Design and Implementation of a Secure Modbus Protocol

Igor Nai Fovino; Andrea Carcano; Marcelo Masera; Alberto Trombetta

doi:10.1007/978-3-642-04798-5_6

International Conference on Critical Infrastructure Protection

ICCIP 2009: Critical Infrastructure Protection III pp 83-96

Design and Implementation of a Secure Modbus Protocol

Authors
Authors and affiliations

Igor Nai Fovino
Andrea Carcano
Marcelo Masera
Alberto Trombetta

Conference paper

DOI: 10.1007/978-3-642-04798-5_6

Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 311)

Cite this paper as:: Fovino I.N., Carcano A., Masera M., Trombetta A. (2009) Design and Implementation of a Secure Modbus Protocol. In: Palmer C., Shenoi S. (eds) Critical Infrastructure Protection III. ICCIP 2009. IFIP Advances in Information and Communication Technology, vol 311. Springer, Berlin, Heidelberg

Abstract

The interconnectivity of modern and legacy supervisory control and data acquisition (SCADA) systems with corporate networks and the Internet has significantly increased the threats to critical infrastructure assets. Meanwhile, traditional IT security solutions such as firewalls, intrusion detection systems and antivirus software are relatively ineffective against attacks that specifically target vulnerabilities in SCADA protocols. This paper describes a secure version of the Modbus SCADA protocol that incorporates integrity, authentication, non-repudiation and anti-replay mechanisms. Experimental results using a power plant testbed indicate that the augmented protocol provides good security functionality without significant overhead.

Keywords

SCADA systems Modbus secure protocol

Download to read the full conference paper text

References

1.
O. Alhazmi, Y. Malaiya and I. Ray, Security vulnerabilities in software systems: A quantitative perspective, in Data and Applications Security XIX, S. Jajodia and D. Wijesekera (Eds.), Springer, Berlin-Heidelberg, pp. 281–294, 2005.CrossRefGoogle Scholar
2.
American Society of Heating, Refrigerating and Air-Conditioning Engineers (ASHRAE), BACnet, ASHRAE SSPC 135, Atlanta, Georgia (www.bacnet.org).
3.
M. Bishop, Computer Security: Art and Science, Addison-Wesley, Reading, Massachusetts, 2002.Google Scholar
4.
A. Carcano, I. Nai Fovino, M. Masera and A. Trombetta, SCADA malware: A proof of concept, presented at the Third International Workshop on Critical Information Infrastructure Security, 2008.
5.
R. Chandia, J. Gonzalez, T. Kilpatrick, M. Papa and S. Shenoi, Security strategies for SCADA networks, in Critical Infrastructure Protection, E. Goetz and S. Shenoi (Eds.), Springer, Boston, Massachusetts, pp. 117–131, 2007.CrossRefGoogle Scholar
6.
A. Creery and E. Byres, Industrial cybersecurity for power system and SCADA networks – Be secure, IEEE Industry Applications, vol. 13(4), pp. 49–55, 2007.CrossRefGoogle Scholar
7.
G. Dondossola, J. Szanto, M. Masera and I. Nai Fovino, Effects of intentional threats to power substation control systems, International Journal of Critical Infrastructures, vol. 4(1/2), pp. 129–143, 2008.CrossRefGoogle Scholar
8.
J. Heo, C. Hong, S. Ju, Y. Lim, B. Lee and D. Hyun, A security mechanism for automation control in PLC-based networks, Proceedings of the IEEE International Symposium on Power Line Communications and its Applications, pp. 466–470, 2007.
9.
D. Holmberg, BACnet Wide Area Network Security Threat Assessment, NISTIR 7009, National Institute of Standards and Technology, Gaithersburg, Maryland, 2003.
10.
P. Huitsing, R. Chandia, M. Papa and S. Shenoi, Attack taxonomies for the Modbus protocols, International Journal of Critical Infrastructure Protection, vol. 1, pp. 37–44, 2008.CrossRefGoogle Scholar
11.
A. Jones and D. Ashenden, Risk Management for Computer Security: Protecting Your Network and Information Assets, Elsevier, Oxford, United Kingdom, 2005.Google Scholar
12.
R. Leszczyna, I. Nai Fovino and M. Masera, Simulating malware with MAlSim, Computer Virology, EICAR 2008 Extended Version, 2008.
13.
M. Majdalawieh, F. Parisi-Presicce and D. Wijesekera, DNPSec: Distributed Network Protocol Version 3 security framework, presented at the Twenty-First Annual Computer Security Applications Conference (Technology Blitz Session), 2005.
14.
T. Mander, F. Nabhani, L. Wang and R. Cheung, Data object based security for DNP3 over TCP/IP for increased utility of commercial aspects of security, Proceedings of the IEEE Power Engineering Society General Meeting, pp. 1–8, 2007.
15.
M. Masera, I. Nai Fovino and R. Leszczyna, Security assessment of a turbo-gas power plant, in Critical Infrastructure Protection II, M. Papa and S. Shenoi (Eds.), Springer, Boston, Massachusetts, pp. 31–40, 2008.Google Scholar
16.
Modbus IDA, MODBUS Application Protocol Specification v1.1a, North Grafton, Massachusetts (www.modbus.org/specs.php), 2004.
17.
R. Rivest, A. Shamir and L. Adleman, A method for obtaining digital signatures and public-key cryptosystems, Communications of the ACM, vol. 21(2), pp. 120–126, 1978.MathSciNetCrossRefMATHGoogle Scholar
18.
M. Wiener, H. Handschuh, P. Pallier, R. Rivest, E. Biham and L. Knudsen, Performance comparison of public-key cryptosystems, smartcard crypto-coprocessors for public-key cryptography, chaffing and winnowing: Confidentiality without encryption, DES, Triple-DES and AES, CryptoBytes, vol. 4(1), 1998.
19.
A. Wright, J. Kinast and J. McCarty, Low-latency cryptographic protection for SCADA communications, Proceedings of the Second International Conference on Applied Security and Network Security, pp. 263–277, 2004.

Design and Implementation of a Secure Modbus Protocol

Abstract

Keywords

Copyright information

Authors and Affiliations

Personalised recommendations

Cookies