Operator authentication and accountability for SCADA servers when requests are forwarded by a middle layer

Abstract

Due to their critical nature, the actions performed by operators on Industrial Control Systems (ICS) are subject to source authentication and accountability. When commands are not send directly by the user, but forwarded by middle servers, the compromise of those severs threatens the security of the whole architecture. This Master thesis provides a solution for that problem, guaranteeing authentication end-to-end while fulfilling cost and performance requirements. Based on an analysis of several potential solutions, digital signatures were assessed to be the most flexible and secure option. Moreover, the proposed solution relies on Microsoft's Active Directory, which manages credentials on the target architecture, for securely linking public keys with user identities. A prototype implementation of the proposed design is included, together with a limited performance evaluation. They have proven the validity of the design, that guarantees end-to-end authentication and accountability of command requests, while maintaining low implementation and maintenance costs and a negligible impact in latency per message