A DNP3-based SCADA Architecture Supporting Electronic Signatures

Marian, Marius; Cusman, Adelin; Popescu, Dan; Ionică, Dragoș

doi:10.1109/carpathiancc.2019.8765963

Cited by 6 publications

(4 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We believe the idea can be traced back to its first mention in the paper of Hopkinson et al [23] concerning the quality of service associated with the communication networks of utility providers. Several attempts, proposals, and risk analyses have been made in the last decade about the possibility to adopt the cloud paradigm [24], or to perform an integration or a full migration into the cloud [33] - [39], involving and using many concepts from Internet of Things (IoT), Industrial Internet of Things (IIoT) and Industry 4.0 Sajid et al [34] classify and rank the best practices and recommendations for cloud adoption. Among the recommendations made, they discuss network security best practices such as network segregation, traffic analysis and intrusion detection, logging of all activities and components within the SCADA, continuous and prompt updating the software and configurations, plus different types of security verifications, audits and monitoring (addressing memory dumps, file integrity, malicious code or components, etc.…”

Section: Related Workmentioning

confidence: 99%

“…Marian et al [39] Investigate and propose the design of a multitenant cloud-based paradigm for a SCADA MTU. Extensions of DNP3 protocol to include end-to-end authentication (through digital signatures) are also proposed.…”

Section: ---mentioning

confidence: 99%

“…The third generation is aware of the security threats; its components can be internetworked, and in general, it does observe some open architecture and the constraints and advantages of an open interconnected system. The findings presented in this section are based on the previous work of the authors [39], [40]. In [39] we investigated the cloud-based paradigm for the MTU design, and the security characteristics offered by the DNP3 protocol.…”

Section: General Architectural Detailsmentioning

confidence: 99%

“…The findings presented in this section are based on the previous work of the authors [39], [40]. In [39] we investigated the cloud-based paradigm for the MTU design, and the security characteristics offered by the DNP3 protocol. In [40] we analyzed several storage systems (relational and non-relational) that could support the multitenant approach for a cloud-based SCADA architecture and proposed an experimental RTU architecture.…”

Section: General Architectural Detailsmentioning

confidence: 99%

See 3 more Smart Citations

Experimenting With Digital Signatures Over a DNP3 Protocol in a Multitenant Cloud-Based SCADA Architecture

Marian

Cusman²,

Stinga

et al. 2020

IEEE Access

Self Cite

View full text Add to dashboard Cite

The ideas presented in this paper are summarized as follows. The first idea entails improving the security of supervisory control and data acquisition (SCADA) architectures by means of asymmetric cryptography and digital signatures and measuring the performance overhead. This allows achieving some obvious subsequent goals such as data-origin authentication, and the traceability and implicit nonrepudiation of commands given to intelligent field and direct control equipment. The possibility to include digital signatures with a minimum impact on a standard and a reliable data communication protocol, such as Distributed Network Protocol version 3 (DNP3), also known to have a mature, industrially validated, opensource implementation, has been tested and the results are presented. A second idea concerns designing and developing a multitenant cloud-based architecture for a SCADA environment. This hypothesis focuses on certain SCADA operators that manage multiple industrial control systems (ICS) and intend to consolidate process data in a centralized manner. INDEX TERMS digital signatures, cybersecurity, SCADA, industrial control system, cloud-based services.

show abstract