A Formal Adversary Capability Model for SCADA Environments

McEvoy, Thomas Richard; Wolthusen, Stephen D.

doi:10.1007/978-3-642-21694-7_8

A Formal Adversary Capability Model for SCADA Environments

Thomas Richard McEvoy¹⁷ &
Stephen D. Wolthusen^16,17

Conference paper

658 Accesses
6 Citations

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6712))

Abstract

Conventional adversary models used in the analysis of cryptographic protocols such as the Dolev-Yao model and variants rely on a simple communication model in which an adversary fully participates in network communication. In the case of control (supervisory control and data acquisition, SCADA) systems, this set of assumptions can lead to undesirable results as constraints on communication affect both defender and adversary capabilities. These include a restricted topology for message passing and real-time processing constraints resulting in message prioritisation. We therefore propose an alternative adversary model explicitly capturing these constraints. We use a π-calculus variant to reason about priorities and constraints on messages (names) and explicitly model multiple adversarial agents rather than a single omnipotent adversary so as to capture synchronisation and communication effects. As an example of the model’s capabilities, we derive targets for intrusion detection based on constraints on adversary action resulting from adversary-agent communication capabilities.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Mao, W.: A structured operational modelling of the dolev-yao threat model. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds.) Security Protocols 2002. LNCS, vol. 2845, pp. 34–46. Springer, Heidelberg (2004)
Chapter Google Scholar
Basin, D., Cremers, C.: From Dolev-Yao to Strong Adaptive Corruption: Analyzing Security in the Presence of Compromising Adversaries. Cryptology ePrint Archive, Report 2009/079 (2009), http://eprint.iacr.org/
Bergstra, J.A., Middleburg, C.A.: Process Algebra for Hybrid Systems. Theor. Comput. Sci. 335(2-3), 215–280 (2005)
Article MathSciNet MATH Google Scholar
Cardenas, A.A., Roosta, T., Sastry, S.: Rethinking Security Properties, Threat Models, and the Design Space in Sensor Networks: A Case Study in Scada Systems. Ad Hoc Netw. 7(8), 1434–1447 (2009)
Article Google Scholar
Dawson, R., Boyd, C., Dawson, E., Nieto, J.M.G.: SKMA: A Key Management Architecture for SCADA Systems. In: ACSW Frontiers 2006: Proceedings of the 2006 Australasian Workshops on Grid Computing and e-Research, pp. 183–192. Australian Computer Society, Inc., Darlinghurst (2006)
Google Scholar
Dolev, D., Yao, A.C.: On the Security of Public Key Protocols. In: SFCS 1981: Proceedings of the 22nd Annual Symposium on Foundations of Computer Science, pp. 350–357. IEEE Computer Society, Washington, DC (1981)
Google Scholar
Downs, J.J., Vogel, E.F.: A Plant-Wide Industrial Process Control Problem. Computers & Chemical Engineering 17(3), 245–255 (1993)
Article Google Scholar
Gamez, D., Nadjm-tehrani, S., Bigham, J., Balducelli, C., Burbeck, K., Chyssler, T.: Safeguarding Critical Infrastructures. In: DEPENDABLE COMPUTING SYSTEMS: Paradigms, Performance Issues, and Applications, Wiley[Imprint], Inc., Chichester (2000)
Google Scholar
McEvoy, T.R., Wolthusen, S.D.: Detecting SCADA Sensor Signal Manipulations in Non-linear Chemical Engineering Processes. In: Proceedings of the IFIP TC 11 25th International Informatin Security Conference, IFIP Advances in Information and Communication Technology
Google Scholar
Sangiorgi, D., Walker, D.: PI-Calculus: A Theory of Mobile Processes. Cambridge University Press, New York (2001)
MATH Google Scholar
Sheng, S., Chan, W.L., Li, K.K., Xianzhong, D., Xiangjun, Z.: Context Information-based Cyber Security Defense of Protection System. IEEE Transactions on Power Delivery 22(3), 1477–1481 (2007)
Article Google Scholar
Svendsen, N., Wolthusen, S.: The International Federation for Information Processing. In: Modeling And Detecting Anomalies In Scada Systems, 101 (2009)
Google Scholar
Verba, M., Milvich, J.: Idaho National Laboratory Supervisory Control and Data Acquisition Intrusion Detection System (SCADA IDS). In: IEEE Conference on Technologies for Homeland Security, pp. 469–473 (2008)
Google Scholar

Download references

Author information

Authors and Affiliations

Norwegian Information Security Laboratory, Department of Computer Science, Gjøvik University College, Norway
Stephen D. Wolthusen
Information Security Group, Department of Mathematics, Royal Holloway, University of London, UK
Thomas Richard McEvoy & Stephen D. Wolthusen

Authors

Thomas Richard McEvoy
View author publications
You can also search for this author in PubMed Google Scholar
Stephen D. Wolthusen
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Christos Xenakis Stephen Wolthusen

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

McEvoy, T.R., Wolthusen, S.D. (2011). A Formal Adversary Capability Model for SCADA Environments. In: Xenakis, C., Wolthusen, S. (eds) Critical Information Infrastructures Security. CRITIS 2010. Lecture Notes in Computer Science, vol 6712. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-21694-7_8

Download citation

DOI: https://doi.org/10.1007/978-3-642-21694-7_8
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-21693-0
Online ISBN: 978-3-642-21694-7
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics