Implementation of Secure Communication With Modbus and Transport Layer Security protocols

Ferst, Matheus K.; Figueiredo, Hugo; Denardin, Gustavo Weber; Lopes, Juliano de Pelegrini

doi:10.1109/induscon.2018.8627306

Cited by 27 publications

(18 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The SCTP is a transport layer protocol that provides a reliable message-oriented communication channel, with features such as congestion control and multi-homing. A new secure version based on the TLS protocol which addresses some security problems of the Modbus is proposed by [24]. The experimental results show that it is feasible to implement TLS by using it as a benchmark of power grid applications.…”

Section: Related Workmentioning

confidence: 99%

“…From the related work, we can conclude on the one hand that there is evidence of several efforts made, both offensive and defensive security, in order to provide security to the Modbus protocol in the TCP/IP version. In particular, there are two works closely related to our approach, [24], which proposes an implementation of TLS for Modbus TCP/IP, and [25], which proposes an RBAC model for Modbus RTU. However, these two schemes, and in general the rest of the efforts, are outside the context of the specification [10], which is the starting point of our proposal.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

A Role-Based Access Control Model in Modbus SCADA Systems. A Centralized Model Approach

Figueroa-Lorenzo

Añorga

Arrizabalaga

2019

Sensors

View full text Add to dashboard Cite

Industrial Control Systems (ICS) and Supervisory Control systems and Data Acquisition (SCADA) networks implement industrial communication protocols to enable their operations. Modbus is an application protocol that allows communication between millions of automation devices. Unfortunately, Modbus lacks basic security mechanisms, and this leads to multiple vulnerabilities, due to both design and implementation. This issue enables certain types of attacks, for example, man in the middle attacks, eavesdropping attacks, and replay attack. The exploitation of such flaws may greatly influence companies and the general population, especially for attacks targeting critical infrastructural assets, such as power plants, water distribution and railway transportation systems. In order to provide security mechanisms to the protocol, the Modbus organization released security specifications, which provide robust protection through the blending of Transport Layer Security (TLS) with the traditional Modbus protocol. TLS will encapsulate Modbus packets to provide both authentication and message-integrity protection. The security features leverage X.509v3 digital certificates for authentication of the server and client. From the security specifications, this study addresses the security problems of the Modbus protocol, proposing a new secure version of a role-based access control model (RBAC), in order to authorize both the client on the server, as well as the Modbus frame. This model is divided into an authorization process via roles, which is inserted as an arbitrary extension in the certificate X.509v3 and the message authorization via unit id, a unique identifier used to authorize the Modbus frame. Our proposal is evaluated through two approaches: A security analysis and a performance analysis. The security analysis involves verifying the protocol’s resistance to different types of attacks, as well as that certain pillars of cybersecurity, such as integrity and confidentiality, are not compromised. Finally, our performance analysis involves deploying our design over a testnet built on GNS3. This testnet has been designed based on an industrial security standard, such as IEC-62443, which divides the industrial network into levels. Then both the client and the server are deployed over this network in order to verify the feasibility of the proposal. For this purpose, different latencies measurements in industrial environments are used as a benchmark, which are matched against the latencies in our proposal for different cipher suites.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

A Role-Based Access Control Model in Modbus SCADA Systems. A Centralized Model Approach

Figueroa-Lorenzo

Añorga

Arrizabalaga

2019

Sensors

View full text Add to dashboard Cite

show abstract

“…The SCADA system is mostly realized by integrating the Modbus industrial communication protocol; unfortunately, Modbus itself lacks many security mechanisms to protect against vulnerabilities, such as the security vulnerabilities of Modbus using plaintext to transfer packets. The authors of [ 29 ] adopted the TLS protocol to improve the confidentiality and security of data transmission. The authors of [ 30 ] proposed a Role-Based Access Control (RBAC) model that integrates TLS and X.509v3 certificate protocol to authorize the client on the server and Modbus devices at the same time.…”

Section: Related Workmentioning

confidence: 99%

TTAS: Trusted Token Authentication Service of Securing SCADA Network in Energy Management System for Industrial Internet of Things

Yang

Lee

Chen

et al. 2021

Sensors

View full text Add to dashboard Cite

The vigorous development of the Industrial Internet of Things brings the advanced connection function of the new generation of industrial automation and control systems. The Supervisory Control and Data Acquisition (SCADA) network is converted into an open and highly interconnected network, where the equipment connections between industrial electronic devices are integrated with a SCADA system through a Modbus protocol. As SCADA and Modbus are easily used for control and monitoring, the interconnection and operational efficiency between systems are highly improved; however, such connectivity inevitably exposes the system to the open network environment. There are many network security threats and vulnerabilities in a SCADA network system. Especially in the era of the Industrial Internet of Things, any security vulnerability of an industrial system may cause serious property losses. Therefore, this paper proposes an encryption and verification mechanism based on the trusted token authentication service and Transport Layer Security (TLS) protocol to prevent attackers from physical attacks. Experimentally, this paper deployed and verified the system in an actual field of energy management system. According to the experimental results, the security defense architecture proposed in this paper can effectively improve security and is compatible with the actual field system.

show abstract

“…Modbus was created in 1979 and is used for serial communication with PLC devices [15]. It has become widely adopted as a de-facto industrial standard in the ICS world.…”

Section: ) Modbusmentioning

confidence: 99%

“…Since Modbus is very old and was invented before the Internet became widely used, it was not built with security in mind. This means that there is no built-in encryption, integrity checks or authentication [15], [16]. There have been many attacks performed against this protocol.…”

Section: ) Modbusmentioning

confidence: 99%

Trends and Detection Avoidance of Internet-Connected Industrial Control Systems

2019

View full text Add to dashboard Cite

The search engine Shodan crawls the Internet for, among other things, Industrial Control Systems (ICS). ICS are devices used to operate and automate industrial processes. Due to the increasing popularity of the Internet, these devices are getting more and more connected to the Internet. These devices will, if not hidden, be shown on Shodan. This study uses Shodan, together with data found by other researches to plot the trends of these ICS devices. The studied trends focus on the country percentage distribution and the usage of ICS protocols. The results show that all studied countries, except the United States, have decreased their percentage of world total ICS devices. We suspect that this does not represent the real story, as companies are getting better at hiding their devices from online crawlers. Our results also show that the usage of old ICS protocols is increasing. One of the explanations is that industrial devices, running old communication protocols, are increasingly getting connected to the Internet. In addition to the trend study, we evaluate Shodan by studying the time it takes for Shodan to index one of our devices on several networks. We also study ways of avoiding detection by Shodan and show that, by using a method called port knocking, it is relatively easy for a device to hide from Shodan, but remain accessible for legitimate users.

show abstract

Implementation of Secure Communication With Modbus and Transport Layer Security protocols

Cited by 27 publications

References 10 publications

A Role-Based Access Control Model in Modbus SCADA Systems. A Centralized Model Approach

A Role-Based Access Control Model in Modbus SCADA Systems. A Centralized Model Approach

TTAS: Trusted Token Authentication Service of Securing SCADA Network in Energy Management System for Industrial Internet of Things

Trends and Detection Avoidance of Internet-Connected Industrial Control Systems

Contact Info

Product

Resources

About