Escolar Documentos
Profissional Documentos
Cultura Documentos
Rakesh
M.Tech(PLE) –III Sem
UPES- DDN
Points of discussion…
Brief Introduction
Implementation – Small test application
Implementation – Real time application
Implementation – Large process plant
Future scope
Critical Infrastructure & SCADA
Vulnerabilities and Threats
SCADA Network attacks
Recommended solution
Assessment Methodology & Tools
Conclusion
Introduction
SCADA – Supervisory Control & Data
Acquisition.
SCADA system - computers, controllers,
instruments, actuators, network/ interfaces .
Application - Remote monitoring and
maintenance .
Mobile SCADA - GSM Mobile phones & GPRS
device.
Implementation
Application – Intelligent Temperature Control
system.
Components Used:
Atmel ATMega 16L - µc, RTD, signal
conditioning ckt, Mobile phone, computer &
GPRS device.
System Design-Block
Diagram
Real Time
Implementation
Flow Chart for the
Programming/ Process
Typical architecture of a
DCS
Remote monitoring Setup
Adding Value
Send SMS to the Engineers on alarms
Create Database of Alarms – MS Access/MS
SQL
Compare the alarm generated with the
database.
Create a MS Excel sheet with complete Alarm
details.
Send it as Email to the Engineers thru M2M
gateway by accessing the Internet via GPRS.
Control System :
Control system:-manage,
command, direct other
devices ex:-ICS’s
Used in:-electrical, water,
oil and gas
chemical,nuclear fusion
labs(experimental
facility)
THREATS
• SCADA Vulnerabilities
• THE CRITICAL
INFRASTRUCTURE
THREATS
• SCADA NETWORK
ATTACKS
– Affects Status and
Display Screens
– Taking Over the
Control Station
– Disrupting Processes
– Equipment and
Property Damage
“HONEY POTS”
Assessment Methodology
Steps…..
Perform reconnaissance to gather information on the
target system if not previously defined in the
assessment plan.
Scan the SCADA network for open ports and
vulnerabilities.
Prioritized vulnerabilities to assess based on the
probability of obtaining the target and its significance
Dedicated semi-private work area
Broadband (reliable) internet access for research
Vendor help and support
Backing up the target (SCADA) system
Rebooting the system after every attack to ensure all
of the effects are presented.
Assessing Tools
NMAP
NESSUS
STAT SCANNER
ETHEREAL
ETTERCAP
METASPLOIT
Conclusion
Wireless SCADA is an inexpensive, adaptable and
easy to use SCADA device and the infrastructure
using the mobile phone network (GPRS).
The proposed architecture for the alarm data
distribution provides the improvement in the real
time monitoring and gives a min fault operation.
With the given assessment methods and properly
followed instructions and effective use of the firewalls
the attacks from the intruders can easily be found
out.
References
Das, AN, Lewis, FL, Popa, DO, 2006, “Data-logging and Supervisory
Control in Wireless Sensor Networks,” Proceeding of the Seventh ACIS
International Conference on Software Engineering, Artificial
Intelligence, networking, and Parallel/Distributed Computing (SNPD’06),
Volume 00, ISBN:0-7695-2611-X, pp 330- 338.
Surve, V, 2006, “A wireless Communication Device for Short
Messages”, Masters Thesis,
Hildick-Smith, Andrew, “Security for Critical Infrastructure SCADA
Systems,” (SANS Reading Room , GSEC Practical Assignment, Version
1.4c, Option 1, February 2005),
Li H-Y, Web based remote monitoring and control for process plants, In
Proc of Intl Conf.on Machine learning and cybernetics, 2005
Eric Byres (2008). Hidden Vulnerabilities in SCADA and Critical
Infrastructure Systems, February 19.
Carlson Rolf (2002) Sandia SCADA program – high-security SCADA
LDRD final report.
Discussion
Time