1 / 8

Cyber Security of SCADA Systems

Cyber Security of SCADA Systems. Team: Anthony Gedwillo (EE) James Parrott ( CPrE ) David Ryan ( CPrE ) Client: Dr. Govindarasu , Iowa State University. High Level Project Objective Diagram.

symona
Télécharger la présentation

Cyber Security of SCADA Systems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cyber Security of SCADA Systems Team: Anthony Gedwillo (EE) James Parrott (CPrE) David Ryan (CPrE) Client:Dr. Govindarasu, Iowa State University

  2. High Level Project Objective Diagram • Our goal is to improve the cyber security of Supervisory Control and Data Acquisition (SCADA) systems • We will construct a testbed that mimics a SCADA system • We will be able to run “Improvement Cycles” on the system so a better understanding of its cyber security flaws can be gained

  3. Power Flow Simulation Virtualized and Real Relays Siemens Spectrum Power TG (HMI) Virtal and Real SICAM PAS (OPC DA Server) OPC := OLE for Process Control OLE := Object Linking and Embedding DIgSilentPowerFactory (OPC Client)

  4. Virtualization • Using virtualization to scale the testbed without needing hardware for each substation • Hardware: • Virtual host for running virtual machines • Software: • VmWareESXi 4.0 • VmWarevSphere • Sisco IEC 61850 Simulator • Sicam PAS

  5. Vulnerability Analysis • Information Gathering • Attack creation • Rapid prototype attacks • Analyze their effect on the network • Effect on power availability • Unauthorized access to control systems

  6. Test Plan • Module Test: • Document vulnerabilities of each system as it is configured • Integration Tests: • DIgSilent display must respond to changes implemented by SiementsHMI • DIgSilent works on its own • Connect DIgSilent to OPC • Connect HMI to OPC • Map data points in OPC Server • Virtual Substations need to integrate with testbed • Finish building virtual RTUs • Connect virtual relay with RTU • Connect control center with RTU • Test for correctness

  7. Milestones • Power Flow Simulation • Tony • Create 9-Bus test case on DIgSilent (NOV 2010) • Configure DIgSilent with OPC connectivity (DEC 2010) • Develop Display for testbed (FEB 2011) • Virtualization • James • Setup a virtual RTU and connect to HMI • Setup a virtual relay that can connect to RTU • Create multiple substations in testbed • Cyber Attacks • David • Port scan all devices • Document services running on each port • Search for well-known network/server side vulnerabilities • Search for well-known client software vulnerabilities • Search for lab-specific vulnerabilities • Create attacks for significant vulnerabilities • Analyze impact of attacks on system (ALL)

More Related