Abstract
Conventional adversary models used in the analysis of cryptographic protocols such as the Dolev-Yao model and variants rely on a simple communication model in which an adversary fully participates in network communication. In the case of control (supervisory control and data acquisition, SCADA) systems, this set of assumptions can lead to undesirable results as constraints on communication affect both defender and adversary capabilities. These include a restricted topology for message passing and real-time processing constraints resulting in message prioritisation. We therefore propose an alternative adversary model explicitly capturing these constraints. We use a π-calculus variant to reason about priorities and constraints on messages (names) and explicitly model multiple adversarial agents rather than a single omnipotent adversary so as to capture synchronisation and communication effects. As an example of the model’s capabilities, we derive targets for intrusion detection based on constraints on adversary action resulting from adversary-agent communication capabilities.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Mao, W.: A structured operational modelling of the dolev-yao threat model. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds.) Security Protocols 2002. LNCS, vol. 2845, pp. 34–46. Springer, Heidelberg (2004)
Basin, D., Cremers, C.: From Dolev-Yao to Strong Adaptive Corruption: Analyzing Security in the Presence of Compromising Adversaries. Cryptology ePrint Archive, Report 2009/079 (2009), http://eprint.iacr.org/
Bergstra, J.A., Middleburg, C.A.: Process Algebra for Hybrid Systems. Theor. Comput. Sci. 335(2-3), 215–280 (2005)
Cardenas, A.A., Roosta, T., Sastry, S.: Rethinking Security Properties, Threat Models, and the Design Space in Sensor Networks: A Case Study in Scada Systems. Ad Hoc Netw. 7(8), 1434–1447 (2009)
Dawson, R., Boyd, C., Dawson, E., Nieto, J.M.G.: SKMA: A Key Management Architecture for SCADA Systems. In: ACSW Frontiers 2006: Proceedings of the 2006 Australasian Workshops on Grid Computing and e-Research, pp. 183–192. Australian Computer Society, Inc., Darlinghurst (2006)
Dolev, D., Yao, A.C.: On the Security of Public Key Protocols. In: SFCS 1981: Proceedings of the 22nd Annual Symposium on Foundations of Computer Science, pp. 350–357. IEEE Computer Society, Washington, DC (1981)
Downs, J.J., Vogel, E.F.: A Plant-Wide Industrial Process Control Problem. Computers & Chemical Engineering 17(3), 245–255 (1993)
Gamez, D., Nadjm-tehrani, S., Bigham, J., Balducelli, C., Burbeck, K., Chyssler, T.: Safeguarding Critical Infrastructures. In: DEPENDABLE COMPUTING SYSTEMS: Paradigms, Performance Issues, and Applications, Wiley[Imprint], Inc., Chichester (2000)
McEvoy, T.R., Wolthusen, S.D.: Detecting SCADA Sensor Signal Manipulations in Non-linear Chemical Engineering Processes. In: Proceedings of the IFIP TC 11 25th International Informatin Security Conference, IFIP Advances in Information and Communication Technology
Sangiorgi, D., Walker, D.: PI-Calculus: A Theory of Mobile Processes. Cambridge University Press, New York (2001)
Sheng, S., Chan, W.L., Li, K.K., Xianzhong, D., Xiangjun, Z.: Context Information-based Cyber Security Defense of Protection System. IEEE Transactions on Power Delivery 22(3), 1477–1481 (2007)
Svendsen, N., Wolthusen, S.: The International Federation for Information Processing. In: Modeling And Detecting Anomalies In Scada Systems, 101 (2009)
Verba, M., Milvich, J.: Idaho National Laboratory Supervisory Control and Data Acquisition Intrusion Detection System (SCADA IDS). In: IEEE Conference on Technologies for Homeland Security, pp. 469–473 (2008)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
McEvoy, T.R., Wolthusen, S.D. (2011). A Formal Adversary Capability Model for SCADA Environments. In: Xenakis, C., Wolthusen, S. (eds) Critical Information Infrastructures Security. CRITIS 2010. Lecture Notes in Computer Science, vol 6712. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-21694-7_8
Download citation
DOI: https://doi.org/10.1007/978-3-642-21694-7_8
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-21693-0
Online ISBN: 978-3-642-21694-7
eBook Packages: Computer ScienceComputer Science (R0)