A Taxonomy of Industrial Control Protocols and Networks in the Power Grid

Ortiz, Neil; Cárdenas, Álvaro A.; Wool, Avishai

doi:10.1109/mcom.001.2200574

IEEE Commun. Mag.

2023

DOI: 10.1109/mcom.001.2200574

|View full text |Cite

A Taxonomy of Industrial Control Protocols and Networks in the Power Grid

Neil Ortiz

Álvaro A. Cárdenas

Avishai Wool

Abstract: Despite a growing interest in understanding the industrial control networks that monitor our critical infrastructures (such as the power grid), to date, these networks have been analyzed in isolation from each other and treated as monolithic networks without consideration of the differences. In this article, we use five industrial control protocols to showcase the diversity of applications and usage of these systems. We introduce a taxonomy of industrial protocols and a summary of their security challenges.

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...

Citation Types

Supporting

Mentioning

Contrasting

Year Published

2024

Publication Types

Select...

Article2

Relationship

Self Cite0

Independent2

Authors

Journals

Cited by 2 publications

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

DiffusionFuzz: Fuzzing Framework of Industrial Control Protocols Based on Denoising Diffusion Probabilistic Model

Zong,

Luo,

Ning

et al. 2024

IEEE Access

View full text Add to dashboard Cite

With the opening of industrial networks in the information age, the characteristic of Industrial Control Protocols (ICPs) to transmit plaintext without encryption exposes serious security risks, threatening the safe and stable operation of Industrial Control Systems (ICSs). Exploring the work of mining vulnerabilities in ICPs can use fuzzing to mine potential vulnerabilities in protocols to ensure the safe operation of ICS. However, traditional fuzzing methods require the construction of test cases based on expert experience and the format syntax specification of ICPs. This process is time-consuming, labor-intensive, inefficient, and limited when facing unknown ICPs. In response to these issues, this paper proposes an automated fuzzing method for ICPs based on the Denoising Diffusion Probabilistic Model (DDPM). Specifically, DDPM achieves the conversion from noise to data samples, which can easily and quickly generate test cases. On this basis, we designed a universal fuzzing framework, DiffusionFuzz, that can be applied to most ICPs. The experimental results obtained on ICPs such as Modbus/TCP in the Industrial Attack-Defense Range of the Key Laboratory of Information Security for Petrochemical Industry in Liaoning Province demonstrate that the test cases generated by this method are diverse, and outperform other fuzzing methods in terms of acceptance rate and ability to trigger exceptions. Certainly, DiffusionFuzz can enhance the effectiveness of fuzzing, identify vulnerabilities in ICPs, and thereby reduce potential economic risks and impacts.INDEX TERMS Vulnerability mining, Fuzzing, Industrial control protocols, Denoising diffusion probabilistic model.

show abstract

DiffusionFuzz: Fuzzing Framework of Industrial Control Protocols Based on Denoising Diffusion Probabilistic Model

Zong,

Luo,

Ning

et al. 2024

IEEE Access

View full text Add to dashboard Cite

show abstract

SCADA World: An Exploration of the Diversity in Power Grid Networks

Ortiz,

Cardenas,

Wool

2024

Proc. ACM Meas. Anal. Comput. Syst.

View full text Add to dashboard Cite

Despite a growing interest in understanding the industrial control networks that monitor and control our critical infrastructures (such as the power grid), to date, SCADA networks have been analyzed in isolation from each other. They have been treated as monolithic networks without taking into consideration their differences. In this paper, we analyze real-world data from different parts of a power grid (generation, transmission, distribution, and end-consumer) and show that these industrial networks exhibit a variety of unique behaviors and configurations that have not been documented before. To the best of our knowledge, our study is the first to tackle the analysis of power grid networks at this level. Our results help us dispel several misconceptions proposed by previous work, and we also provide new insights into the differences and types of SCADA networks.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

A Taxonomy of Industrial Control Protocols and Networks in the Power Grid

Cited by 2 publications

References 12 publications

DiffusionFuzz: Fuzzing Framework of Industrial Control Protocols Based on Denoising Diffusion Probabilistic Model

DiffusionFuzz: Fuzzing Framework of Industrial Control Protocols Based on Denoising Diffusion Probabilistic Model

SCADA World: An Exploration of the Diversity in Power Grid Networks

Contact Info

Product

Resources

About