Advertisement

Towards Benchmarking of P2P Technologies from a SCADA Systems Protection Perspective

  • Abdelmajid Khelil
  • Sebastian Jeckel
  • Daniel Germanus
  • Neeraj Suri
Part of the Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering book series (LNICST, volume 45)

Abstract

Supervisory Control and Data Acquisition (SCADA) systems are used to control and monitor critical processes. Modern SCADA systems are increasingly built with off-the-shelf components simplifying their integration into existing networks. The benefits of increased flexibility and reduced costs are accompanied by newly introduced challenges regarding SCADA security/dependability. Peer-to-Peer (P2P) technologies allow for the construction of self-organizing, dependable and large-scale overlays on top of existing physical networks.

In this paper, we build the base for using P2P to enhance the resilience of deployed SCADA systems. To this end, we provide a general analysis of both domains and their compatibility. In addition, we refine the existing classifications of P2P technologies w.r.t. the needs and capabilities of SCADA systems. Consequently, we identify core P2P-based protection mechanisms for SCADA systems, based on data and path replication. Our main results are generic guidelines for the exploitation of P2P technologies to enhance the SCADA resilience.

Keywords

SCADA Critical Infrastructure Protection P2P Dependability Security 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Beitollahi, H., Deconinck, G.: Analyzing the Chord Peer-to-Peer Network for Power Grid Applications. In: Fourth IEEE Young Researchers Symposium in Electrical Power Engineering (2008)Google Scholar
  2. 2.
    Beitollahi, H., Deconinck, G.: Peer-to-Peer Networks Applied to Power Grid. In: Proceedings of the International conference on Risks and Security of Internet and Systems, CRiSIS (2007)Google Scholar
  3. 3.
    Deconinck, G., Vanthournout, K., Beitollahi, H., Qui, Z., Duan, R., Nauwelaers, B., Lil, E., Driesen, J., Belmans, R.: A Robust Semantic Overlay Network for Microgrid Control Applications. In: Proceedings of the Workshop on Software Architectures for Dependable Systems, WADS (2008)Google Scholar
  4. 4.
    Fernandez, J.D., Fernandez, A.E.: SCADA Systems: Vulnerabilities and Remediation. Journal of Computing Sciences in Colleges 20(4) (2005)Google Scholar
  5. 5.
    Krutz, R.L.: Securing SCADA Systems (2005)Google Scholar
  6. 6.
    Lua, K., Crowcroft, J., Pias, M., Sharma, R., Lim, S.: A Survey and Comparison of Peer-to-Peer Overlay Network Schemes. IEEE Communications Surveys and Tutorials 7(2) (2005)Google Scholar
  7. 7.
    Androutsellis-Theotokis, S., Spinellis, D.: A Survey of Peer-to-Peer Content Distribution Technologies. ACM Computing Surveys, 36(4) (2004)Google Scholar
  8. 8.
    The Gnutella Protocol Specification v0.4 (2000), http://www.stanford.edu/class/cs244b/gnutella_protocol_0.4.pdf
  9. 9.
    Chawathe, Y., Ratnasamy, S., Breslau, L., Lanham, N., Shenker, S.: Making Gnutella-like P2P Systems Scalable. In: Proceedings of the 2003 ACM SIGCOMM Conference (2003)Google Scholar
  10. 10.
  11. 11.
    Stoica, I., Morris, R., Karger, D., Kaashoek, F.M., Balakrishnan, H.: Chord: A Scalable Peer-to-Peer Lookup Service for Internet Applications. In: Proceedings of the 2001 ACM SIGCOMM Conference (2001)Google Scholar
  12. 12.
    Ratnasamy, S., Francis, P., Handley, M., Karp, R., Schenker, S.: A Scalable Content-Addressable Network. In: Proceedings of the 2001 ACM SIGCOMM Conference (2001)Google Scholar
  13. 13.
    Zhao, B.Y., Huang, L., Stribling, J., Rhea, S.C., Joseph, A.D., Kubiatowicz, J.D.: Tapestry: A Resilient Global-Scale Overlay for Service Deployment. IEEE Journal on Selected Areas in Communications, 22(1) (2004)Google Scholar
  14. 14.
    Maymounkov, P., Mazières, D.K.: A Peer-to-Peer Information System Based on the XOR Metric. In: Proceedings of the 2nd International Workshop on Peer-to-Peer Systems, IPTPS (2002)Google Scholar
  15. 15.
    Rowstron, A.I.T., Druschel, P.: Pastry: Scalable, Decentralized Object Location, and Routing for Large-Scale Peer-to-Peer Systems. In: Proceedings of the IFIP/ACM International Conference on Distributed Systems Platforms, Middleware (2001)Google Scholar
  16. 16.
    Kaashoek, F., Karger, D.R.: Koorde: A Simple Degree-Optimal Distributed Hash Table. In: Kaashoek, M.F., Stoica, I. (eds.) IPTPS 2003. LNCS, vol. 2735, Springer, Heidelberg (2003)CrossRefGoogle Scholar
  17. 17.
    Gupta, I., Birman, K., Linga, P., Demers, A., van Renesse, R.: Building an Efficient and Stable P2P DHT through Increased Memory and Background Overhead. In: Kaashoek, M.F., Stoica, I. (eds.) IPTPS 2003. LNCS, vol. 2735, Springer, Heidelberg (2003)CrossRefGoogle Scholar
  18. 18.
    Zhuang, S.Q., Zhao, B.Y., Joseph, A.D., Katz, R.H., Kubiatowicz, J.D.: Bayeux: An Architecture for Scalable and Fault-Tolerant Wide-Area Data Dissemination. In: Proceedings of The International Workshop on Network and Operating Systems Support for Digital Audio and Video, NOSSDAV (2001)Google Scholar
  19. 19.
    Kubiatowicz, J., Bindel, D., Chen, Y., Czerwinski, S., Eaton, P., Geels, D., Gummadi, R., Rhea, S., Weatherspoon, H., Wells, C., Zhao, B.: OceanStore: An Architecture for Global-Scale Persistent Storage. In: Proceedings of the international conference on Architectural support for programming languages and operating systems (ASPLOS), vol. 28 (2000)Google Scholar
  20. 20.
    Castro, M., Druschel, P., Kermarrec, A., Rowstron, A.: SCRIBE: A Large-Scale and Decentralized Application-Level Multicast Infrastructure. IEEE Journal on Selected Areas in communications 20(8) (2002)Google Scholar
  21. 21.
    Germanus, D., Khelil, A., Suri, N.: Increasing the Resilience of Critical SCADA Systems Using Peer-to-Peer Overlays. In: Proc. of The 1st International Symposium on Architecting Critical Systems, ISARCS (2010)Google Scholar
  22. 22.
    Dongni, R., Li, Y.T.H. and Chan, S.H.G. On reducing mesh delay for peer-to-peer live streamingGoogle Scholar
  23. 23.
    Guillaume, J.L., Latapyand, M., Magnien, C.: Comparison of Failures and Attacks on Random and Scale-Free Networks. In: Anderson, J.H., Prencipe, G., Wattenhofer, R. (eds.) OPODIS 2005. LNCS, vol. 3974. Springer, Heidelberg (2006)Google Scholar
  24. 24.
    Dinger, J., Hartenstein, H.: Defending the sybil attack in p2p networks: taxonomy, challenges, and a proposal for self-registration. In: Proceedings of The First International Conference on Availability, Reliability and Security, ARES (2006)Google Scholar
  25. 25.
    Singh, A., Castro, M., Druschel, P., Rowstron, A.: Defending against eclipse attacks on overlay networks. In: Proceedings of the ACM SIGOPS European Workshop, EW (2004)Google Scholar
  26. 26.
    Saxena, N., Tsudik, G., Yi, J.H.: Admission control in peer-to-peer: design and performance evaluation. In: Proceedings of the 1st ACM workshop on Security of ad hoc and sensor networks, SASN (2003)Google Scholar
  27. 27.
    D’Antonio, S., Romano, L., Khelil, A., Suri, N.: INcreasing Security and Protection through Infrastructure REsilience: the INSPIRE Project. In: Proceedings of The Workshop on Critical Information Infrastructures Security, CRITIS (2008)Google Scholar
  28. 28.
    Cohen, E., Shenker, S.: Replication Strategies in Unstructured Peer-to-Peer Networks. In: Proceedings of the 2002 ACM SIGCOMM Conference (2002)Google Scholar

Copyright information

© ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering 2010

Authors and Affiliations

  • Abdelmajid Khelil
    • 1
  • Sebastian Jeckel
    • 1
  • Daniel Germanus
    • 1
  • Neeraj Suri
    • 1
  1. 1.Technische Universität DarmstadtDarmstadtGermany

Personalised recommendations