SECURITY CONSIDERATIONS in DNP3 SCADA SYSTEMS

摘要

Supervisory Control and Data Acquisition (SCADA) networks are used by many utility companies that form critical infrastructure. SCADA networks can be easy targets for unauthorized intrusions that can result in devastating attacks by terrorists. This research identifies threats faced by SCADA and investigates effective methods to enhance security of DNP3 protocols, which are widely used for SCADA implementations. We propose implementation alternatives including SSL/TLS, IPsec, object security, encryption, and message authentication object. The paper analyzes and compares these approaches. In addition, it also evaluates implementation details of these solutions, which can be in the form of an open source toolkits or necessary changes to DNP3. Finally, we provide new research directions to more adequately secure SCADA and DNP3.