improving the cyber security of scada communication networks
DESCRIPTION
Improving the Cyber Security of SCADA Communication Networks. by Sandip C. Patel, Ganesh D. Bhatt, and James H. Graham communications of the acm july 2009 , vol. 52 , no. 7 報告人:俞丞峯. content. Abstract SCADA Architectures How secure are today’s SCADA systems? - PowerPoint PPT PresentationTRANSCRIPT
Improving the Cyber Security of SCADA Communication Networks
by Sandip C. Patel, Ganesh D. Bhatt, and James H. Graham
communications of the acm
july 2009 , vol. 52 , no. 7 報告人:俞丞峯
content Abstract SCADA Architectures How secure are today’s SCADA systems? Proposed Solutions to SCADA - Communication
Security Test-Bed Evaluation Conclusion
Abstract SCADA : Supervisory control and data acquisition
SCADA networks enable operating many devices remotely such as track switches, traffic signals, electric circuit breakers, valves, relays, sensors, and water and gas pumps.
Abstract modern SCADA networks, integrated with corporate
networks and the Internet, have become far more vulnerable to unauthorized cyber attacks.
for example, can manipulate traffic signals, electric-power switching stations, chemical process-control systems, or sewage-water valves, creating major concerns to public safety and health
http://www.cyberhunter.com.tw/portal/index.php/2009-01-03-02-19-42/900-scada
SCADA 系統攻擊矩陣表攻擊說
明攻擊類
型攻擊動機 受害者受到的
衝擊衝擊評比等級 (1= 最大
衝擊, 5=最小衝擊 )
攻擊所需要條件項目
完成一次危害系統估計所需
時間阻斷服務攻擊
系統當機
欲促使系統伺服器執行下降或引起立即當機情況
SCADA 伺服器鎖住並需被重新開機起動,當伺服器回復到線上時又會
再次鎖死, 不能再進行監控操作或者最後系統需被迫關機
2 需具備 TCP/IP呼叫, SCADA伺服器 IP 位址及主機路徑資訊,並擁有封包灌爆伺服器的的能力
5 min.
刪除系統檔案( 對所有本機驅動程式做低階格式化 )
系統當機
欲使得伺服器效能下降並且引起立即當機情況
遺失關鍵主機和 SCADA 檔案並且不能再監控流程或控制工廠或設備之運作
4 需具備 SCADA伺服器 IP 位址及主機路徑資訊,並取得檔案刪除許可權。 ( 亦可能被許可擴大使用其他工具 )
15 min.
SCADA 系統攻擊矩陣表攻擊說明 攻擊
類型攻擊動機 受害者受到的衝
擊衝擊評比等級 (1=最大衝擊,5= 最小衝
擊 )
攻擊所需要條件項目
完成一次危害系統估計所需
時間為個人取得或販賣給競爭者或持有做為敲詐來進行側錄任何操作和事業體的資料
系統當機
嘗試偷取事業體的資料並且不是販賣給競爭者就是持有做為詐財之用
較低環境或立即性危險衝擊, 但如果攻擊者建立對系統造成傷害的事實所引起的注意力可能會破壞事業體形象。
4 需具備 SCADA 伺服器和資料庫主機IP 位址。 ( 如果可由網路協定掃瞄器或記錄器發覺 TCP/IP 通訊封包甚至不需 IP 位址。 )
30 min
修改 SCADA圖控資料點來欺瞞操作人員誤判系統超出控制狀況並且必須關閉警報系統。
系統當機
工廠或設備可能由於進行虛假警報而關機將導致危險。
不再信任 SCADA系統運作並且攻擊者成功欺瞞操作人員誤以為工廠發生一個警急狀況。
2 需具備 SCADA 伺服器 IP 位址,並透過公司網路取得主機存取權限。
45 min
截取、修改、刪除記錄在 ICS 資料庫伺服器操作資料。
資訊擅改
惡意欲修改事業體的資料或流程控制點為目的。
高度衝擊因為控制流程已遭到修改或控制點造成不利的影響並且會潛在導致關機情況。
3 需具備 SCADA 伺服器 IP 位址,到達資料庫主機路徑,及擁有 SCADA 系統架構知識。
45 min
SCADA Architectures
SCADA Architectures
SCADA 應用領域 溫濕度記錄系統 空調計費系統 用電資料擷取 空氣品質監控
How secure are today’s SCADA systems? Typical SCADA security measures consist of physica
lly securing MTUs, RTUs, and transmission media, and employing common cyber security defenses such as password protection and anti-virus utilities
Communication security
a “secret” phone number and “secret” proprietary protocols
Proposed Solutions to SCADA - Communication Security wrap SCADA protocols
use Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocol
use IPsec protocol
Enhance SCADA protocols with selected cryptography techniques Authentication Octets Authentication via Challenge Response
Proposed Solutions to SCADA - Communication Security Authentication Octets. This technique is based on
digital-signature algorithm.
Proposed Solutions to SCADA - Communication Security Authentication via Challenge Response
This technique verifies the identity of an RTU or an MTU by using the challenge-response cryptography to protect against the man-in-the-middle attack.
Correctness Proofs for Cryptography Techniques selected On-the-Fly Model-Checker (OFMC), and
Security Protocol Engineering and Analysis Resources (SPEAR) version II
OFMC was found to be appropriate because it succeeded in finding intruder attacks
SPEAR II, which uses Prolog-based analyzer, was found to be appropriate in verifying that the protocols functioned as intended
Test-Bed Evaluation
Test-Bed Evaluation Table 1 shows a comparison of the performance
among different security methods
Conclusion focused on the security of SCADA communication
protocols and presented two possible security alternatives to confirm the soundness of these enhancements