A Trust System Architecture for SCADA Network Security

Coates, G.M.; Hopkinson, Kenneth M.; Graham, Steve; Kurkowski, Stuart H.

doi:10.1109/tpwrd.2009.2034830

Cited by 54 publications

(27 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In conclusion, the approximate security lies in the range of 60 to 80 percent, which is comparatively low relative to the current research, which computed security results of 95 to 98 percent. Therefore, this study and others [25,[29][30][31][35][36][37][38][39][40]59,[91][92][93][94][95][96][97][98]101,102] conclude that security in any system should be significantly improved if a security mechanism can be a part of a system rather depending on an end-to-end approach. However, security developments are quite difficult to design and test inside of the protocol and the required depth knowledge of the protocol and other implementation details except security performance are more accurate and remarkable in these scenarios.…”

Section: Performance Evaluation and Comparisonmentioning

confidence: 91%

“…During transmission, the message is treated with security methods (or cryptography algorithms) to keep the message (or payload) secure from un-authorized users (or attackers) [23][24][25][26][27][28][29][30][31][32]59,99,100]. However, these security developments [25,[29][30][31][35][36][37][38][39][40] are usually end-to-end based, meaning that security developments are not part of a SCADA system and its protocols, but rather that security is treated and computed as part of external component sources. The computed results are far away from our computed results.…”

Section: Performance Evaluation and Comparisonmentioning

confidence: 99%

“…There are many studies [22,25,[29][30][31][35][36][37][38][39][40][91][92][93][94][95][96][97][98] that have been deployed to secure communication for MODBUS protocol communication as well as SCADA/protocol communication. Most of these provide adequate security computation and performance, but cryptography based mechanisms can be considered to be the best approaches for computer networks (such as traditional, and real time networks).…”

Section: Significance Of Researchmentioning

confidence: 99%

“…Therefore, the details of the security analysis indicate that cryptography-based mechanisms can provide security for the SCADA/MODBUS protocol. However, existing developments [22,[35][36][37][38][39][40]69,[91][92][93][94][95][96][97][98][103][104][105][106][107][108][109] have not taken into account SCADA/MODBUS communications due to end-to-end limitations. Therefore, the proposed research identifies a new development in place of an end-to-end scheme.…”

Section: Significance Of Researchmentioning

confidence: 99%

See 3 more Smart Citations

Real Time MODBUS Transmissions and Cryptography Security Designs and Enhancements of Protocol Sensitive Information

Shahzad

Lee

et al. 2015

Symmetry

View full text Add to dashboard Cite

Information technology (IT) security has become a major concern due to the growing demand for information and massive development of client/server applications for various types of applications running on modern IT infrastructure. How has security been taken into account and which paradigms are necessary to minimize security issues while increasing efficiency, reducing the influence on transmissions, ensuring protocol independency and achieving substantial performance? We have found cryptography to be an absolute security mechanism for client/server architectures, and in this study, a new security design was developed with the MODBUS protocol, which is considered to offer phenomenal performance for future development and enhancement of real IT infrastructure. This study is also considered to be a complete development because security is tested in almost all ways of MODBUS communication. The computed measurements are evaluated to validate the overall development, and the results indicate a substantial improvement in security that is differentiated from conventional methods. OPEN ACCESSSymmetry 2015, 7 1177

show abstract

Section: Performance Evaluation and Comparisonmentioning

confidence: 91%

Section: Performance Evaluation and Comparisonmentioning

confidence: 99%

Section: Significance Of Researchmentioning

confidence: 99%

Section: Significance Of Researchmentioning

confidence: 99%

See 2 more Smart Citations

Real Time MODBUS Transmissions and Cryptography Security Designs and Enhancements of Protocol Sensitive Information

Shahzad

Lee

et al. 2015

Symmetry

View full text Add to dashboard Cite

show abstract

“…The Trust System proposed by Coates et al is a communication security device, which is combined together with firewall and intrusion detection abilities, designed for use with strict real-time requirements network systems [8]. The concept of this proposed trust system is to take common standalone security products (i.e., firewalls, IDSs, router ACLs, etc.)…”

Section: Trust System For Scada Networkmentioning

confidence: 99%

Trust System Architecture for Securing GOOSE Communication in IEC 61850 Substation Network

Rashid

Yussof²,

Yusoff³

2016

IJSIA

View full text Add to dashboard Cite

show abstract

Cybersecurity of Distribution Devices and Systems

Ten

Guo

2016

Smart Grid Handbook

View full text Add to dashboard Cite

This is a cyber‐physical security chapter that provides an interdependent overview between the communication infrastructure and distribution networks. An enumeration of devices at each distribution level and attack event plausibility for each device are reviewed. Among all attack vectors enumerated, consumers are motivated to underreport fraud owing to the financial advantage. These are related to integrity and availability of the confidentiality, integrity, and availability (CIA). Triad where tampered metering information would result in imprecise electricity bills. As the metering information of consumers' Internet protocol (IP)‐based energy devices in a secondary network can be electronically tampered by fraudulent users, the primary metering infrastructure can be leveraged as a more trustworthy means for data validation. The metering infrastructure of a primary distribution network is instrumented with feeder remote terminal units (FRTUs), connecting remote‐controlled switches or reclosers, for the purpose of dispatching and remote control. These devices in primary and secondary networks can be utilized to cross‐validate with the 15‐min IP‐based “smart” meters on the potential billing discrepancy.

show abstract

A Trust System Architecture for SCADA Network Security

Cited by 54 publications

References 6 publications

Real Time MODBUS Transmissions and Cryptography Security Designs and Enhancements of Protocol Sensitive Information

Real Time MODBUS Transmissions and Cryptography Security Designs and Enhancements of Protocol Sensitive Information

Trust System Architecture for Securing GOOSE Communication in IEC 61850 Substation Network

Cybersecurity of Distribution Devices and Systems

Contact Info

Product

Resources

About