230 likes | 570 Views
Cyber Security of SCADA Systems. Team: Anthony Gedwillo (EE) James Parrott (CPrE) David Ryan (CPrE) Client: Dr. Govindarasu, Iowa State University. What is a SCADA System?. SCADA stands for “Supervisory Control and Data Acquisition”
E N D
Cyber Security of SCADA Systems Team: Anthony Gedwillo (EE) James Parrott (CPrE) David Ryan (CPrE) Client:Dr. Govindarasu, Iowa State University
What is a SCADA System? • SCADA stands for “Supervisory Control and Data Acquisition” • SCADA systems control our nation’s vital infrastructure, including Power Transmission and Distribution, Oil, Gas, and Water • SCADA Systems act as the brain and nerves for the systems they control. They sense, process (think), and send commands
Problem Statement • Supervisory control and data acquisition (SCADA) systems are vital parts of our nation’s infrastructure, and the security of these systems is a top priority. However, there is a shortage of adequate research environments for modeling and testing SCADA systems.
Operating Environment/Intended Usage • Coover Hall – Room 3042 • Demonstrations • Research
Functional Requirements-Virtualization • Create a virtualized platform that allows network stack inspection. • Create virtualized machines for RTUs and Relays • Virtualized system should be scalable to provide more realistic scenarios
Functional Requirements-Cyber Security • Vulnerability assessment / Report • Cyber attack implementation • Denial of Service • Invalid Data • Information Theft
Functional Requirements-Power System Integration • Integrate DIgSILENT PowerFactory into current test bed • Configure DIgSILENT for real time power flow simulation
Non-Functional Requirements • Minimal configuration on virtual image deployment • Images should have backups to prevent loss • Attack scenarios can be demonstrated without requiring detailed information on attack functionality • Power flow system should be easily interpreted
Implememted Design – Power Flow Google Earth
Cyber Security Vulnerability Assessment • Validate the system • Document running services • Document well-known software vulnerabilities • Search for implementation vulnerabilities • Attack Implementation • Produce Report
Attack Implementation • Man in the Middle attacks • Intercept and drop command packets • Ettercap Issues • Modified packet sniffer • Intercept and return fake confirmation • Denial of Service attacks
Technical Approach Consideration and Results • Virtual hypervisor software selection • VmWare Server • VmWare ESX • Citrix XenServer • Microsoft HyperV • Relay Virtualization software selection • Delphin-Informatika IEC 61850 Simulator • SISCO AX-S4 MMS • SystemCORPIEC61850 DLL • MatrikonOPC Server
Technical Approach Consideration and Results • Power system simulation software selection • Siemens Spectrum Power TG (DTS) • DIgSILENTPowerFactory • Power World • Cyber attack/security software selection • Nessus Security Scanner • Various open-source tools