TRUST, Autumn 2010 Conference, November 10-11, 2010 Simulation of Network Attacks on SCADA Systems Rohan Chabukswar, Bruno Sinopoli, Gabor Karsai, Annarita.

Slides:



Advertisements
Similar presentations
Introduction to IRRIIS testing platform IRRIIS MIT Conference ROME 8 February 2007 Claudio Balducelli.
Advertisements

 IPv6 Has built in security via IPsec (Internet Protocol Security). ◦ IPsec Operates at OSI layer 3 or internet layer of the Internet Protocol Suite.
GEO SB-01 Oceans and Society: Blue Planet An Integrating Oceans Task of GEO GEO-IX Plenary November 2012 Foz do Iguaçu, Brazil on behalf of the Blue.
TRUST for SCADA: A Simulation-based Experimental Platform
Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.
This work was supported by the TRUST Center (NSF award number CCF ) 1. Setting up experiment on DETER testbed a)Created twelve pc backbone nodes.
Team Dec13_11: Cole Hoven Jared Pixley Derek Reiser Rick Sutton Adviser/Client: Prof. Manimaran Govindarasu Graduate Assistant: Aditya Ashok PowerCyber.
1 Workshop on Research Directions for Security and Networking in Critical Real-Time and Embedded Systems Organizers: NC State University & UNC Chapel Hill.
Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,
Extensible Networking Platform IWAN 2005 Extensible Network Configuration and Communication Framework Todd Sproull and John Lockwood
Chapter 19: Network Management Business Data Communications, 4e.
1 In VINI Veritas: Realistic and Controlled Network Experimentation Jennifer Rexford with Andy Bavier, Nick Feamster, Mark Huang, and Larry Peterson
1 Experiments and Tools for DDoS Attacks Roman Chertov, Sonia Fahmy, Rupak Sanjel, Ness Shroff Center for Education and Research in Information Assurance.
Shadow Configurations: A Network Management Primitive Richard Alimi, Ye Wang, Y. Richard Yang Laboratory of Networked Systems Yale University.
Attacks on Three Tank System Three Tank System Testing Model-Based Security Features Experimental Platform for Model-Based Design of Embedded Systems Matt.
ISCSI Performance in Integrated LAN/SAN Environment Li Yin U.C. Berkeley.
An Integrated Framework for Dependable Revivable Architectures Using Multi-core Processors Weiding Shi, Hsien-Hsin S. Lee, Laura Falk, and Mrinmoy Ghosh.
Do You See What I See (DYSWIS) Aditya Muthyala (am3551) School of Engineering and Applied Science Columbia University, Fall 2011.
1 Sonia Fahmy Ness Shroff Students: Roman Chertov Rupak Sanjel Center for Education and Research in Information Assurance and Security (CERIAS) Purdue.
Annarita Giani, UC Berkeley Bruno Sinopoli & Aakash Shah, Carnegie Mellon University Gabor Karsai & Jon Wiley, Vanderbilt University TRUST 2008 Autumn.
Distributed Control Systems Emad Ali Chemical Engineering Department King SAUD University.
The LOGIIC Consortium Zachary Tudor, CISSP, CISM, CCP Program Director SRI International.
1 EVALUATING INTELLIGENT FLUID AUTOMATION SYSTEMS USING A FLUID NETWORK SIMULATION ENVIRONMENT Ron Esmao - Sr. Applications Engineer, Flowmaster USA.
Distributed Real-Time Systems for the Intelligent Power Grid Prof. Vincenzo Liberatore.
Redes Inalámbricas Máster Ingeniería de Computadores 2008/2009 Tema 7.- CASTADIVA PROJECT Performance Evaluation of a MANET architecture.
A Testbed for Secure and Robust SCADA systems Annarita Giani*, Gabor Karsai^, Tanya Roosta*, Aakash Shah †, Bruno Sinopoli †, Janos Stipanovitz^, Jon Wiley^
NICE :Network Intrusion Detection and Countermeasure Selection in Virtual Network Systems.
VisaPro Services Pvt. Ltd.. THE COMPANY VisaPro Immigration Services LLC, USA –US based immigration law firm –Offices in US and India.
Tufts Wireless Laboratory School Of Engineering Tufts University “Network QoS Management in Cyber-Physical Systems” Nicole Ng 9/16/20151 by Feng Xia, Longhua.
This work was supported by the TRUST Center (NSF award number CCF ) Background Assurance of system stability is of paramount importance in every.
Yuan Xue Vanderbilt University
Multi-Agent Testbed for Emerging Power Systems Mark Stanovich, Sanjeev Srivastava, David A. Cartes, Troy Bevis.
This work was supported by the TRUST Center (NSF award number CCF ) Introduction Since public utilities must rely on the internet, they are vulnerable.
Honeypot and Intrusion Detection System
Happy Network Administrators  Happy Packets  Happy Users WIRED Position Statement Aman Shaikh AT&T Labs – Research October 16,
Enhanced State Estimation by Advanced Substation Monitoring PSerc Project Review MeetingTexas A&M University November 7, 2001 College Station, TX PIs:
Resisting Denial-of-Service Attacks Using Overlay Networks Ju Wang Advisor: Andrew A. Chien Department of Computer Science and Engineering, University.
The ACGT Workflow Editing & Enactment Environment Giorgos Zacharioudakis Institute of Computer Science, Foundation for Research & Technology – Hellas (ICS-FORTH)
1 Network Monitoring Mi-Jung Choi Dept. of Computer Science KNU
Abstract: Accelerometers As part of the smartphone philosophy, every phone has a wide variety of sensors available to the user. Sensors include light and.
Topics of presentation
A Web-based Distributed Simulation System Christopher Taewan Ryu Computer Science Department California State University, Fullerton.
Authors: Yih-Chun Hu, Adrian Perrig, David B. Johnson
Dec 14 th, 2005Telecom Italia Strategy Meeting TRUST :Team for Research in Ubiquitous Secure Technologies Strategic and Implementation Plan overview Shankar.
ATLAS Grid Data Processing: system evolution and scalability D Golubkov, B Kersevan, A Klimentov, A Minaenko, P Nevski, A Vaniachine and R Walker for the.
Secure In-Network Aggregation for Wireless Sensor Networks
PwC New Technologies New Risks. PricewaterhouseCoopers Technology and Security Evolution Mainframe Technology –Single host –Limited Trusted users Security.
11 CLUSTERING AND AVAILABILITY Chapter 11. Chapter 11: CLUSTERING AND AVAILABILITY2 OVERVIEW  Describe the clustering capabilities of Microsoft Windows.
Framework of a Simulation Based Shop Floor Controller Using HLA Pramod Vijayakumar Systems and Industrial Engineering University of Arizona.
Introduction to the IRRIIS Simulation SimCIP Césaire Beyel.
Cybersecurity: Expanding the Front Lines of Defense Dr. George K. Kostopoulos Professor Electrical and Computer Engineering Cybersecurity New York Institute.
Computer Simulation of Networks ECE/CSC 777: Telecommunications Network Design Fall, 2013, Rudra Dutta.
Development of a QoE Model Himadeepa Karlapudi 03/07/03.
Virtualized Execution Realizing Network Infrastructures Enhancing Reliability Application Communities PI Meeting Arlington, VA July 10, 2007.
TRUST September 13, 2004 NSF STC Review TRUST:Team for Research in Ubiquitous Secure Technologies Developing Human Resources Connections to the Critical.
ANASOFT VIATUS. Challenges Supply chain optimization is necessary for achieving competitive price of final products Synchronization and utilization of.
Integrated Simulation and Emulation Platform for Cyber-Physical System Security Experimentation Wei Yan, Yuan Xue, Xiaowei Li, Jiannian Weng, Timothy Busch,
ARM and GPS Based Transformer monitoring system with area Identification Student Name USN NO Guide Name H.O.D Name Name Of The College & Dept.
Seminar On Rain Technology
The training simulator Final Conference, Athens, Greece 16 September 2011.
Interaction and Animation on Geolocalization Based Network Topology by Engin Arslan.
Presented by Edith Ngai MPhil Term 3 Presentation
Chapter 19: Network Management
Maximum Availability Architecture Enterprise Technology Centre.
J. Michael, M. Shing M. Miklaski, J. Babbitt Naval Postgraduate School
Model-Driven Analysis Frameworks for Embedded Systems
TRUST:Team for Research in Ubiquitous Secure Technologies
Introduction to Orchestra
Investigation into the strengths and weaknesses of freeware network simulation tools for education purposes Academic Question : Which is the most stabiles.
Presentation transcript:

TRUST, Autumn 2010 Conference, November 10-11, 2010 Simulation of Network Attacks on SCADA Systems Rohan Chabukswar, Bruno Sinopoli, Gabor Karsai, Annarita Giani, Himanshu Neema, Andrew Davis

TRUST, Autumn 2010 Conference, November 10-11, 2010 Outline Introduction – Security of SCADA Systems C2WindTunnel – Testbed Design – Testbed Implementaion Simulation Example – System Model and Attacks – Observations and Conclusions "Simulation of Network Attacks on SCADA Systems", Andrew Davis2

TRUST, Autumn 2010 Conference, November 10-11, 2010 SCADA Systems Supervisory Control and Data Acquisition – Manage and control critical infrastructure Gas utilities, power plants, oil refineries, power utilities, chemical plants, water management, traffic control systems "Simulation of Network Attacks on SCADA Systems", Andrew Davis3

TRUST, Autumn 2010 Conference, November 10-11, 2010 SCADA Security Potential damage to critical infrastructure and loss of life Components have decades-long lifetimes – Legacy systems designed without security as a priority Upgrades may cause unacceptable downtime Real life examples exist – Recent Stuxnet worm targeted SCADA systems monitoring nuclear facilities in Iran "Simulation of Network Attacks on SCADA Systems", Andrew Davis4

TRUST, Autumn 2010 Conference, November 10-11, 2010 Outline Introduction – Security of SCADA Systems C2WindTunnel – Testbed Design – Testbed Implementaion Simulation Example – System Model and Attacks – Observations and Conclusions "Simulation of Network Attacks on SCADA Systems", Andrew Davis5

TRUST, Autumn 2010 Conference, November 10-11, 2010 Testbed Design Goals Assess vulnerabilities of current SCADA systems in a realistic setting Allow testing of novel architectural and technological solutions for next generation SCADA Provide an open-source, highly flexible testbed for the industrial control community Should be modular, easily reconfigurable, and accurate "Simulation of Network Attacks on SCADA Systems", Andrew Davis6

TRUST, Autumn 2010 Conference, November 10-11, 2010 Simulation Integration "Simulation of Network Attacks on SCADA Systems", Andrew Davis7 Controller (Simulink) Process (Simulink) Network (OMNeT++) ??

TRUST, Autumn 2010 Conference, November 10-11, 2010 Integration Challenges Modeling network effects at packet level – Allows high fidelity simulation of network effects – Requires transferring time-stamped data among simulations with precise time synchronization – Requires discrete event model of network Different simulation time models – Network uses discrete event simulator – Control and process use continuous time simulators – Consistent global time must be maintained to prevent breach of causality "Simulation of Network Attacks on SCADA Systems", Andrew Davis8

TRUST, Autumn 2010 Conference, November 10-11, 2010 High Level Architecture Handles time-stamped data transfer – Defines a global object model – Uses publish and subscribe architecture to transmit time-stamped data Handles time management among diverse time models – Directs progression of each simulation’s local time – No simulation can receive events in its past "Simulation of Network Attacks on SCADA Systems", Andrew Davis9

TRUST, Autumn 2010 Conference, November 10-11, 2010 Simulation Integration "Simulation of Network Attacks on SCADA Systems", Andrew Davis10 Controller (Simulink) Process (Simulink) Network (OMNeT++) DoD/HLA Simulation Architecture Simulink glue code OMNeT++ glue code

TRUST, Autumn 2010 Conference, November 10-11, 2010 Integration Code Generation Integration of federates modeled with GME, a general purpose graphical modeling tool – Federates and object model – Publish and subscribe relationships – Timing parameters C2WindTunnel includes code generators to facilitate integration of federates – HLA FED file – Simulation engine to HLA glue code – Simplified interaction publish & subscribe "Simulation of Network Attacks on SCADA Systems", Andrew Davis11

TRUST, Autumn 2010 Conference, November 10-11, 2010 Recent Work Extended network integration – Endpoint nodes specified in integration model allowing transparent data flow from HLA to network – Code generated for data-type based routing of information through the network – Integrates with the INET framework to allow network modeling without concern for federation level details – Restructured HLA-to-network interface to support newest version of the poRTIco RTI New Windows installer simplifies setup – Available on project wiki "Simulation of Network Attacks on SCADA Systems", Andrew Davis12

TRUST, Autumn 2010 Conference, November 10-11, 2010 Outline Introduction – Security of SCADA Systems C2WindTunnel – Testbed Design – Testbed Implementaion Simulation Example – System Model and Attacks – Observations and Conclusions "Simulation of Network Attacks on SCADA Systems", Andrew Davis13

TRUST, Autumn 2010 Conference, November 10-11, 2010 Plant Model "Simulation of Network Attacks on SCADA Systems", Andrew Davis14

TRUST, Autumn 2010 Conference, November 10-11, 2010 Control Problem Objectives – Maintain production rate by controlling valves – Minimize operating cost (function of purge loss of A and C) Restrictions – Operating pressure below shutdown limit of 3 MPa – Flows have a maximum at their saturation points "Simulation of Network Attacks on SCADA Systems", Andrew Davis15

TRUST, Autumn 2010 Conference, November 10-11, 2010 Network Model "Simulation of Network Attacks on SCADA Systems", Andrew Davis16

TRUST, Autumn 2010 Conference, November 10-11, 2010 Attacks DDOS attacks are simulated on system, targeting various routers Saturated with external communication requests from large number of zombie nodes Process nodes connecting to attacked routers sustain 100% packet loss for the duration of the attack Controller, feed and product routers are attacked from 30-second mark to 60-second mark out of simulation time of 150 seconds "Simulation of Network Attacks on SCADA Systems", Andrew Davis17

TRUST, Autumn 2010 Conference, November 10-11, 2010 Attack on Feed Router "Simulation of Network Attacks on SCADA Systems", Andrew Davis18 Attack on Feed Router: Process remains stable throughout duration of attack

TRUST, Autumn 2010 Conference, November 10-11, 2010 Attack on Product Router "Simulation of Network Attacks on SCADA Systems", Andrew Davis19 Attack on Product Router: Process destabilizes during attack and begins to recover at its completion

TRUST, Autumn 2010 Conference, November 10-11, 2010 Conclusions Effects of each individual attack are hard to predict and compare analytically For a complicated system, calculating effects would require intensive analytical computations, could be intractable Simulation is the best way to estimate effects, to implement and compare network configurations and redundancies "Simulation of Network Attacks on SCADA Systems", Andrew Davis20

TRUST, Autumn 2010 Conference, November 10-11, 2010 Future Work Simulation can be used to develop and evaluate more robust control algorithms Extend testing to other common network security attacks Investigate distinguishing process faults from network attacks "Simulation of Network Attacks on SCADA Systems", Andrew Davis21

TRUST, Autumn 2010 Conference, November 10-11, 2010 Acknowledgements This work was supported in part by TRUST (Team for Research in Ubiquitous Secure Technology), which receives support from the National Science Foundation (NSF award number CCF ) and the following organizations: AFOSR (#FA ), BT, Cisco, DoCoMo USA Labs, EADS, ESCHER, HP, IBM, iCAST, Intel, Microsoft, ORNL, Pirelli, Qualcomm, Sun, Symantec, TCS, Telecom Italia and United Technologies. "Simulation of Network Attacks on SCADA Systems", Andrew Davis22

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.