A Formal Adversary Capability Model for SCADA Environments
- 572 Downloads
Conventional adversary models used in the analysis of cryptographic protocols such as the Dolev-Yao model and variants rely on a simple communication model in which an adversary fully participates in network communication. In the case of control (supervisory control and data acquisition, SCADA) systems, this set of assumptions can lead to undesirable results as constraints on communication affect both defender and adversary capabilities. These include a restricted topology for message passing and real-time processing constraints resulting in message prioritisation. We therefore propose an alternative adversary model explicitly capturing these constraints. We use a π-calculus variant to reason about priorities and constraints on messages (names) and explicitly model multiple adversarial agents rather than a single omnipotent adversary so as to capture synchronisation and communication effects. As an example of the model’s capabilities, we derive targets for intrusion detection based on constraints on adversary action resulting from adversary-agent communication capabilities.
KeywordsIntrusion Detection Security Property Supervisory Control Covert Channel SCADA System
Unable to display preview. Download preview PDF.
- 2.Basin, D., Cremers, C.: From Dolev-Yao to Strong Adaptive Corruption: Analyzing Security in the Presence of Compromising Adversaries. Cryptology ePrint Archive, Report 2009/079 (2009), http://eprint.iacr.org/
- 5.Dawson, R., Boyd, C., Dawson, E., Nieto, J.M.G.: SKMA: A Key Management Architecture for SCADA Systems. In: ACSW Frontiers 2006: Proceedings of the 2006 Australasian Workshops on Grid Computing and e-Research, pp. 183–192. Australian Computer Society, Inc., Darlinghurst (2006)Google Scholar
- 6.Dolev, D., Yao, A.C.: On the Security of Public Key Protocols. In: SFCS 1981: Proceedings of the 22nd Annual Symposium on Foundations of Computer Science, pp. 350–357. IEEE Computer Society, Washington, DC (1981)Google Scholar
- 8.Gamez, D., Nadjm-tehrani, S., Bigham, J., Balducelli, C., Burbeck, K., Chyssler, T.: Safeguarding Critical Infrastructures. In: DEPENDABLE COMPUTING SYSTEMS: Paradigms, Performance Issues, and Applications, Wiley[Imprint], Inc., Chichester (2000)Google Scholar
- 9.McEvoy, T.R., Wolthusen, S.D.: Detecting SCADA Sensor Signal Manipulations in Non-linear Chemical Engineering Processes. In: Proceedings of the IFIP TC 11 25th International Informatin Security Conference, IFIP Advances in Information and Communication TechnologyGoogle Scholar
- 12.Svendsen, N., Wolthusen, S.: The International Federation for Information Processing. In: Modeling And Detecting Anomalies In Scada Systems, 101 (2009)Google Scholar
- 13.Verba, M., Milvich, J.: Idaho National Laboratory Supervisory Control and Data Acquisition Intrusion Detection System (SCADA IDS). In: IEEE Conference on Technologies for Homeland Security, pp. 469–473 (2008)Google Scholar