SCADA Testbed Implementation, Attacks, and Security Solutions

John Stranahan; Tapan Soni; Jacob Carpenter; Vahid Heydari

doi:10.1007/978-3-030-73100-7_53

SCADA Testbed Implementation, Attacks, and Security Solutions

John Stranahan, Tapan Soni, Jacob Carpenter, Vahid Heydari

Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Supervisory Control and Data Acquisition (SCADA) systems have been in use for decades. They provide remote management and monitoring capabilities for Industrial Control Systems (ICS) such as power plants, trains, water treatment plants, and dams. In recent years, SCADA systems have been targeted by malicious attackers. The Modbus TCP/IP protocol, which is the standard communication protocol used by many SCADA systems for network communication, is unencrypted and therefore it is insecure by design. In this research, cost-effective design and implementation of a custom SCADA testbed is proposed to assess common vulnerabilities and exploits in real-world Industrial Control Systems. A solution is then proposed to prevent these types of vulnerabilities from being exploited on real-world systems by implementing a secure tunnel.

Original language	English (US)
Title of host publication	Advances in Information and Communication - Proceedings of the 2021 Future of Information and Communication Conference, FICC
Editors	Kohei Arai
Publisher	Springer Science and Business Media Deutschland GmbH
Pages	736-755
Number of pages	20
ISBN (Print)	9783030730994
DOIs	https://doi.org/10.1007/978-3-030-73100-7_53
State	Published - 2021
Event	Future of Information and Communication Conference, FICC 2021 - Virtual, Online Duration: Apr 29 2021 → Apr 30 2021

Publication series

Name	Advances in Intelligent Systems and Computing
Volume	1363 AISC
ISSN (Print)	2194-5357
ISSN (Electronic)	2194-5365

Conference

Conference	Future of Information and Communication Conference, FICC 2021
City	Virtual, Online
Period	4/29/21 → 4/30/21

All Science Journal Classification (ASJC) codes

Control and Systems Engineering
Computer Science(all)

Access to Document

10.1007/978-3-030-73100-7_53

Cite this

Stranahan, J., Soni, T., Carpenter, J., & Heydari, V. (2021). SCADA Testbed Implementation, Attacks, and Security Solutions. In K. Arai (Ed.), Advances in Information and Communication - Proceedings of the 2021 Future of Information and Communication Conference, FICC (pp. 736-755). (Advances in Intelligent Systems and Computing; Vol. 1363 AISC). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-030-73100-7_53

Stranahan, John ; Soni, Tapan ; Carpenter, Jacob et al. / SCADA Testbed Implementation, Attacks, and Security Solutions. Advances in Information and Communication - Proceedings of the 2021 Future of Information and Communication Conference, FICC. editor / Kohei Arai. Springer Science and Business Media Deutschland GmbH, 2021. pp. 736-755 (Advances in Intelligent Systems and Computing).

@inproceedings{16e8163c6f884597aa754cebd043939e,

title = "SCADA Testbed Implementation, Attacks, and Security Solutions",

abstract = "Supervisory Control and Data Acquisition (SCADA) systems have been in use for decades. They provide remote management and monitoring capabilities for Industrial Control Systems (ICS) such as power plants, trains, water treatment plants, and dams. In recent years, SCADA systems have been targeted by malicious attackers. The Modbus TCP/IP protocol, which is the standard communication protocol used by many SCADA systems for network communication, is unencrypted and therefore it is insecure by design. In this research, cost-effective design and implementation of a custom SCADA testbed is proposed to assess common vulnerabilities and exploits in real-world Industrial Control Systems. A solution is then proposed to prevent these types of vulnerabilities from being exploited on real-world systems by implementing a secure tunnel.",

author = "John Stranahan and Tapan Soni and Jacob Carpenter and Vahid Heydari",

note = "Publisher Copyright: {\textcopyright} 2021, The Author(s), under exclusive license to Springer Nature Switzerland AG.; Future of Information and Communication Conference, FICC 2021 ; Conference date: 29-04-2021 Through 30-04-2021",

year = "2021",

doi = "10.1007/978-3-030-73100-7_53",

language = "English (US)",

isbn = "9783030730994",

series = "Advances in Intelligent Systems and Computing",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "736--755",

editor = "Kohei Arai",

booktitle = "Advances in Information and Communication - Proceedings of the 2021 Future of Information and Communication Conference, FICC",

address = "Germany",

}

Stranahan, J, Soni, T, Carpenter, J & Heydari, V 2021, SCADA Testbed Implementation, Attacks, and Security Solutions. in K Arai (ed.), Advances in Information and Communication - Proceedings of the 2021 Future of Information and Communication Conference, FICC. Advances in Intelligent Systems and Computing, vol. 1363 AISC, Springer Science and Business Media Deutschland GmbH, pp. 736-755, Future of Information and Communication Conference, FICC 2021, Virtual, Online, 4/29/21. https://doi.org/10.1007/978-3-030-73100-7_53

SCADA Testbed Implementation, Attacks, and Security Solutions. / Stranahan, John; Soni, Tapan; Carpenter, Jacob et al.
Advances in Information and Communication - Proceedings of the 2021 Future of Information and Communication Conference, FICC. ed. / Kohei Arai. Springer Science and Business Media Deutschland GmbH, 2021. p. 736-755 (Advances in Intelligent Systems and Computing; Vol. 1363 AISC).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - SCADA Testbed Implementation, Attacks, and Security Solutions

AU - Stranahan, John

AU - Soni, Tapan

AU - Carpenter, Jacob

AU - Heydari, Vahid

PY - 2021

Y1 - 2021

N2 - Supervisory Control and Data Acquisition (SCADA) systems have been in use for decades. They provide remote management and monitoring capabilities for Industrial Control Systems (ICS) such as power plants, trains, water treatment plants, and dams. In recent years, SCADA systems have been targeted by malicious attackers. The Modbus TCP/IP protocol, which is the standard communication protocol used by many SCADA systems for network communication, is unencrypted and therefore it is insecure by design. In this research, cost-effective design and implementation of a custom SCADA testbed is proposed to assess common vulnerabilities and exploits in real-world Industrial Control Systems. A solution is then proposed to prevent these types of vulnerabilities from being exploited on real-world systems by implementing a secure tunnel.

AB - Supervisory Control and Data Acquisition (SCADA) systems have been in use for decades. They provide remote management and monitoring capabilities for Industrial Control Systems (ICS) such as power plants, trains, water treatment plants, and dams. In recent years, SCADA systems have been targeted by malicious attackers. The Modbus TCP/IP protocol, which is the standard communication protocol used by many SCADA systems for network communication, is unencrypted and therefore it is insecure by design. In this research, cost-effective design and implementation of a custom SCADA testbed is proposed to assess common vulnerabilities and exploits in real-world Industrial Control Systems. A solution is then proposed to prevent these types of vulnerabilities from being exploited on real-world systems by implementing a secure tunnel.

UR - http://www.scopus.com/inward/record.url?scp=85105910737&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85105910737&partnerID=8YFLogxK

U2 - 10.1007/978-3-030-73100-7_53

DO - 10.1007/978-3-030-73100-7_53

M3 - Conference contribution

AN - SCOPUS:85105910737

SN - 9783030730994

T3 - Advances in Intelligent Systems and Computing

SP - 736

EP - 755

BT - Advances in Information and Communication - Proceedings of the 2021 Future of Information and Communication Conference, FICC

A2 - Arai, Kohei

PB - Springer Science and Business Media Deutschland GmbH

T2 - Future of Information and Communication Conference, FICC 2021

Y2 - 29 April 2021 through 30 April 2021

ER -

Stranahan J, Soni T, Carpenter J, Heydari V. SCADA Testbed Implementation, Attacks, and Security Solutions. In Arai K, editor, Advances in Information and Communication - Proceedings of the 2021 Future of Information and Communication Conference, FICC. Springer Science and Business Media Deutschland GmbH. 2021. p. 736-755. (Advances in Intelligent Systems and Computing). doi: 10.1007/978-3-030-73100-7_53

SCADA Testbed Implementation, Attacks, and Security Solutions

Abstract

Publication series

Conference

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this