Title: Modbus/DNP3 State-based Filtering System
Authors: NAI FOVINO IgorCARCANO AndreaMASERA Marcelo
Citation: Proceedings of the 2010 IEEE International Symposium on Industrial Electronics, ISBN: 978-1-4244-6391-6 p. 231-236
Publisher: Institute of Electrical and Electronics Engineers (IEEE)
Publication Year: 2010
JRC N°: JRC57523
URI: http://publications.jrc.ec.europa.eu/repository/handle/JRC57523
Type: Articles in periodicals and books
Abstract: The security of SCADA systems is one of the most pressing subjects in industrial systems, especially for those installation actively using the public network in order to provide new features and services. In this paper we present an innovative approach to the design of Filtering Systems based on the state analysis of the system being monitored. The aim is to detect attacks composed of a set of ¿SCADA¿ commands that, while licit when considered in isolation on a single-packet basis, can disrupt the correct behavior of the system when executed in particular operating states. The proposed firewall detects these complex attacks thanks to an internal representation of the controlled SCADA system. Furthermore, we detail the design of the architecture of the IDS for systems using the ModBus and DNP3 protocols, and the implementation of a prototype, providing experimental comparative results that confirm the validity of the proposed approach.
JRC Directorate:Space, Security and Migration

Files in This Item:
There are no files associated with this item.

Items in repository are protected by copyright, with all rights reserved, unless otherwise indicated.