systems"

Similar presentations

1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.

1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.
Team Dec13_11: Cole Hoven Jared Pixley Derek Reiser Rick Sutton Adviser/Client: Prof. Manimaran Govindarasu Graduate Assistant: Aditya Ashok PowerCyber.

Team Dec13_11: Cole Hoven Jared Pixley Derek Reiser Rick Sutton Adviser/Client: Prof. Manimaran Govindarasu Graduate Assistant: Aditya Ashok PowerCyber.
Team 7 / May 24, 2006 Web Based Automation & Security Client Capstone Design Advisor Prof. David Bourner Team Members Lloyd Emokpae (team Lead) Vikash.

Team 7 / May 24, 2006 Web Based Automation & Security Client Capstone Design Advisor Prof. David Bourner Team Members Lloyd Emokpae (team Lead) Vikash.
Presented by Serge Kpan LTEC 4550.020 Network Systems Administration 1.

Presented by Serge Kpan LTEC Network Systems Administration 1.
Toward Open Source Intrusion Tolerant SCADA Trevor Aron JR Charles Akshay Srivatsan Mentor: Marco Platania.

Toward Open Source Intrusion Tolerant SCADA Trevor Aron JR Charles Akshay Srivatsan Mentor: Marco Platania.
Upgrading Remote Access to the Analog Model Power System Amrit Dahal Ryan Litzko Client: Dr. Brian Johnson, ECE Dept. ECE 544: Control Systems and Critical.

Upgrading Remote Access to the Analog Model Power System Amrit Dahal Ryan Litzko Client: Dr. Brian Johnson, ECE Dept. ECE 544: Control Systems and Critical.
SCADA – Are we self- sufficient? Presented by Jack McIntyre 15/05/2015Jack McIntyre2.

SCADA – Are we self- sufficient? Presented by Jack McIntyre 15/05/2015Jack McIntyre2.
Personnel 500-600 hours$10,000-$12,000 Hardware Virtualization Server(?)$3000-$10,000 SIPROTEC 4 7SJ61 Relay s$0 SCALANCE S612 Security.

Personnel hours$10,000-$12,000 Hardware Virtualization Server(?)$3000-$10,000 SIPROTEC 4 7SJ61 Relay s$0 SCALANCE S612 Security.
Virtual Machine Management

Virtual Machine Management
SUBSTATION SECURITY WHY FIREWALLS DON’T WORK! ©Copyright 1998, Systems Integration Specialists Company, Inc. All Rights Reserved Presented by:

SUBSTATION SECURITY WHY FIREWALLS DON’T WORK! ©Copyright 1998, Systems Integration Specialists Company, Inc. All Rights Reserved Presented by:
Introduction to Honeypot, Botnet, and Security Measurement

Introduction to Honeypot, Botnet, and Security Measurement
Cyber Security of SCADA Systems Testbed Testbed Development Group Members: Justin Fitzpatrick Rafi Adnan Michael Higdon Ben Kregel Adviser: Dr. Manimaran.

Cyber Security of SCADA Systems Testbed Testbed Development Group Members: Justin Fitzpatrick Rafi Adnan Michael Higdon Ben Kregel Adviser: Dr. Manimaran.
Securing Microsoft® Exchange Server 2010

Securing Microsoft® Exchange Server 2010
Introduction to VMware Virtualization

Introduction to VMware Virtualization
Module 14: Configuring Server Security Compliance

Module 14: Configuring Server Security Compliance
Software Security Testing Vinay Srinivasan cell: +91 9823104620.

Software Security Testing Vinay Srinivasan cell:
Safeguarding OECD Information Assets Frédéric CHALLAL Head, Systems Engineering Team OECD.

Safeguarding OECD Information Assets Frédéric CHALLAL Head, Systems Engineering Team OECD.
Cyber Terrorism Shawn Carpenter Computer Security Analyst

Cyber Terrorism Shawn Carpenter Computer Security Analyst
Network Security Technologies CS490 - Security in Computing Copyright © 2005 by Scott Orr and the Trustees of Indiana University.

Network Security Technologies CS490 - Security in Computing Copyright © 2005 by Scott Orr and the Trustees of Indiana University.
Module 8: Designing Security for Authentication. Overview Creating a Security Plan for Authentication Creating a Design for Security of Authentication.

Module 8: Designing Security for Authentication. Overview Creating a Security Plan for Authentication Creating a Design for Security of Authentication.

Similar presentations

Ads by Google