An Analysis of the Manufacturing Messaging Specification Protocol

Sørensen, Jan Tore; Jaatun, Martin Gilje

doi:10.1007/978-3-540-69293-5_47

Cited by 14 publications

(7 citation statements)

References 2 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Lastly, the state manager updates the states of the protected devices. In order to evaluate their framework, the authors applied their stateful analysis plugin in a scenario which utilizes the Manufacturing Message Specifications (MMS) [141] protocol based on the directions of IEC 61850 [41], [42] standard. They described two attack examples that are detected successfully, but they do not provide numerical results.…”

Section: Idps Systems For Substationsmentioning

confidence: 99%

“…This work [142] analyzes a specification-based IDS which is deployed in a substation in South Korea. More specifically, their IDS is based on the analysis of Generic Object Oriented Substation Events (GOOSE) [143] and MMS [141] protocols, examining general network traffic characteristics, such as the number of bits per second (bps), the number of packets per second (pps) and the number of connections per second (cps). For the mentioned characteristics, specific intrusion detection algorithms were created utilizing statistical analysis techniques.…”

Section: Idps Systems For Substationsmentioning

confidence: 99%

See 1 more Smart Citation

Securing the Smart Grid: A Comprehensive Compilation of Intrusion Detection and Prevention Systems

2019

View full text Add to dashboard Cite

The smart grid (SG) paradigm is the next technological leap of the conventional electrical grid, contributing to the protection of the physical environment and providing multiple advantages such as increased reliability, better service quality, and the efficient utilization of the existing infrastructure and the renewable energy resources. However, despite the fact that it brings beneficial environmental, economic, and social changes, the existence of such a system possesses important security and privacy challenges, since it includes a combination of heterogeneous, co-existing smart, and legacy technologies. Based on the rapid evolution of the cyber-physical systems (CPS), both academia and industry have developed appropriate measures for enhancing the security surface of the SG paradigm using, for example, integrating efficient, lightweight encryption and authorization mechanisms. Nevertheless, these mechanisms may not prevent various security threats, such as denial of service (DoS) attacks that target on the availability of the underlying systems. An efficient countermeasure against several cyberattacks is the intrusion detection and prevention system (IDPS). In this paper, we examine the contribution of the IDPSs in the SG paradigm, providing an analysis of 37 cases. More detailed, these systems can be considered as a secondary defense mechanism, which enhances the cryptographic processes, by timely detecting or/and preventing potential security violations. For instance, if a cyberattack bypasses the essential encryption and authorization mechanisms, then the IDPS systems can act as a secondary protection service, informing the system operator for the presence of the specific attack or enabling appropriate preventive countermeasures. The cases we study focused on the advanced metering infrastructure (AMI), supervisory control and data acquisition (SCADA) systems, substations, and synchrophasors. Based on our comparative analysis, the limitations and the shortcomings of the current IDPS systems are identified, whereas appropriate recommendations are provided for future research efforts.

show abstract

Section: Idps Systems For Substationsmentioning

confidence: 99%

Section: Idps Systems For Substationsmentioning

confidence: 99%

Securing the Smart Grid: A Comprehensive Compilation of Intrusion Detection and Prevention Systems

2019

View full text Add to dashboard Cite

show abstract

“…These models are mapped, at the station level, to ISO/OSI-like protocol stack based on the Manufacturing Message Specification (ISO 9506 MMS) on top of TCP/IP. MMS was developed for exchanging real-time data and perform supervisory control between networked devices and computer applications in a vendor neutral and application independent manner [63]. Therefore, the protocols and information model described in IEC 61850 have the potential to be used to integrate EMS applications, although this type of integration have not been mentioned in any of the studies we have reviewed.…”

Section: ) Integration With Scada/emsmentioning

confidence: 99%

Model Driven Software Engineering of Power Systems Applications: Literature Review and Trends

2019

View full text Add to dashboard Cite

This paper presents a survey on Software Engineering techniques for the power systems area. Our goal is to identify tools and techniques that can improve the life cycle management of customized applications for Energy Management Systems (SCADA/EMS), by applying a Model Driven Engineering (MDE) approach. We conducted a systematic literature review of published works related to the design and development of such applications. Two main repositories of publications in the area were used as sources and four search strategies were applied. Several works found are not directed to SCADA/EMS, but are related to other power systems applications. We have collected evidence that such applications are more commonly modeled using concepts specific to the power systems' domain, like control theory, rather than traditional techniques and tools from the software industry, like UML. However, few details about the process of transforming those specifications into software artifacts could be gathered. On the other hand, a few published works mention the MDE approach for power systems related applications, although clear methodology or frameworks applicable to the production of fully functional software are still missing. We have also identified promising technologies that need to be evaluated in order to propose such a framework, like domain specific languages, transformation engines and integration interfaces. The appealing MDE concept of automatically transforming design and specification models into programs and other software artifacts has the potential to facilitate the porting and migration of EMS applications from one platform to others. Ultimately, such an approach may help improving software quality and cutting development costs. INDEX TERMS Model driven engineering, SCADA/EMS, software engineering, power systems.

show abstract

“…On the other side, an ABB SCADA Server located in the supervisory network, pulls data from the mentioned PLC. ABB devices communicate with each other by default using the Manufacturing Message Specification (MMS) protocol [17]. In the middle of the link between the SCADA Server and the OpenFlow switch, an Ubuntu machine has been set with the purpose of performing a transparent Man in The Middle (MITM) attack using two bridged Ethernet ports and capturing traffic with an application based on Scapy [18].…”

Section: Experimental Set Upmentioning

confidence: 99%

Deep packet inspection for intelligent intrusion detection in software-defined industrial networks: A proof of concept

Sainz

Garitano

Iturbe

et al. 2019

Logic Journal of the IGPL

View full text Add to dashboard Cite

Specifically tailored industrial control systems (ICSs) attacks are becoming increasingly sophisticated, accentuating the need of ICS cyber security. The nature of these systems makes traditional IT security measures not suitable, requiring expressly developed security countermeasures. Within the past decades, research has been focused in network-based intrusion detection systems. With the appearance of software-defined networks (SDNs), new opportunities and challenges have shown up in the research community. This paper describes the potential benefits of using SDNs in industrial networks with security purposes and presents the set up and results of a pilot experiment carried out in a scaled physical implementation. The experimental set up consists in the detection of ICMP flood and packet payload alteration based on signature comparison. Results point to the potential viability of the technology for intrusion detection and the need of researching in architectural scalability.

show abstract

An Analysis of the Manufacturing Messaging Specification Protocol

Cited by 14 publications

References 2 publications

Securing the Smart Grid: A Comprehensive Compilation of Intrusion Detection and Prevention Systems

Securing the Smart Grid: A Comprehensive Compilation of Intrusion Detection and Prevention Systems

Model Driven Software Engineering of Power Systems Applications: Literature Review and Trends

Deep packet inspection for intelligent intrusion detection in software-defined industrial networks: A proof of concept

Contact Info

Product

Resources

About