1 / 10

Cyber Security of SCADA Systems

Cyber Security of SCADA Systems. Team: Anthony Gedwillo (EE) James Parrott ( CPrE ) David Ryan ( CPrE ) Client: Dr. Govindarasu , Iowa State University. Problem Statement.

auberta
Télécharger la présentation

Cyber Security of SCADA Systems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cyber Security of SCADA Systems Team: Anthony Gedwillo (EE) James Parrott (CPrE) David Ryan (CPrE) Client:Dr. Govindarasu, Iowa State University

  2. Problem Statement “Since the mid-1990’s, security experts have become increasingly concerned about the threat of malicious cyber attacks on the vital supervisory control and data acquisition (SCADA) systems used to monitor and manage our energy systems. Most SCADA system designs did not anticipate the security threats posed by today’s reliance on common software and operating systems, public telecommunication networks, and the Internet.”

  3. Functional Requirements • Virtualization • Create a virtualized platform that allows network stack inspection. • Create virtualized images for RTUs, Control Center, firewalls and Relays • Virtualized system should be scalable to provide more realistic scenarios • Cyber Security • Produce report detailing security vulnerabilities of the system • Implement attacks discovered during the vulnerability assessment • Power System Integration • Integrate DIgSILENTPowerFactory with SCADA test bed • Power Simulation should represent real world scenario

  4. Project Plan • Power Flow Simulation • Tony • Create 9-Bus test case on DIgSilent (NOV 2010) • Configure DIgSilent with OPC connectivity (FEB 2011) • “Hardware in the Loop” (MAR 2011) • Develop Display for testbed (OPTIONAL) • Virtualization • James • Setup virtual host and install virtual machines • Setup a virtual RTU and connect to HMI • Setup a virtual relay that can connect to RTU (FEB 2011) • Create multiple substations in testbed (MAR 2011) • Hardware in the Loop • Cyber Attacks • David • Port scan all devices • Document services running on each port • Search for well-known network/server side vulnerabilities • Search for well-known client software vulnerabilities • Search for lab-specific vulnerabilities (CONTINUAL) • Create attacks for significant vulnerabilities (CONTINUAL) • Analyze impact of attacks on system (CONTINUAL)

  5. Software and Hardware Used • Our SCADA network test bed consists of a few key pieces of hardware and software: • Hardware • Siemens SCALANCE S612 Security Module • Siemens SIPROTEC 4 7SJ61 Relay (Sensor) • Software • Siemens Spectrum Power TG SCADA/EMS (HMI) • Siemens SICAM PAS v6.00 (RTU) • Siemens DIGSI (Software for SIPROTEC Protection Relays) • Digsilent Power Factory v.14 • Matrikon OPC Server/Explorer • VmWareESXi 4.1 • Nessus • Other Vulnerability Assessment Software

  6. Virtualization Design Virtual RTUs and virtual relays will be installed on the virtual machines. These virtual machines will reside on the VmWare Server These virtual machines will be connected to the SCADA Control Center via DNP 3.0 and DigSilent via OPC The virtual RTUs will communicate with the control center over ethernet behind a physical SCALANCE or virtual firewall

  7. OPC := OLE for Process Control OLE := Object Linking and Embedding Power Flow Simulation Design “The Substation” “Limbo” “Control Center” Siemens Spectrum Power TG (HMI) Virtal and Real SICAM PAS (OPC Client) Matrikon OPC Server Virtualized and Real Relays DIgSilentPowerFactory (OPC Client)

  8. Security Assessment Progress • Underlying OS is extremely out of date • Scalances are webservers accessible over SSL • User authentication is brute-forcible • Upload firewall backdoor? • Internal protected network is one big LAN • Subject to common LAN attacks • Eavesdropping • MITM via ARP spoofing

  9. Plan for the Semester • Virtualization • Finish the RTU and virtual relay integration. • Create easy deployments for substations • Design virtual diagram of system for control center • Power Flow Simulation • Achieve “Hardware in-the-loop” connectivity • Create practical system failure scenarios • Develop nice display for power system • Cyber Attacks • Refine MITM traffic interception attack • Create firewall backdoor attack

More Related