Abstract
The fact that modern Networked Industrial Control Systems (NICS) depend on Information and Communication Technologies (ICT), is well known. Although many studies have focused on the security of these systems, today we still lack the proper understanding of the effects that cyber attacks have on NICS. In this paper we use our previously developed framework to study the effects of network parameters, i.e. delay, packet losses and background traffic, on coordinated cyber attacks against NICS. Coordinated attacks rely on several infected hosts to disrupt the normal functionality of the system. Within the context of NICS we consider multiple infected control hardware, a highly similar setting to the recently reported Stuxnet worm, the first malware specifically designed to attack NICS. Furthermore, we assume that the coordinator is located outside the system, in the Internet, from where it launches attacks by sending packets to each infected control hardware. The main goal of the attacker is to bring the physical process into a critical state, i.e. dangerous, or more generally unwanted state of the system. For the physical process we used the Boiling Water Power Plant (BWPP) model developed by Bell and Åström.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Nai Fovino, I., Carcano, A., Masera, M., Trombetta, A.: An experimental investigation of malware attacks on SCADA systems. International Journal of Critical Infrastructure Protection 2(4), 139–145 (2009)
East, S., Butts, J., Papa, M., Shenoi, S.: A Taxonomy of Attacks on the DNP3 Protocol. In: Palmer, C., Shenoi, S. (eds.) Critical Infrastructure Protection III. IFIP AICT, vol. 311, pp. 67–81. Springer, Heidelberg (2009)
The Symantec Stuxnet Dossier (2010), http://www.wired.com/images_blogs/threatlevel/2010/11/w32_stuxnet_dossier.pdf
Tan, Y., Sengupta, S., Subbalakshmi, K.P.: Analysis of Coordinated Denial-of-Service Attacks in IEEE 802.22 Networks. IEEE JSAC Special Issue on Cognitive Radio Networking and Communications 29(4), 890–902 (2011)
Botnet Twitter Attack (2009), http://www.usatoday.com/tech/news/2009-08-06-twitter-attack_N.htm
Genge, B., Siaterlis, C., Nai Fovino, I., Masera, M.: A Cyber-Physical Experimentation Environment for the Security Analysis of Networked Industrial Control Systems. Computers and Electrical Engineering 38(5), 1146–1161 (2012)
Nai Fovino, I., Masera, M., Guglielmi, M., Carcano, A., Trombetta, A.: Distributed Intrusion Detection System for SCADA Protocols. In: Moore, T., Shenoi, S. (eds.) Critical Infrastructure Protection IV. IFIP AICT, vol. 342, pp. 95–110. Springer, Heidelberg (2010)
White, B., Lepreau, J., Stoller, L., Ricci, R., Guruprasad, S., Newbold, M., Hibler, M., Barb, C., Joglekar, A.: An integrated experimental environment for distributed systems and networks. In: Proc. of the Fifth Symposium on Operating Systems Design and Implementation, pp. 255–270 (2002)
Bell, R.D., Åström, K.J.: Dynamic models for boiler-turbine alternator units: data logs and parameter estimation for a 160MW unit. Lundt Institute of Technology. Report TFRT–3192, Sweden (1987)
Queiroz, C., Mahmood, A., Hu, J., Tari, Z., Yu, X.: Building a SCADA Security Testbed. In: Proc. 3rd NSS, pp. 357–364 (2009)
Davis, C.M., Tate, J.E., Okhravi, H., Grier, C., Overbye, T.J., Nicol, D.: SCADA Cyber Security Testbed Development. In: Proc. NAPS, pp. 483–488 (2006)
Chabukswar, R., Sinopoli, B., Karsai, G., Giani, A., Neema, H., Davis, A.: Simulation of Network Attacks on SCADA Systems. First WSCS (April 2010)
Nai Fovino, I., Masera, M., Guidi, L., Carpi, G.: An Experimental Platform for Assessing SCADA Vulnerabilities and Countermeasures in Power Plants. In: Proc. HSI, pp. 679–686 (2010)
Cárdenas, A., Amin, S., Lin, Z.S., Huang, Y.L., Huang, C.Y., Sastry, S.: Attacks Against Process Control Systems: Risk Assessment, Detection, and Response. In: Proc. ASIACCS, pp. 355–366 (2011)
Google Aurora attack (2010), http://www.wired.com/threatlevel/2010/01/operation-aurora/
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Genge, B., Siaterlis, C. (2013). Investigating the Effect of Network Parameters on Coordinated Cyber Attacks against a Simulated Power Plant. In: Bologna, S., Hämmerli, B., Gritzalis, D., Wolthusen, S. (eds) Critical Information Infrastructure Security. CRITIS 2011. Lecture Notes in Computer Science, vol 6983. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-41476-3_12
Download citation
DOI: https://doi.org/10.1007/978-3-642-41476-3_12
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-41475-6
Online ISBN: 978-3-642-41476-3
eBook Packages: Computer ScienceComputer Science (R0)