Home   >   CSC-OpenAccess Library   >    Manuscript Information
Full Text Available

This is an Open Access publication published under CSC-OpenAccess Policy.
Cryptography and Authentication Placement to Provide Secure Channel for SCADA Communication
Aamir Shahzad, Shahrulniza Musa
Pages - 28 - 44     |    Revised - 15-05-2012     |    Published - 20-06-2012
Volume - 6   Issue - 3    |    Publication Date - June 2012  Table of Contents
Cryptography Algorithms, Authentication, Confidentiality, Security Issues
Supervisory control and data acquisition (SCADA) systems and Distributed control systems (DCS) were developed to reduce labor costs, and to allow system-wide monitoring and remote control from a central location. Control systems are widely used in critical infrastructures such as electric grid, natural gas, water, and wastewater industries. While control systems can be vulnerable to a variety of types of cyber attacks that could have devastating consequences, however, little attention is given to security considerations in the initial design and deployment of these systems, which has caused an urgent need to upgrade existing systems to withstand unauthorized intrusions potentially leading to communication attacks [1]. The current paper take a Hybrid-based Cryptography (combination of Symmetric AES and Asymmetric RSA) solution to enable confidentiality and authentication placed at each end of SCADA communication and provides secure channel for communication between MTU Terminal Unit (MTU) to Remote Terminal Units (RTUs) and/or RTUs to MTU.
CITED BY (7)  
1 Aghajanzadeh, N., & Keshavarz-Haddad, A. (2015). A Concise Model to Evaluate Security of SCADA Systems based on Security Standards. International Journal of Computer Applications, 111(14).
2 Premnath, A. P., Jo, J. Y., & Kim, Y. (2014, April). Application of NTRU Cryptographic Algorithm for SCADA Security. In Information Technology: New Generations (ITNG), 2014 11th International Conference on (pp. 341-346). IEEE.
3 Shahzad, A., Musa, S., Irfan, M., & Asadullah, S. (2014). Key Encryption Method for SCADA Security Enhancement. Journal of Applied Sciences, 14(20), 2498.
4 Shahzad, A., Musa, S., Irfan, M., & Asadullah, S. (2014). Deployment of New Dynamic Cryptography Buffer for SCADA Security Enhancement. Journal of Applied Sciences, 14(20), 2487.
5 Gupta, R., Agarwal, R., & Goyal, S. A Review of Cyber Security Techniques for Critical Infrastructure Protection.
6 WANG, D. (2013). Malicious Node Detection Mechanism for Wireless Ad Hoc Network. International Journal of Security (IJS), 7(1), 1.
7 Puliadi Premnath, A. (2013). Application of NTRU Cryptographic Algorithm for securing SCADA communication.
1 Directory of Open Access Journals (DOAJ)
2 Google Scholar
3 CiteSeerX
4 refSeek
5 Scribd
6 slideshare
7 PdfSR
1 J.H. Graham and S.C. Patel. “Security Considerations in SCADA Communication Protocols,” Sept 2004.
2 P.Blomgren and S.M Kotronx. “Cryptographic Protection of SCADA Communications Part 1: Background, Policies and Test Plan,” American Gas Association (AGA), Draft 4, AGA Report 12, Mar.14.2006.
3 M.D. Hadley and K.A. Huston and T.W. Edgar. “American Gas Association (AGA), Report No. 12 Part 2.Cryptographic Protection of SCADA Communications: Retrofit Link Encryption for Asynchronous Serial Communications”, Aug. 2007.
4 S.C. Patel and G.D. Bhatt and J.H. Graham. “Improving the cyber security of Scada communication Network,” Communication of ACM, Vol .52 No.7, July.2009.
5 R.J.Robles and M.K.Choi. “Symmetric-Key Encryption for Wireless Internet SCADA,” Springer-Verlag Berlin Heidelberg, Communications in Computer and Information Science, Volume 58, 289-297, DOI: 10.1007/978-3-642-10847-1_36, 2009.
6 M.Jethanandani and C.FI. “CERT Vulnerability Report in TCP,” April .20. 2004.
7 DNP3 Organization homepage: http://www.dnp.org/
8 Modbus Organization. http://www.modbus.com/
9 A. Wright and J. Kinast and J. M.Carty. “Low-Latency Cryptographic Protection for SCADA Communication,” Springer Lecture Notes, 2006.
10 R.D. Colin and B.E. Dawson. “A Key Management Architecture for SCADA Systems,” ACM journal, 2006.
11 E.B.Fernandez and J.Wu and M.M.Larrondo. “On Building Secure SCADA Systems using Security Patterns,”ACM conference, April .2009.
12 Kim and Montgomery. “Behavioral and Performance Characteristics of IPSec/IKE in Large- Scale VPNs,” Proceedings of the IASTED, International Conference on Communication Network and Information Security,” pp. 231-236, Dec. 2003.
13 P.Oman and E.O. Schweitzer. “Substations, and SCADA Systems against Electronic Intrusions,” Schweitzer Engineering Laboratories, Inc. Pullman, WA USA.
14 G.Clarke and D. Reynders. “Practical Modern SCADA Protocols,” May.2003.
15 E.Nahum and S.O.Malley. “Towards High Performance Cryptographic Software,” ftp://ftp.cs.arizona.edu/reports/1995/TR95-03.ps.
16 Schneier and Bruce. “Performance Comparison of the AES Submissions,” http://www.schneier.com/paper-aes.
17 D.Bailey and Edwin. “Wright, Practical SCADA for industry.” Available: http://books.google.com.my/books
18 C.Li.Bettati and R. W. Zhao. “Response time analysis for distributed real-time systems with bursty job arrivals,” Dept. of Compute. Sci., Texas A&M Univ., College Station, TX, http://ieeexplore.ieee.org/Xplore.
Mr. Aamir Shahzad
Universiti Kuala Lumpur - Malaysia
Dr. Shahrulniza Musa
- Malaysia