Securing SCADA Applications Using OpenPLC With End-To-End Encryption

Proceedings of the 3rd Annual Industrial Control System Security Workshop Pub Date : 2017-12-05 DOI:10.1145/3174776.3174777

Thiago Alves, Thomas H. Morris, S. Yoo

{"title":"Securing SCADA Applications Using OpenPLC With End-To-End Encryption","authors":"Thiago Alves, Thomas H. Morris, S. Yoo","doi":"10.1145/3174776.3174777","DOIUrl":null,"url":null,"abstract":"During its nascent stages, Programmable Logic Controllers (PLC) were made robust to sustain tough industrial environments, but little care was taken to raise defenses against potential cyberthreats. The recent interconnectivity of legacy PLCs and SCADA systems with corporate networks and the internet has significantly increased the threats to critical infrastructure. To counter these threats, researchers have put their efforts in finding defense mechanisms that can protect the SCADA network and the PLCs. Encryption is a critical component of security and therefore has been used by many organizations to protect data on the network. However, since PLC vendors don't make available information about their hardware or software, it becomes challenging to embed encryption into their devices, especially if they rely on legacy protocols. This paper describes an alternative design using an open source PLC that was modified to encrypt all data it sends over the network, independently of the protocol used. Experimental results indicated that the encryption layer increased the security of the link without causing a significant overhead.","PeriodicalId":224503,"journal":{"name":"Proceedings of the 3rd Annual Industrial Control System Security Workshop","volume":"2 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"11","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 3rd Annual Industrial Control System Security Workshop","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3174776.3174777","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 11

Abstract

During its nascent stages, Programmable Logic Controllers (PLC) were made robust to sustain tough industrial environments, but little care was taken to raise defenses against potential cyberthreats. The recent interconnectivity of legacy PLCs and SCADA systems with corporate networks and the internet has significantly increased the threats to critical infrastructure. To counter these threats, researchers have put their efforts in finding defense mechanisms that can protect the SCADA network and the PLCs. Encryption is a critical component of security and therefore has been used by many organizations to protect data on the network. However, since PLC vendors don't make available information about their hardware or software, it becomes challenging to embed encryption into their devices, especially if they rely on legacy protocols. This paper describes an alternative design using an open source PLC that was modified to encrypt all data it sends over the network, independently of the protocol used. Experimental results indicated that the encryption layer increased the security of the link without causing a significant overhead.

查看原文本刊更多论文

使用端到端加密的OpenPLC保护SCADA应用程序

在其初期阶段，可编程逻辑控制器(PLC)被制造得非常强大，可以维持恶劣的工业环境，但很少注意提高对潜在网络威胁的防御。最近，传统plc和SCADA系统与企业网络和互联网的互联性大大增加了对关键基础设施的威胁。为了应对这些威胁，研究人员一直在努力寻找能够保护SCADA网络和plc的防御机制。加密是安全性的关键组成部分，因此已被许多组织用于保护网络上的数据。然而，由于PLC供应商不提供有关其硬件或软件的可用信息，因此将加密嵌入到其设备中变得具有挑战性，特别是如果他们依赖于遗留协议。本文描述了一种使用开源PLC的替代设计，该PLC经过修改，可以独立于使用的协议对其在网络上发送的所有数据进行加密。实验结果表明，该加密层在不造成较大开销的情况下提高了链路的安全性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the 3rd Annual Industrial Control System Security Workshop

自引率

0.00%

发文量