Abstract | ||
---|---|---|
The DNP3 protocol is widely used in SCADA systems (particularly electrical power) as a means of communicating observed sensor state information back to a control center. Typical architectures using DNP3 have a two level hierarchy, where a specialized data aggregator receives observed state from devices within a local region, and the control center collects the aggregated state from the data aggregator. The DNP3 communications are asynchronous across the two levels; this leads to the possibility of completely filling a data aggregator's buffer of pending events, when a compromised relay sends overly many (false) events to the data aggregator. This paper investigates the attack by implementing the attack using real SCADA system hardware and software. A Discrete-Time Markov Chain (DTMC) model is developed for understanding conditions under which the attack is successful and effective. The model is validated by a Möbius simulation model and data collected on a real SCADA testbed. |
Year | DOI | Venue |
---|---|---|
2011 | 10.1109/WSC.2011.6147969 | Winter Simulation Conference |
Keywords | Field | DocType |
real scada system hardware,dnp3 communication,data aggregator,dnp3 protocol,aggregated state,specialized data aggregator,control center,observed sensor state information,scada system,event buffer flooding attack,bius simulation model,simulation model,data models,data collection,simulation,protocols,electric power,data model,radiation detectors,data aggregation,radiation detector,markov processes | Data modeling,Asynchronous communication,Markov process,Computer science,Computer network,Testbed,DNP3,SCADA,Data aggregator,Relay | Conference |
ISSN | ISBN | Citations |
0891-7736 | 978-1-4799-2077-8 | 11 |
PageRank | References | Authors |
0.79 | 7 | 3 |
Name | Order | Citations | PageRank |
---|---|---|---|
Dong Jin | 1 | 84 | 10.13 |
David M. Nicol | 2 | 2798 | 337.97 |
Guanhua Yan | 3 | 337 | 20.25 |