Implementing a vertically hardened DNP3 control stack for power applications

Bratus, Sergey; Crain, Adam J.; Hallberg, Sven M.; Hirsch, Daniel P.; Patterson, Meredith L.; Koo, Maxwell; Smith, Sean W.

doi:10.1145/3018981.3018985

Cited by 12 publications

(11 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Although SCADA is widely used due to its rapid development, recent studies have highlighted its vulnerabilities from a cyber-security and cyber-physical security perspective [14], [15], [22], [23], [27], [28], [30]- [37]. The threat of cyberattacks looms over SCADA systems that communicate with network protocols [22], [23], [27], [34], [38].…”

Section: Related Workmentioning

confidence: 99%

“…Several NPPs have been found vulnerable to cyberattacks, and various attempts have been made to improve nuclear security, using systematic [8] and dynamic mapping systems to determine which assets are most vulnerable to cyberattacks [9]. Famous industrial network protocols include Modbus [11], ICCP/TASE.2 [13], Distributed Network Protocol/DNP3 [12], [14], [15], and OPC [16]. Each has its unique characteristics, as well as its own unique methods for verifying the integrity and data security.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Peer Review #2 of "Improvement of nuclear facilities DNP3 protocol data transmission security using super encryption BRC4 in SCADA systems (v0.2)"

Rupapara¹

2021

View full text Add to dashboard Cite

Section: Related Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Peer Review #2 of "Improvement of nuclear facilities DNP3 protocol data transmission security using super encryption BRC4 in SCADA systems (v0.2)"

Rupapara¹

2021

View full text Add to dashboard Cite

“…In [17], they designed another secure version of the MODBUS protocol using hashbased message authentication codes and built on SCTP (Stream Transmission Control Protocol). In [6], authors provided a Deep-Packet Inspection tool to verify syntactic correctness of DNP3 packets using the Hammer tool [28]. In [29], the authors formally verified secrecy and authentication properties of OPC-UA handshake protocols using the ProVerif tool [5].…”

Section: Related Workmentioning

confidence: 99%

Formally and practically verifying flow properties in industrial systems

Dreier¹,

Puys²,

Potet³

et al. 2019

Computers & Security

View full text Add to dashboard Cite

Industrial systems are nowadays regularly the target of cyberattacks, the most famous being Stuxnet. At the same time such systems are increasingly interconnected with other systems and insecure media such as Internet. In contrast to other IT systems, industrial systems often do not only require classical properties like data confidentiality or authentication of the communication, but have special needs due to their interaction with physical world. For example, the reordering or deletion of some commands sent to a machine can cause the system to enter an unsafe state with potentially catastrophic effects. To prevent such attacks, the integrity of the message flow is necessary. We provide a formal definition of Flow Integrity. We apply our definitions to two wellknown industrial protocols: OPC-UA and MODBUS. Using TAMARIN, a cryptographic protocol verification tool, we confirm that most of the secure modes of these protocols ensure Flow Integrity given a resilient network. However, we also identify weaknesses in a supposedly secure version of MODBUS, as well as subtleties in the handling of sequence numbers in OPC-UA. We also practically examine an OPC-UA stack named python-opcua, where some of the subtleties are not handled correctly.

show abstract

“…In (Hayes and El-Khatib, 2013), they designed another secure version of the MODBUS protocol using hash-based message authentication codes and built on SCTP (Stream Transmission Control Protocol). In (Bratus et al, 2016), authors provided a Deep-Packet Inspection tool to verify syntactic correctness of DNP3 packets using the Hammer tool (Patterson and Hirsch, 2014). In (Puys et al, 2016), the authors formally verified secrecy and authentication properties of OPC-UA handshake protocols using the ProVerif tool (Blanchet, 2001).…”

Section: Related Workmentioning

confidence: 99%

Formally Verifying Flow Properties in Industrial Systems

Dreier

Puys

Potet

et al. 2017

Proceedings of the 14th International Joint Conference on E-Business and Telecommunications

View full text Add to dashboard Cite

In contrast to other IT systems, industrial systems often do not only require classical properties like data confidentiality or authentication of the communication, but have special needs due to their interaction with physical world. For example, the reordering or deletion of some commands sent to a machine can cause the system to enter an unsafe state with potentially catastrophic effects. To prevent such attacks, the integrity of the message flow is necessary. We provide a formal definition of Flow Integrity. We apply our framework to two well-known industrial protocols: OPC-UA and MODBUS. Using TAMARIN, a cryptographic protocol verification tool, we confirm that most of the secure modes of these protocols ensure Flow Integrity given a resilient network. However, we also identify a weakness in a supposedly secure version of MODBUS.

show abstract

Implementing a vertically hardened DNP3 control stack for power applications

Cited by 12 publications

References 7 publications

Peer Review #2 of "Improvement of nuclear facilities DNP3 protocol data transmission security using super encryption BRC4 in SCADA systems (v0.2)"

Peer Review #2 of "Improvement of nuclear facilities DNP3 protocol data transmission security using super encryption BRC4 in SCADA systems (v0.2)"

Formally and practically verifying flow properties in industrial systems

Formally Verifying Flow Properties in Industrial Systems

Contact Info

Product

Resources

About