Skip to main content
Book cover

International Symposium on Architecting Critical Systems

ISARCS 2010: Architecting Critical Systems pp 161–178Cite as

Increasing the Resilience of Critical SCADA Systems Using Peer-to-Peer Overlays

  • Conference paper

Part of the Lecture Notes in Computer Science book series (LNSC,volume 6150)

Abstract

Supervisory Control and Data Acquisition (SCADA) systems are migrating from isolated to highly-interconnected large scale architectures. In addition, these systems are increasingly composed of standard Internet technologies and use public networks. Hence, while the SCADA functionality has increased, its vulnerability to cyber threats has also risen. These threats often lead to reduced system availability or compromised data integrity, eventually resulting in risks to public safety. Therefore, enhancing the reliability and security of system operation is an urgent need. Peer-to-Peer (P2P) techniques allow the design of self-organizing Internet-scale communication overlay networks. Two inherent resilience mechanisms of P2P networks are path redundancy and data replication. This paper shows how SCADA system’s resilience can be improved by using P2P technologies. In particular, the two previously mentioned resilience mechanisms allow circumventing crashed nodes and detecting manipulated control data.

Keywords

  • Internet Protocol
  • Power Grid
  • Overlay Network
  • Distribute Hash Table
  • Mobile Agent System

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

This is a preview of subscription content, access via your institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-642-13556-9_10
  • Chapter length: 18 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   74.99
Price excludes VAT (USA)
  • ISBN: 978-3-642-13556-9
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   99.00
Price excludes VAT (USA)
Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. INET Framework, http://inet.omnetpp.org

  2. PostgreSQL, http://www.postgresql.org/

  3. Androutsellis-Theotokis, S., Spinellis, D.: A Survey of Peer-to-Peer Content Distribution Technologies. ACM Comput. Surv. 36(4), 335–371 (2004)

    CrossRef  Google Scholar 

  4. Banavar, G., Chandra, T., Mukherjee, B., Nagarajarao, J., Strom, R.E., Sturman, D.C.: An efficient multicast protocol for content-based publish-subscribe systems. In: ICDCS 1999: Proceedings of the 19th IEEE International Conference on Distributed Computing Systems, p. 262. IEEE Computer Society Press, Washington (1999)

    Google Scholar 

  5. Baumgart, I., Heep, B., Krause, S.: OverSim: A Flexible Overlay Network Simulation Framework. In: Proceedings of 10th IEEE Global Internet Symposium (GI 2007) in conjunction with IEEE INFOCOM 2007, pp. 79–84 (2007)

    Google Scholar 

  6. Beitollahi, H., Deconinck, G.: Analyzing the Chord Peer-to-Peer Network for Power Grid Applications. In: Fourth IEEE Young Researchers Symposium in Electrical Power Engineering, p. 5 (2008)

    Google Scholar 

  7. Bowen III, C.L., Buennemeyer, T., Thomas, R.: Next generation SCADA Security: Best Practices and Client Puzzles. In: Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop, 2005. IAW 2005, June, pp. 426–427 (2005)

    Google Scholar 

  8. Castro, M., Druschel, P., Ganesh, A., Rowstron, A., Wallach, D.S.: Secure routing for structured peer-to-peer overlay networks. SIGOPS Oper. Syst. Rev. 36(SI), 299–314 (2002)

    CrossRef  Google Scholar 

  9. Codd, E.F.: The relational model for database management: version 2. Addison-Wesley Longman Publishing Co., Inc., Boston (1990)

    MATH  Google Scholar 

  10. Bakken, D.: Smart Grid Data Delivery Service, http://ec.europa.eu/research/conferences/2009/ict-energy/pdf/dave_bakken_en.pdf

  11. Deconinck, G., Rigole, T., Beitollahi, H., Duan, R., Nauwelaers, B., Van Lil, E., Driesen, J., Belmans, R., Dondossola, G.: Robust overlay networks for microgrid control systems. In: DSN 2007, 37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, Edinburgh, U.K., June 25-28, p. 6 (2007)

    Google Scholar 

  12. Dinger, J., Hartenstein, H.: Defending the sybil attack in p2p networks: taxonomy, challenges, and a proposal for self-registration. In: The First International Conference on Availability, Reliability and Security, ARES 2006, April 2006, p. 8 (2006)

    Google Scholar 

  13. Eugster, P.T., Felber, P.A., Guerraoui, R., Kermarrec, A.M.: The many faces of publish/subscribe. ACM Comput. Surv. 35(2), 114–131 (2003)

    CrossRef  Google Scholar 

  14. Gjermundrod, H., et al.: GridStat: A Flexible QoS-Managed Data Dissemination Framework for the Power Grid. IEEE Transactions on Power Delivery 24(1), 136–143 (2009)

    CrossRef  Google Scholar 

  15. Ketel, M.: A mobile agent based framework for web services. In: ACM-SE 47: Proceedings of the 47th Annual Southeast Regional Conference, pp. 1–6. ACM, New York (2009)

    CrossRef  Google Scholar 

  16. Khelil, A., Jeckel, S., Germanus, D., Suri, N.: Benchmarking of P2P Technologies from a SCADA Systems Protection Perspective. In: MOBILIGHT 2010: Inproceedings of the 2nd International Conference on Mobile Lightweight Wireless Systems (to appear 2010)

    Google Scholar 

  17. Krutz, R.L.: Securing SCADA Systems. Hungry Minds Inc. (2005)

    Google Scholar 

  18. Maymounkov, P., Mazières, D.: Kademlia: A peer-to-peer information system based on the xor metric. In: IPTPS 2001: Revised Papers from the First International Workshop on Peer-to-Peer Systems, pp. 53–65. Springer, London (2002)

    Google Scholar 

  19. Papazoglou, M.P., Heuvel, W.J.: Service oriented architectures: approaches, technologies and research issues. The VLDB Journal 16(3), 389–415 (2007)

    CrossRef  Google Scholar 

  20. Pongor, G.: OMNeT: Objective Modular Network Testbed. In: MASCOTS 1993: Proceedings of the International Workshop on Modeling, Analysis, and Simulation On Computer and Telecommunication Systems, pp. 323–326. The Society for Computer Simulation, International, San Diego (1993)

    Google Scholar 

  21. Pridgen, A., Julien, C.: A secure modular mobile agent system. In: SELMAS 2006: Proceedings of the 2006 international workshop on Software engineering for large-scale multi-agent systems, pp. 67–74. ACM, New York (2006)

    CrossRef  Google Scholar 

  22. RFC Standards Track: RFC 2328, OSPF Version 2

    Google Scholar 

  23. Rinaldi, S., Peerenboom, J., Kelly, T.: Identifying, understanding, and analyzing Critical Infrastructure Interdependencies. IEEE Control Systems Magazine 21(6), 11–25 (2001)

    CrossRef  Google Scholar 

  24. D’Antonio, S., Romano, L., Khelil, A., Suri, N.: INcreasing Security and Protection through Infrastructure REsilience: the INSPIRE Project. In: Setola, R., Geretshuber, S. (eds.) CRITIS 2008. LNCS, vol. 5508, pp. 109–118. Springer, Heidelberg (2009)

    CrossRef  Google Scholar 

  25. Sandhu, R., Zhang, X.: Peer-to-peer access control architecture using trusted computing technology. In: SACMAT 2005: Proceedings of the tenth ACM symposium on Access control models and technologies, pp. 147–158. ACM, New York (2005)

    CrossRef  Google Scholar 

  26. Stoica, I., Morris, R., Karger, D., Kaashoek, M.F., Balakrishnan, H.: Chord: A scalable peer-to-peer lookup service for internet applications. In: SIGCOMM 2001: Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications, pp. 149–160. ACM, New York (2001)

    CrossRef  Google Scholar 

  27. Suri, N., Bradshaw, J.M., Breedy, M.R., Groth, P.T., Hill, G.A., Jeffers, R., Mitrovich, T.S., Pouliot, B.R., Smith, D.S.: Nomads: toward a strong and safe mobile agent system. In: AGENTS 2000: Proceedings of the fourth international conference on Autonomous agents, pp. 163–164. ACM, New York (2000)

    CrossRef  Google Scholar 

  28. Urdaneta, G., Pierre, G., van Steen, M.: A survey of DHT security techniques. ACM Computing Surveys, http://www.globule.org/publi/SDST_acmcs2009.html (to appear)

  29. Xie, Z., et al.: An information architecture for future power systems and its reliability analysis. IEEE Power Engineering Review 22(6), 60–60 (2002)

    CrossRef  Google Scholar 

  30. ZigBee Alliance: http://www.zigbee.org , http://www.zigbee.org

Download references

Author information

Authors and Affiliations

  1. DEEDS Group, Computer Science Department, TU Darmstadt, Germany

    Daniel Germanus, Abdelmajid Khelil & Neeraj Suri

Authors
  1. Daniel Germanus
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Abdelmajid Khelil
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Neeraj Suri
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Hasso Plattner Institute for Software Systems Engineering, Prof.-Dr.-Helmert-Str. 2-3, 14482, Potsdam, Germany

    Holger Giese

Rights and permissions

Reprints and Permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Germanus, D., Khelil, A., Suri, N. (2010). Increasing the Resilience of Critical SCADA Systems Using Peer-to-Peer Overlays. In: Giese, H. (eds) Architecting Critical Systems. ISARCS 2010. Lecture Notes in Computer Science, vol 6150. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-13556-9_10

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-13556-9_10

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-13555-2

  • Online ISBN: 978-3-642-13556-9

  • eBook Packages: Computer ScienceComputer Science (R0)