Study in security protocols for SCADA networks

number: 
2424
إنجليزية
Degree: 
Author: 
Rana Abid Salman Al-Joboury
Supervisor: 
Dr. Subhi Aswad Mohammed
year: 
2010
Abstract:

This thesis focuses on implementing a secure technique for protecting SCADA (Supervisory Control And Data Acquisition) systems. SCADA systems consist of operator (HMI), (MTU), (RTU), coils, actuators, registers, and sensors. They uses a Modbus (which is SCADA protocol) with TCP/IP protocol with RC5 and RSA encryption methods criteria to decide whether to permit or deny packets entry into the network. Parts of the packet that are examined are; the source IP address, the destination IP address, and the Internet protocols carried by the packet. The mini SCADA system is implemented on two computers Then the main system are implemented on a Client-Server model. A mean is provided to access and encrypt each single packet in order to implement a packet encryption mechanism, and then retransmit it again. Since the network communication protocols, such as the TCP\IP protocol suite is used widely instead of the proprietary protocols; a program must operate under Microsoft Windows operating system environment and a secure medium must be improved. The proposed solution is to interface it with a SCADA protocol, which is controlled by a user mode program. So a high performance of security can be used that allows developers to transparently encrypt and transfer raw network packets completely in usermode, by using Visual C++. The results obtain from implementing a security protocol for SCADA systems (Modbus/TCP/IP) show how the RC5 and RSA are two of the many encryption methods that used to improve a high security in transferring and receiving data or information. These methods have an overhead effect on the process operations of the SCADA system, with in maximum traffic of 123 bytes achieved in Modbus/TCP/IP. For the RC5 algorithm, increasing the number of rounds enhances the security of the all system by increasing the processor percentage by about 8% and decreases the available memory by about 4%. This decrease can be assumed as weakness point in securing SCADA systems. Also changing the word size not gives a noticed effect. By increasing the key length from 16 to 32 bytes will increase the processor usage by about 10%.Changing the number of coils to be read has no effect on the system performance for the processor percentage, available memory and Modbus/TCP/IP program of the SCADA system traffic.