Effects of intentional threats to power substation control systems

Dondossola, Giovanna; Szanto, Judit; Masera, Marcelo; Fovino, Igor Nai

doi:10.1504/ijcis.2008.016096

Cited by 40 publications

(26 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Several studies ( Dondossola et al (2008);Carcano et al (2010) ) proved that modern industrial critical infrastructure are, on average, exposed to the traditional computer attacks and threats. Such an exposure is mainly due to the intrinsic weakness of the communication protocols used in SCADA systems to monitor and control the field devices.…”

Section: Ics Security Overviewmentioning

confidence: 99%

A model of distributed key generation for industrial control systems

Kılınç

Fovino²,

Ferigato

et al. 2012

IFAC Proceedings Volumes

Self Cite

View full text Add to dashboard Cite

The cyber-security of industrial control systems (ICS) is gaining high relevance due to the impact of industrial system failures on the citizen life. There is an urgent need for the consideration of security in their design, and for the analysis of the related vulnerabilities and potential threats. The high exposure of industrial critical infrastructure to cyber-threats is mainly due to the intrinsic weakness of the communication protocols used to control the process network. The peculiarities of the industrial protocols (low computational power, large geographical distribution, near to real-time constraints) make hard the effective use of traditional cryptographic schemes and in particular the implementation of an effective key management infrastructure supporting a cryptographic layer. In this paper, we describe a "model of distributed key generation for industrial control systems" we have recently implemented. The model is based on a known Distributed Key Generator protocol we have adapted to an industrial control system environment and to the related communication protocol (Modbus). To validate in a formal way selected security properties of the model, we introduced a Petri Nets representation. This representation allows for modeling attacks against the protocol and understanding some potential weaknesses of its implementation in the industrial control system environment.

show abstract

Section: Ics Security Overviewmentioning

confidence: 99%

A model of distributed key generation for industrial control systems

Kılınç

Fovino²,

Ferigato

et al. 2012

IFAC Proceedings Volumes

Self Cite

View full text Add to dashboard Cite

show abstract

“…1 Once they are attacked, it will cause serious social economic losses. Nowadays, with the increasing complexes of connections, INCSs have been developed from a closed system into a more open network environment [1] , and they are very vulnerable to cyber attacks for the widely used communication protocols (such as Modbus and DNP3) without security control [2], [3] . This paper aims at proposing a security mechanism to compensate for the protocol vulnerabilities and protect the data transmitted in INCSs.…”

Section: Introductionmentioning

confidence: 99%

Data Security Transmission Mechanism in Industrial Networked Control Systems against Deception Attack

Deng¹,

Xie²,

Yu³

et al. 2016

IJSIA

View full text Add to dashboard Cite

show abstract

“…Unlike traditional substation automation system (SAS) where Intelligent Electronic Devices (IEDs) are hardwired linked to implement data acquisition and carry out their function, development of electronic instrument transformers (EITs) and prevalence of communication and information technology have led to a revolution in SAS using IEC 61850 protocol. Impact of potential attack scenarios and its countermeasures are evaluated in [4]. Since tripping signal and outputs of EITs (current and voltage measurements) are transmitted as numerical signals via broadband communication network in IEC61850 automated substations [2][3][4], the risk emerges in a form that a fake tripping signal or measurements accepted by protection system could lead to mis-operation.…”

Section: Introductionmentioning

confidence: 99%

“…Impact of potential attack scenarios and its countermeasures are evaluated in [4]. Since tripping signal and outputs of EITs (current and voltage measurements) are transmitted as numerical signals via broadband communication network in IEC61850 automated substations [2][3][4], the risk emerges in a form that a fake tripping signal or measurements accepted by protection system could lead to mis-operation.…”

Section: Introductionmentioning

confidence: 99%

Digital Watermark based Authentication for Intrusion Detection of Digital Substations

Zhao¹,

Qiangqiang²

2014

TOEEJ

View full text Add to dashboard Cite

Abstract:The paper proposes the use of digital watermark based authentication for intrusion detection in IEC 61850-automated substations. The watermark can be embedded into the Least Significant Bits of the measurements without visible deterioration in precision. When Intelligent Electronics Devices gets measurements, the watermark in the measurement can be retrieved to determine whether it has been attacked and detect malicious intrusion. The proposed approach is appropriate for the time critical and resource constrained applications in substation automation system for its simplicity. Numerical simulation shows that the process latency and error incurred by watermarking is acceptable and will not impact performance of protective function in IEC 61850 automated substations.

show abstract

Effects of intentional threats to power substation control systems

Cited by 40 publications

References 5 publications

A model of distributed key generation for industrial control systems

A model of distributed key generation for industrial control systems

Data Security Transmission Mechanism in Industrial Networked Control Systems against Deception Attack

Digital Watermark based Authentication for Intrusion Detection of Digital Substations

Contact Info

Product

Resources

About