Abstract
Supervisory Control and Data Acquisition (SCADA) systems are migrating from isolated to highly-interconnected large scale architectures. In addition, these systems are increasingly composed of standard Internet technologies and use public networks. Hence, while the SCADA functionality has increased, its vulnerability to cyber threats has also risen. These threats often lead to reduced system availability or compromised data integrity, eventually resulting in risks to public safety. Therefore, enhancing the reliability and security of system operation is an urgent need. Peer-to-Peer (P2P) techniques allow the design of self-organizing Internet-scale communication overlay networks. Two inherent resilience mechanisms of P2P networks are path redundancy and data replication. This paper shows how SCADA system’s resilience can be improved by using P2P technologies. In particular, the two previously mentioned resilience mechanisms allow circumventing crashed nodes and detecting manipulated control data.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
INET Framework, http://inet.omnetpp.org
PostgreSQL, http://www.postgresql.org/
Androutsellis-Theotokis, S., Spinellis, D.: A Survey of Peer-to-Peer Content Distribution Technologies. ACM Comput. Surv. 36(4), 335–371 (2004)
Banavar, G., Chandra, T., Mukherjee, B., Nagarajarao, J., Strom, R.E., Sturman, D.C.: An efficient multicast protocol for content-based publish-subscribe systems. In: ICDCS 1999: Proceedings of the 19th IEEE International Conference on Distributed Computing Systems, p. 262. IEEE Computer Society Press, Washington (1999)
Baumgart, I., Heep, B., Krause, S.: OverSim: A Flexible Overlay Network Simulation Framework. In: Proceedings of 10th IEEE Global Internet Symposium (GI 2007) in conjunction with IEEE INFOCOM 2007, pp. 79–84 (2007)
Beitollahi, H., Deconinck, G.: Analyzing the Chord Peer-to-Peer Network for Power Grid Applications. In: Fourth IEEE Young Researchers Symposium in Electrical Power Engineering, p. 5 (2008)
Bowen III, C.L., Buennemeyer, T., Thomas, R.: Next generation SCADA Security: Best Practices and Client Puzzles. In: Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop, 2005. IAW 2005, June, pp. 426–427 (2005)
Castro, M., Druschel, P., Ganesh, A., Rowstron, A., Wallach, D.S.: Secure routing for structured peer-to-peer overlay networks. SIGOPS Oper. Syst. Rev. 36(SI), 299–314 (2002)
Codd, E.F.: The relational model for database management: version 2. Addison-Wesley Longman Publishing Co., Inc., Boston (1990)
Bakken, D.: Smart Grid Data Delivery Service, http://ec.europa.eu/research/conferences/2009/ict-energy/pdf/dave_bakken_en.pdf
Deconinck, G., Rigole, T., Beitollahi, H., Duan, R., Nauwelaers, B., Van Lil, E., Driesen, J., Belmans, R., Dondossola, G.: Robust overlay networks for microgrid control systems. In: DSN 2007, 37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, Edinburgh, U.K., June 25-28, p. 6 (2007)
Dinger, J., Hartenstein, H.: Defending the sybil attack in p2p networks: taxonomy, challenges, and a proposal for self-registration. In: The First International Conference on Availability, Reliability and Security, ARES 2006, April 2006, p. 8 (2006)
Eugster, P.T., Felber, P.A., Guerraoui, R., Kermarrec, A.M.: The many faces of publish/subscribe. ACM Comput. Surv. 35(2), 114–131 (2003)
Gjermundrod, H., et al.: GridStat: A Flexible QoS-Managed Data Dissemination Framework for the Power Grid. IEEE Transactions on Power Delivery 24(1), 136–143 (2009)
Ketel, M.: A mobile agent based framework for web services. In: ACM-SE 47: Proceedings of the 47th Annual Southeast Regional Conference, pp. 1–6. ACM, New York (2009)
Khelil, A., Jeckel, S., Germanus, D., Suri, N.: Benchmarking of P2P Technologies from a SCADA Systems Protection Perspective. In: MOBILIGHT 2010: Inproceedings of the 2nd International Conference on Mobile Lightweight Wireless Systems (to appear 2010)
Krutz, R.L.: Securing SCADA Systems. Hungry Minds Inc. (2005)
Maymounkov, P., Mazières, D.: Kademlia: A peer-to-peer information system based on the xor metric. In: IPTPS 2001: Revised Papers from the First International Workshop on Peer-to-Peer Systems, pp. 53–65. Springer, London (2002)
Papazoglou, M.P., Heuvel, W.J.: Service oriented architectures: approaches, technologies and research issues. The VLDB Journal 16(3), 389–415 (2007)
Pongor, G.: OMNeT: Objective Modular Network Testbed. In: MASCOTS 1993: Proceedings of the International Workshop on Modeling, Analysis, and Simulation On Computer and Telecommunication Systems, pp. 323–326. The Society for Computer Simulation, International, San Diego (1993)
Pridgen, A., Julien, C.: A secure modular mobile agent system. In: SELMAS 2006: Proceedings of the 2006 international workshop on Software engineering for large-scale multi-agent systems, pp. 67–74. ACM, New York (2006)
RFC Standards Track: RFC 2328, OSPF Version 2
Rinaldi, S., Peerenboom, J., Kelly, T.: Identifying, understanding, and analyzing Critical Infrastructure Interdependencies. IEEE Control Systems Magazine 21(6), 11–25 (2001)
D’Antonio, S., Romano, L., Khelil, A., Suri, N.: INcreasing Security and Protection through Infrastructure REsilience: the INSPIRE Project. In: Setola, R., Geretshuber, S. (eds.) CRITIS 2008. LNCS, vol. 5508, pp. 109–118. Springer, Heidelberg (2009)
Sandhu, R., Zhang, X.: Peer-to-peer access control architecture using trusted computing technology. In: SACMAT 2005: Proceedings of the tenth ACM symposium on Access control models and technologies, pp. 147–158. ACM, New York (2005)
Stoica, I., Morris, R., Karger, D., Kaashoek, M.F., Balakrishnan, H.: Chord: A scalable peer-to-peer lookup service for internet applications. In: SIGCOMM 2001: Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications, pp. 149–160. ACM, New York (2001)
Suri, N., Bradshaw, J.M., Breedy, M.R., Groth, P.T., Hill, G.A., Jeffers, R., Mitrovich, T.S., Pouliot, B.R., Smith, D.S.: Nomads: toward a strong and safe mobile agent system. In: AGENTS 2000: Proceedings of the fourth international conference on Autonomous agents, pp. 163–164. ACM, New York (2000)
Urdaneta, G., Pierre, G., van Steen, M.: A survey of DHT security techniques. ACM Computing Surveys, http://www.globule.org/publi/SDST_acmcs2009.html (to appear)
Xie, Z., et al.: An information architecture for future power systems and its reliability analysis. IEEE Power Engineering Review 22(6), 60–60 (2002)
ZigBee Alliance: http://www.zigbee.org , http://www.zigbee.org
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Germanus, D., Khelil, A., Suri, N. (2010). Increasing the Resilience of Critical SCADA Systems Using Peer-to-Peer Overlays. In: Giese, H. (eds) Architecting Critical Systems. ISARCS 2010. Lecture Notes in Computer Science, vol 6150. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-13556-9_10
Download citation
DOI: https://doi.org/10.1007/978-3-642-13556-9_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-13555-2
Online ISBN: 978-3-642-13556-9
eBook Packages: Computer ScienceComputer Science (R0)