Proposal of a Secure Modbus RTU communication with Adi Shamir's secret sharing method

L

Proposal of a Secure Modbus RTU communication with Adi Shamir’s secret sharing method

Drinking fresh water, turning the lights on, travelling by tram, calling our family or getting a medical treatment are usual activities, but the underlying SCADA (Supervisory Control and Data Acquisition) systems like CIS (Critical Infrastructure Systems), ICS (Industrial Control Systems) or DCS (Distributed Control Systems) were always the target of many types of attacks, endangered the above mentioned simple activities. During the last decades because of the fast spread of the internet based services and the continuous technical development these systems become more vulnerable than ever. Full reconstruction and innovative changes in older SCADA systems has high cost, and it is not always rewarding. Communication protocols as Modbus (1979) serve as a main basis for SCADA systems, so security of Modbus has a major impact of the security of SCADA systems. Our paper raises and answers questions about the security of the Modbus RTU protocol. We focus on the serial Modbus protocol, because in that method we found many unsolved problems, like lack of authentication of the participants, lack of secure channel and so on. The aim of this paper to propose a secure communication alternative for Modbus RTU @ RS485 wire. The main advantage of the proposed method is the coexistence with traditional slaves and bus systems and only software update is necessary

ICT aspects of power systems and their security

This report provides a deep description of four complex Attack Scenarios that have as final goal to produce damage to the Electric Power Transmission System. The details about protocols used, vulnerabilities, devices etc. have been for obvious reasons hidden, and the ones presented have to be understood as mere (even if realistic) simplified versions of possible power systems.JRC.DG.G.6-Security technology assessmen

Formally designing and implementing cyber security mechanisms in industrial control networks.

This dissertation describes progress in the state-of-the-art for developing and deploying formally verified cyber security devices in industrial control networks. It begins by detailing the unique struggles that are faced in industrial control networks and why concepts and technologies developed for securing traditional networks might not be appropriate. It uses these unique struggles and examples of contemporary cyber-attacks targeting control systems to argue that progress in securing control systems is best met with formal verification of systems, their specifications, and their security properties. This dissertation then presents a development process and identifies two technologies, TLA+ and seL4, that can be leveraged to produce a high-assurance embedded security device. The method presented in this dissertation takes an informal design of an embedded device that might be found in a control system and 1) formalizes the design within TLA+, 2) creates and mechanically checks a model built from the formal design, and 3) translates the TLA+ design into a component-based architecture of a native seL4 application. The later chapters of this dissertation describe an application of the process to a security preprocessor embedded device that was designed to add security mechanisms to the network communication of an existing control system. The device and its security properties are formally specified in TLA+ in chapter 4, mechanically checked in chapter 5, and finally its native seL4 architecture is implemented in chapter 6. Finally, the conclusions derived from the research are laid out, as well as some possibilities for expanding the presented method in the future

Air Force Institute of Technology Research Report 2011

This report summarizes the research activities of the Air Force Institute of Technology’s Graduate School of Engineering and Management. It describes research interests and faculty expertise; lists student theses/dissertations; identifies research sponsors and contributions; and outlines the procedures for contacting the school. Included in the report are: faculty publications, conference presentations, consultations, and funded research projects. Research was conducted in the areas of Aeronautical and Astronautical Engineering, Electrical Engineering and Electro-Optics, Computer Engineering and Computer Science, Systems and Engineering Management, Operational Sciences, Mathematics, Statistics and Engineering Physics

Protecting critical infrastructure in the EU: CEPS task force report

2sìCritical infrastructures such as energy, communications, banking, transportation, public government services, information technology etc., are more vital to industrialized economies and now than ever before. At the same time, these infrastructures are becoming increasingly dependent on each other, such that failure of one of them can often propagate and result in domino effects. The emerging challenge of Critical (information) Infrastructure Protection (C(I)IP) has been recognized by nearly all member states of the European Union: politicians are increasingly aware of the threats posed by radical political movements and terrorist attacks, as well as the need to develop better response capacity in case of natural disasters. Responses to these facts have been in line with the available resources and possibilities of each country, so that certain countries are already quite advanced in translating the C(I)IP challenge into measures, whereas others are lagging behind. In the international arena of this policy domain, Europe is still in search of a role to play. Recently, CIIP policy has been integrated in the EU Digital Agenda, which testifies to the growing importance of securing resilient infrastructures for the future. This important and most topical Task Force Report is the result of in-depth discussions between experts from different backgrounds and offers a number of observations and recommendations for a more effective and joined-up European policy response to the protection of critical infrastructure.openopenAndrea Renda; Bernhard HaemmerliRenda, Andrea; Bernhard, Haemmerl