Skip to main content

Research Repository

Advanced Search

A security and authentication layer for SCADA/DCS applications

Homay, Aydin; Chrysoulas, Christos; El Boudani, Brahim; de Sousa, Mario; Wollschlaeger, Martin

Authors

Aydin Homay

Brahim El Boudani

Mario de Sousa

Martin Wollschlaeger



Abstract

Mid 2010, a sophisticated malicious computer worm called Stuxnet targeted major ICS systems around the world causing severe damages to Siemens automation products. Stuxnet proved its ability to infect air-gapped-segregated critical computers control system. After this attack, the whole ICS industry security was thrust into spotlight. Automation suppliers have already started to re-think their business approach to cyber security. The OPC foundation have made also significant changes and improvements on its new design OPC-UA to increase security of automation applications but, what is still missing and seems to be not resolved any time soon is having security in depth for industrial automation applications. In this paper, we propose a simple but strong security control solution to be implemented as a logic level security on SCADA and DCS systems. The method presented in this work enforces message integrity to build trusts between DCS system components, but it should not be viewed as the main nor the only protection layer implemented on an industrial automation system. The proposed solution can be viewed as a low-level security procedure to avoid malicious attacks such as Stuxnet.

Journal Article Type Article
Acceptance Date Nov 13, 2020
Online Publication Date Dec 8, 2021
Publication Date 2021-11
Deposit Date Apr 7, 2022
Journal Microprocessors and Microsystems
Print ISSN 0141-9331
Publisher Elsevier
Peer Reviewed Peer Reviewed
Volume 87
Article Number 103479
DOI https://doi.org/10.1016/j.micpro.2020.103479
Keywords Stuxnet; Obfuscation; Encryption; MAC; SCADA; DCS
Public URL http://researchrepository.napier.ac.uk/Output/2861156