Implementation of Secure Communication With Modbus and Transport Layer Security protocols

2018 13th IEEE International Conference on Industry Applications (INDUSCON) Pub Date : 2018-11-01 DOI:10.1109/INDUSCON.2018.8627306

Matheus K. Ferst, Hugo F. M. de Figueiredo, G. Denardin, Juliano Lopes

{"title":"Implementation of Secure Communication With Modbus and Transport Layer Security protocols","authors":"Matheus K. Ferst, Hugo F. M. de Figueiredo, G. Denardin, Juliano Lopes","doi":"10.1109/INDUSCON.2018.8627306","DOIUrl":null,"url":null,"abstract":"Industrial Control Systems (ICS) and Supervisory Control systems and Data Acquisition (SCADA) networks implement industrial communication protocols to enable their operations. Unfortunately, wide used protocols, such as Modbus and DNP3, lack basic security mechanisms that lead to multiple vulnerabilities. The exploitation of such flaws may greatly impact companies and the general population, especially for attacks targeting critical infrastructural assets such as power plants, water distribution, and railway transportation systems. Such problem gets worse in the context of photovoltaic Distributed Energy Resources (DER), where devices are commonly located in customers facilities, making difficult to enforce appropriate security policies. This paper addresses the security problems of the Modbus protocol, proposing a new secure version based on the Transport Layer Security protocol. Experimental results shows that the proposed solution achieves request/response times way below the 16.67 ms period of the power grid 60 Hz cycle, revealing a negligible impact in power grids applications.","PeriodicalId":156866,"journal":{"name":"2018 13th IEEE International Conference on Industry Applications (INDUSCON)","volume":"183 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"19","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 13th IEEE International Conference on Industry Applications (INDUSCON)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/INDUSCON.2018.8627306","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 19

Abstract

Industrial Control Systems (ICS) and Supervisory Control systems and Data Acquisition (SCADA) networks implement industrial communication protocols to enable their operations. Unfortunately, wide used protocols, such as Modbus and DNP3, lack basic security mechanisms that lead to multiple vulnerabilities. The exploitation of such flaws may greatly impact companies and the general population, especially for attacks targeting critical infrastructural assets such as power plants, water distribution, and railway transportation systems. Such problem gets worse in the context of photovoltaic Distributed Energy Resources (DER), where devices are commonly located in customers facilities, making difficult to enforce appropriate security policies. This paper addresses the security problems of the Modbus protocol, proposing a new secure version based on the Transport Layer Security protocol. Experimental results shows that the proposed solution achieves request/response times way below the 16.67 ms period of the power grid 60 Hz cycle, revealing a negligible impact in power grids applications.

查看原文本刊更多论文

利用Modbus和传输层安全协议实现安全通信

工业控制系统(ICS)和监控系统和数据采集(SCADA)网络实现工业通信协议，使其能够运行。不幸的是，广泛使用的协议，如Modbus和DNP3，缺乏导致多种漏洞的基本安全机制。利用这些漏洞可能会极大地影响公司和一般人群，特别是针对关键基础设施资产的攻击，如发电厂、配水和铁路运输系统。在光伏分布式能源(DER)环境下，这种问题变得更加严重，其中设备通常位于客户设施中，难以执行适当的安全策略。本文针对Modbus协议存在的安全问题，在传输层安全协议的基础上提出了一个新的安全版本。实验结果表明，该解决方案的请求/响应时间远低于电网60hz周期的16.67 ms，对电网应用的影响可以忽略。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2018 13th IEEE International Conference on Industry Applications (INDUSCON)

自引率

0.00%

发文量