Enforcing end-to-end security in scada systems via application-level cryptography - Critical Infrastructure Protection XI Access content directly
Conference Papers Year : 2017

Enforcing end-to-end security in scada systems via application-level cryptography

Bela Genge
  • Function : Author
  • PersonId : 1033281

Abstract

Recent technological advances have had a strong impact on performance optimization and the provisioning of flexible supervisory control and data acquisition (SCADA) systems. However, most SCADA communications protocols, as currently implemented, are extremely vulnerable to cyber attacks. Several international organizations have been developing security standards to alleviate these threats. Nevertheless, investigations reveal that the vast majority of high-end control hardware devices do not incorporate security features (i.e., security protocols). Therefore, the enforcement of data security in end-to-end communications flows must be addressed at the application layer. This chapter evaluates the feasibility of performing cryptographic computations at the application layer of a programmable logic controller. It shows that, despite the modest computational resources of modern programmable logic controllers, it is possible to develop efficient cryptographic applications that enforce several data security properties in the application layer. The experimental evaluations compare the performance of AES, SHA1 and HMAC-SHA1 against the performance of the new Speck and Simon lightweight block cipher algorithms executing on a Phoenix Contact ILC 350 PN controller with the control logic of a real SCADA system used in the Romanian gas transportation network.
Fichier principal
Vignette du fichier
460140_1_En_8_Chapter.pdf (325.35 Ko) Télécharger le fichier
Origin : Files produced by the author(s)
Loading...

Dates and versions

hal-01819145 , version 1 (20-06-2018)

Licence

Attribution

Identifiers

Cite

Adrian-Vasile Duka, Bela Genge, Piroska Haller, Bogdan Crainicu. Enforcing end-to-end security in scada systems via application-level cryptography. 11th International Conference on Critical Infrastructure Protection (ICCIP), Mar 2017, Arlington, VA, United States. pp.139-155, ⟨10.1007/978-3-319-70395-4_8⟩. ⟨hal-01819145⟩
128 View
129 Download

Altmetric

Share

Gmail Facebook X LinkedIn More