Supervisory control and data acquisition (SCADA) are applications that collect data from a system in order to automate the monitoring and controlling of its activities. Several industrial fields such as, electric utilities, water supplies and buildings’ facilities have already adopted SCADA systems to increase the efficiency and reduce cost. However, the IT community is concerned about the level of security that any applied SCADA system provides. This paper concentrates on the major security threats encountered in SCADA systems. In addition, it discusses a new proposed methodology in order to increase the system security with minimal impact on efficiency. The proposed scheme provides several security services which are mutual authentication, confidentiality, data integrity and accountability.
Supervisory control and data acquisition (SCADA) are applications that collect data from a system in order to automate the monitoring and controlling of its activities. Several industrial fields such as, electric utilities, water supplies and buildings' facilities have already adopted SCADA systems to increase the efficiency and reduce cost. However, the IT community is concerned about the level of security that any applied SCADA system provides. This paper concentrates on the major security threats encountered in SCADA systems. In addition, it discusses a new proposed methodology in order to increase the system security with minimal impact on efficiency. The proposed scheme provides several security services which are mutual authentication, confidentiality, data integrity and accountability.
As the Supervisory Control and Data Acquisition (SCADA) system are deployed in infrastructures which are critical to the survival of a nation, they have emerged as a potential terrain for cyber-war, thus attracting the considered attention of ‘nation-states’. The analysis of worms like ‘stuxnet’ ‘flame’ and ‘duqu’ reveals the hand of a ‘nation-state’ in their design and deployment. Hence, the necessity to understand various issues in the defence of SCADA systems arises. The forensics of the SCADA system provide deep insight into the design and deployment of the worm (the malware) once the system is attacked. This is precisely the scope of this essay.
Cyber-Defensive Architecture for Networked Industrial Control SystemsIJEACS
This paper deals with the inevitable consequence of the convenience and efficiency we benefit from the open, networked control system operation of safety-critical applications: vulnerability to such system from cyber-attacks. Even with numerous metrics and methods for intrusion detection and mitigation strategy, a complete detection and deterrence of internal code flaws and outside cyber-attacks has not been found and would not be found anytime soon. Considering the ever incompleteness of detection and prevention and the impact and consequence of mal-functions of the safety-critical operations caused by cyber incidents, this paper proposes a new computer control system architecture which assures resiliency even under compromised situations. The proposed architecture is centered on diversification of hardware systems and unidirectional communication from the proposed system in alerting suspicious activities to upper layers. This paper details the architectural structure of the proposed cyber defensive computer control system architecture for power substation applications and its validation in lab experimentation and on a cybersecurity testbed.
CYBER SECURITY TRANDS FOR FUTURE SMART GRID SYSTEMSGeorge Wainblat
SUMMARY - Current power grids increasingly emerging into smart networked grids and are more accessible from the public internet which poses new cyber threats in the grid. More computer based systems are introduced into power networks in order to monitor and control the network. Future model smart grid and micro grid systems will be based on data flows for communication of system status, usage and control throughout the network infrastructure in addition to the power flow. This creates new security threats on the power grid. Instead of relying mainly on power plants for power generation, there will be a combination of multiple generation sources and at the same time wider use of electrical computer based equipment by consumers. Both increase the amount of data flows in the network as well as introduce additional vulnerable spots. Vulnerability of the power grid to cyber-attacks increases even more because of the wide use of SCADA networks. SCADA networks are more accessible to the internet and lack authentication and authorization mechanisms therefore expose the grid to threats such as DDOS, Data interception, Data alteration and additional hacking threats.
The transition from present to future model has already begun and rapidly growing while it already poses new security challenges which must be attended immediately. It is essential to introduce immediately a single comprehensive security solution which will provide fast detection and prevention tools to cope with a variety of threats with different nature and from multiple sources. The solution should not be tightly coupled with each device in the network so it won’t require upgrade of the devices inside the grid.
The Cyber defense solution should be versatile using variety of cyber technologies such as Firewalls, anomaly detection, Big Data analytics, machine learning and more in a network wise combination.
IoT Network Attack Detection using Supervised Machine LearningCSCJournals
The use of supervised learning algorithms to detect malicious traffic can be valuable in designing intrusion detection systems and ascertaining security risks. The Internet of things (IoT) refers to the billions of physical, electronic devices around the world that are often connected over the Internet. The growth of IoT systems comes at the risk of network attacks such as denial of service (DoS) and spoofing. In this research, we perform various supervised feature selection methods and employ three classifiers on IoT network data. The classifiers predict with high accuracy if the network traffic against the IoT device was malicious or benign. We compare the feature selection methods to arrive at the best that can be used for network intrusion prediction.
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...Leonardo ENERGY
This Cybersecurity webinar addresses issues of importance to executive, technical, and academic professionals involved with managing and protecting Electric Utilities and Smart Grids. Cyber threats and vulnerabilities, including cyber attacks, will be addressed; as well as Smart Grid trends, and privacy and data integrity issues. United States, European, and International organizations and initiatives to address cybersecurity for utilities will be discussed. The webinar will conclude with strategies to improve cybersecurity. A second cybersecurity webinar (programmed in September 2017) will address best practices, case studies, and legal and regulatory constraints for architecting smart grids in a secure way.
Supervisory control and data acquisition (SCADA) are applications that collect data from a system in order to automate the monitoring and controlling of its activities. Several industrial fields such as, electric utilities, water supplies and buildings' facilities have already adopted SCADA systems to increase the efficiency and reduce cost. However, the IT community is concerned about the level of security that any applied SCADA system provides. This paper concentrates on the major security threats encountered in SCADA systems. In addition, it discusses a new proposed methodology in order to increase the system security with minimal impact on efficiency. The proposed scheme provides several security services which are mutual authentication, confidentiality, data integrity and accountability.
As the Supervisory Control and Data Acquisition (SCADA) system are deployed in infrastructures which are critical to the survival of a nation, they have emerged as a potential terrain for cyber-war, thus attracting the considered attention of ‘nation-states’. The analysis of worms like ‘stuxnet’ ‘flame’ and ‘duqu’ reveals the hand of a ‘nation-state’ in their design and deployment. Hence, the necessity to understand various issues in the defence of SCADA systems arises. The forensics of the SCADA system provide deep insight into the design and deployment of the worm (the malware) once the system is attacked. This is precisely the scope of this essay.
Cyber-Defensive Architecture for Networked Industrial Control SystemsIJEACS
This paper deals with the inevitable consequence of the convenience and efficiency we benefit from the open, networked control system operation of safety-critical applications: vulnerability to such system from cyber-attacks. Even with numerous metrics and methods for intrusion detection and mitigation strategy, a complete detection and deterrence of internal code flaws and outside cyber-attacks has not been found and would not be found anytime soon. Considering the ever incompleteness of detection and prevention and the impact and consequence of mal-functions of the safety-critical operations caused by cyber incidents, this paper proposes a new computer control system architecture which assures resiliency even under compromised situations. The proposed architecture is centered on diversification of hardware systems and unidirectional communication from the proposed system in alerting suspicious activities to upper layers. This paper details the architectural structure of the proposed cyber defensive computer control system architecture for power substation applications and its validation in lab experimentation and on a cybersecurity testbed.
CYBER SECURITY TRANDS FOR FUTURE SMART GRID SYSTEMSGeorge Wainblat
SUMMARY - Current power grids increasingly emerging into smart networked grids and are more accessible from the public internet which poses new cyber threats in the grid. More computer based systems are introduced into power networks in order to monitor and control the network. Future model smart grid and micro grid systems will be based on data flows for communication of system status, usage and control throughout the network infrastructure in addition to the power flow. This creates new security threats on the power grid. Instead of relying mainly on power plants for power generation, there will be a combination of multiple generation sources and at the same time wider use of electrical computer based equipment by consumers. Both increase the amount of data flows in the network as well as introduce additional vulnerable spots. Vulnerability of the power grid to cyber-attacks increases even more because of the wide use of SCADA networks. SCADA networks are more accessible to the internet and lack authentication and authorization mechanisms therefore expose the grid to threats such as DDOS, Data interception, Data alteration and additional hacking threats.
The transition from present to future model has already begun and rapidly growing while it already poses new security challenges which must be attended immediately. It is essential to introduce immediately a single comprehensive security solution which will provide fast detection and prevention tools to cope with a variety of threats with different nature and from multiple sources. The solution should not be tightly coupled with each device in the network so it won’t require upgrade of the devices inside the grid.
The Cyber defense solution should be versatile using variety of cyber technologies such as Firewalls, anomaly detection, Big Data analytics, machine learning and more in a network wise combination.
IoT Network Attack Detection using Supervised Machine LearningCSCJournals
The use of supervised learning algorithms to detect malicious traffic can be valuable in designing intrusion detection systems and ascertaining security risks. The Internet of things (IoT) refers to the billions of physical, electronic devices around the world that are often connected over the Internet. The growth of IoT systems comes at the risk of network attacks such as denial of service (DoS) and spoofing. In this research, we perform various supervised feature selection methods and employ three classifiers on IoT network data. The classifiers predict with high accuracy if the network traffic against the IoT device was malicious or benign. We compare the feature selection methods to arrive at the best that can be used for network intrusion prediction.
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...Leonardo ENERGY
This Cybersecurity webinar addresses issues of importance to executive, technical, and academic professionals involved with managing and protecting Electric Utilities and Smart Grids. Cyber threats and vulnerabilities, including cyber attacks, will be addressed; as well as Smart Grid trends, and privacy and data integrity issues. United States, European, and International organizations and initiatives to address cybersecurity for utilities will be discussed. The webinar will conclude with strategies to improve cybersecurity. A second cybersecurity webinar (programmed in September 2017) will address best practices, case studies, and legal and regulatory constraints for architecting smart grids in a secure way.
Systematic Review Automation in Cyber SecurityYogeshIJTSRD
Many aspects of cyber security are carried by automation systems and service applications. The initial steps of cyber chain mainly focus on different automation tools with almost same task objective. Automation operations are carried only after detail study on particular task pre engagement phase , the tool is going to perform, measurement of dataset handling of tool produced output. The algorithm is going to make use of after comparing the existing tools efficiency, the throughput time, output format for reusable input and mainly the resource’s consumption. In this paper we are going to study the existing methodology in application and system pen testing, automation tool’s efficiency over growing technology and their behaviour study on unintended platform assignment. Nitin | Dr. Lakshmi J. V. N "Systematic Review: Automation in Cyber Security" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-5 | Issue-4 , June 2021, URL: https://www.ijtsrd.compapers/ijtsrd41315.pdf Paper URL: https://www.ijtsrd.comcomputer-science/computer-security/41315/systematic-review-automation-in-cyber-security/nitin
REAL-TIME INTRUSION DETECTION SYSTEM FOR BIG DATAijp2p
The objective of the proposed system is to integrate the high volume of data along with the important
considerations like monitoring a wide array of heterogeneous security. When a real time cyber attack
occurred, the Intrusion Detection System automatically store the log in distributed environment and
monitor the log with existing intrusion dictionary. At the same time the system will check and categorize the
severity of the log to high, medium, and low respectively. After the categorization, the system will
automatically take necessary action against the user-unit with respect to the severity of the log. The
advantage of the system is that it utilize anomaly detection, evaluates data and issue alert message or
reports based on abnormal behaviour.
The Nozomi Networks solution improves ICS cyber resiliency and provides real-time operational visibility. Major customers have improved reliability, cybersecurity and operational efficiency using our technology. Learn more about our solutions and technology here and how they can bring immediate benefit to your industrial control system (ICS)
CRASHOVERRIDE Analysis of the Threat to Electric Grid Operations. Cyber-attac...Muhammad FAHAD
Dragos, Inc. was notified by the Slovak anti-virus firm ESET of an ICS tailored malware on June 8th, 2017. The Dragos team was able to use this notification to find samples of the malware, identify new functionality and impact scenarios, and confirm that this was the malware employed in the December 17th, 2016 cyber-attack on the Kiev, Ukraine transmission substation which resulted in electric grid operations impact. This report serves as an industry report to inform the electric sector and security community of the potential implications of this malware and the appropriate details to have a nuanced discussion
Intrusion detection and anomaly detection system using sequential pattern miningeSAT Journals
Abstract
Nowadays the security methods from password protected access up to firewalls which are used to secure the data as well as the networks from attackers. Several times these types of security methods are not enough to protect data. We can consider the use of Intrusion Detection Systems (IDS) is the one way to secure the data on critical systems. Most of the research work is going on the effectiveness and exactness of the intrusion detection, but these attempts are for the detection of the intrusions at the operating system and network level only. It is unable to detect the unexpected behavior of systems due to malicious transactions in databases. The method used for spotting any interferes on the information in the form of database known as database intrusion detection. It relies on enlisting the execution of a transaction. After that, if the recognized pattern is aside from those regular patterns actual is considered as an intrusion. But the identified problem with this process is that the accuracy algorithm which is used may not identify entire patterns. This type of challenges can affect in two ways. 1) Missing of the database with regular patterns. 2) The detection process neglects some new patterns. Therefore we proposed sequential data mining method by using new Modified Apriori Algorithm. The algorithm upturns the accurateness and rate of pattern detection by the process. The Apriori algorithm with modifications is used in the proposed model.
Keywords — Anomaly Detection, Modified Apriori Algorithm, Misuse detection, Sequential Pattern Mining
Nozomi Networks is the leader of industrial cybersecurity, delivering real-time visibility to manage cyber risk & improve resilience for industrial operations. With one solution, customers gain advanced cybersecurity, improved operational reliability & easy IT/OT integration. Innovating the use of artificial intelligence, the company helps the largest industrial sites around the world See and Secure™ their critical industrial control networks. Today Nozomi Networks supports over a quarter of a million devices in the critical infrastructure, energy, manufacturing, mining, transportation & utility sectors, making it possible to tackle the escalating cyber risks to operational networks (OT).
Developed security and privacy algorithms for cyber physical system IJECEIAES
Cyber-physical system (CPS) is a modern technology in the cyber world, and it integrates with wireless sensor network (WSN). This system is widely used in many applications such as a smart city, greenhouse, healthcare, and power grid. Therefore, the data security and integrity are necessary to ensure the highest level of protection and performance for such systems. In this paper, two sides security system for cyber-physical level is proposed to obtain security, privacy, and integrity. The first side is applied the secure sockets layer (SSL)/transport layer security (TLS) encryption protocol with the internet of things (IoT) based message queuing telemetry transport (MQTT) protocol to secure the connection and encrypt the data exchange between the system's parties. The second side proposes an algorithm to detect and prevent a denial of service (DoS) attack (hypertext transfer protocol (HTTP) post request) on a Web server. The experiment results show the superior performance of the proposed method to secure the CPS by detecting and preventing the cyber-attacks, which infect the Web servers. They also prove the implementation of security, privacy and integrity aspects on the CPS.
Abstract—With the heightening reliance on Information Technology in recent times, it has becoming more relevant to find measures to secure every online device, data and information. A Network Intrusion Detection System (NIDS) is one of the security options to consider to help protect such devices, data and information. However, IDS needs to be up to date to mitigate current threats to secure systems. A critical issue in the development of the right IDS is the scarcity of current data sets used for training these IDS and the impact on system performance. This paper presents an On-demand Network Data Set Creation Application (ONDaSCA) a Graphical User Interface software capable of generating labelled network intrusion data set. ONDaSCA grants IDS users or researchers the option to choose a raw data set and processed this data set as output, real-time packet capture and offline upload of existing PCAP file and two (2) difference packet capturing methods (Tshark and Dumpcap). ONDaSCA is highly customisable and an IDS user or researcher can leverage its capabilities to suit their needs. The abilities of this software are compared with other similar products that generate data set for use by IDS model.
International Journal of Computer Science and Information Security,IJCSIS ISSN 1947-5500, Pittsburgh, PA, USA
Email: ijcsiseditor@gmail.com
http://sites.google.com/site/ijcsis/
https://google.academia.edu/JournalofComputerScience
https://www.linkedin.com/in/ijcsis-research-publications-8b916516/
http://www.researcherid.com/rid/E-1319-2016
IoT: Effective Authentication System (EAS) using Hash based Encryption on RFI...Dr. Amarjeet Singh
Internet of Things (IoT) is undoubtedly a well-known research area. Security on IoT communication services is the major challenge with advanced technology and devices. This paper mainly focusing on Perceptron layer based attacks and counter measures based on Effective Authentication System (EAS). This paper is ordered as outlining IoT Architecture, Types of Threats ,Perceptron Layer based attacks, sensor based communication services ,RFID mechanism ,Tag identify and verification by back end server and Hash based Effective Authentication System (EAS) to avoid pseudonym attacks .This paper proposes EAS as security measure by preventing privacy attack, pseudonym attack, location tracking and asynchronous attack.
Practical analysis of the cybersecurity of European smart gridsSergey Gordeychik
This paper summarizes the experience gained during a series of
practical cybersecurity assessments of various components of Europe’s
smart electrical grids.
Smart Grid Systems Based Survey on Cyber Security IssuesjournalBEEI
The future power system will be an innovative administration of existing power grids, which is called smart grid. Above all, the application of advanced communication and computing tools is going to significantly improve the productivity and consistency of smart grid systems with renewable energy resources. Together with the topographies of the smart grid, cyber security appears as a serious concern since a huge number of automatic devices are linked through communication networks. Cyber attacks on those devices had a direct influence on the reliability of extensive infrastructure of the power system. In this survey, several published works related to smart grid system vulnerabilities, potential intentional attacks, and suggested countermeasures for these threats have been investigated.
Systematic Review Automation in Cyber SecurityYogeshIJTSRD
Many aspects of cyber security are carried by automation systems and service applications. The initial steps of cyber chain mainly focus on different automation tools with almost same task objective. Automation operations are carried only after detail study on particular task pre engagement phase , the tool is going to perform, measurement of dataset handling of tool produced output. The algorithm is going to make use of after comparing the existing tools efficiency, the throughput time, output format for reusable input and mainly the resource’s consumption. In this paper we are going to study the existing methodology in application and system pen testing, automation tool’s efficiency over growing technology and their behaviour study on unintended platform assignment. Nitin | Dr. Lakshmi J. V. N "Systematic Review: Automation in Cyber Security" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-5 | Issue-4 , June 2021, URL: https://www.ijtsrd.compapers/ijtsrd41315.pdf Paper URL: https://www.ijtsrd.comcomputer-science/computer-security/41315/systematic-review-automation-in-cyber-security/nitin
REAL-TIME INTRUSION DETECTION SYSTEM FOR BIG DATAijp2p
The objective of the proposed system is to integrate the high volume of data along with the important
considerations like monitoring a wide array of heterogeneous security. When a real time cyber attack
occurred, the Intrusion Detection System automatically store the log in distributed environment and
monitor the log with existing intrusion dictionary. At the same time the system will check and categorize the
severity of the log to high, medium, and low respectively. After the categorization, the system will
automatically take necessary action against the user-unit with respect to the severity of the log. The
advantage of the system is that it utilize anomaly detection, evaluates data and issue alert message or
reports based on abnormal behaviour.
The Nozomi Networks solution improves ICS cyber resiliency and provides real-time operational visibility. Major customers have improved reliability, cybersecurity and operational efficiency using our technology. Learn more about our solutions and technology here and how they can bring immediate benefit to your industrial control system (ICS)
CRASHOVERRIDE Analysis of the Threat to Electric Grid Operations. Cyber-attac...Muhammad FAHAD
Dragos, Inc. was notified by the Slovak anti-virus firm ESET of an ICS tailored malware on June 8th, 2017. The Dragos team was able to use this notification to find samples of the malware, identify new functionality and impact scenarios, and confirm that this was the malware employed in the December 17th, 2016 cyber-attack on the Kiev, Ukraine transmission substation which resulted in electric grid operations impact. This report serves as an industry report to inform the electric sector and security community of the potential implications of this malware and the appropriate details to have a nuanced discussion
Intrusion detection and anomaly detection system using sequential pattern miningeSAT Journals
Abstract
Nowadays the security methods from password protected access up to firewalls which are used to secure the data as well as the networks from attackers. Several times these types of security methods are not enough to protect data. We can consider the use of Intrusion Detection Systems (IDS) is the one way to secure the data on critical systems. Most of the research work is going on the effectiveness and exactness of the intrusion detection, but these attempts are for the detection of the intrusions at the operating system and network level only. It is unable to detect the unexpected behavior of systems due to malicious transactions in databases. The method used for spotting any interferes on the information in the form of database known as database intrusion detection. It relies on enlisting the execution of a transaction. After that, if the recognized pattern is aside from those regular patterns actual is considered as an intrusion. But the identified problem with this process is that the accuracy algorithm which is used may not identify entire patterns. This type of challenges can affect in two ways. 1) Missing of the database with regular patterns. 2) The detection process neglects some new patterns. Therefore we proposed sequential data mining method by using new Modified Apriori Algorithm. The algorithm upturns the accurateness and rate of pattern detection by the process. The Apriori algorithm with modifications is used in the proposed model.
Keywords — Anomaly Detection, Modified Apriori Algorithm, Misuse detection, Sequential Pattern Mining
Nozomi Networks is the leader of industrial cybersecurity, delivering real-time visibility to manage cyber risk & improve resilience for industrial operations. With one solution, customers gain advanced cybersecurity, improved operational reliability & easy IT/OT integration. Innovating the use of artificial intelligence, the company helps the largest industrial sites around the world See and Secure™ their critical industrial control networks. Today Nozomi Networks supports over a quarter of a million devices in the critical infrastructure, energy, manufacturing, mining, transportation & utility sectors, making it possible to tackle the escalating cyber risks to operational networks (OT).
Developed security and privacy algorithms for cyber physical system IJECEIAES
Cyber-physical system (CPS) is a modern technology in the cyber world, and it integrates with wireless sensor network (WSN). This system is widely used in many applications such as a smart city, greenhouse, healthcare, and power grid. Therefore, the data security and integrity are necessary to ensure the highest level of protection and performance for such systems. In this paper, two sides security system for cyber-physical level is proposed to obtain security, privacy, and integrity. The first side is applied the secure sockets layer (SSL)/transport layer security (TLS) encryption protocol with the internet of things (IoT) based message queuing telemetry transport (MQTT) protocol to secure the connection and encrypt the data exchange between the system's parties. The second side proposes an algorithm to detect and prevent a denial of service (DoS) attack (hypertext transfer protocol (HTTP) post request) on a Web server. The experiment results show the superior performance of the proposed method to secure the CPS by detecting and preventing the cyber-attacks, which infect the Web servers. They also prove the implementation of security, privacy and integrity aspects on the CPS.
Abstract—With the heightening reliance on Information Technology in recent times, it has becoming more relevant to find measures to secure every online device, data and information. A Network Intrusion Detection System (NIDS) is one of the security options to consider to help protect such devices, data and information. However, IDS needs to be up to date to mitigate current threats to secure systems. A critical issue in the development of the right IDS is the scarcity of current data sets used for training these IDS and the impact on system performance. This paper presents an On-demand Network Data Set Creation Application (ONDaSCA) a Graphical User Interface software capable of generating labelled network intrusion data set. ONDaSCA grants IDS users or researchers the option to choose a raw data set and processed this data set as output, real-time packet capture and offline upload of existing PCAP file and two (2) difference packet capturing methods (Tshark and Dumpcap). ONDaSCA is highly customisable and an IDS user or researcher can leverage its capabilities to suit their needs. The abilities of this software are compared with other similar products that generate data set for use by IDS model.
International Journal of Computer Science and Information Security,IJCSIS ISSN 1947-5500, Pittsburgh, PA, USA
Email: ijcsiseditor@gmail.com
http://sites.google.com/site/ijcsis/
https://google.academia.edu/JournalofComputerScience
https://www.linkedin.com/in/ijcsis-research-publications-8b916516/
http://www.researcherid.com/rid/E-1319-2016
IoT: Effective Authentication System (EAS) using Hash based Encryption on RFI...Dr. Amarjeet Singh
Internet of Things (IoT) is undoubtedly a well-known research area. Security on IoT communication services is the major challenge with advanced technology and devices. This paper mainly focusing on Perceptron layer based attacks and counter measures based on Effective Authentication System (EAS). This paper is ordered as outlining IoT Architecture, Types of Threats ,Perceptron Layer based attacks, sensor based communication services ,RFID mechanism ,Tag identify and verification by back end server and Hash based Effective Authentication System (EAS) to avoid pseudonym attacks .This paper proposes EAS as security measure by preventing privacy attack, pseudonym attack, location tracking and asynchronous attack.
Practical analysis of the cybersecurity of European smart gridsSergey Gordeychik
This paper summarizes the experience gained during a series of
practical cybersecurity assessments of various components of Europe’s
smart electrical grids.
Smart Grid Systems Based Survey on Cyber Security IssuesjournalBEEI
The future power system will be an innovative administration of existing power grids, which is called smart grid. Above all, the application of advanced communication and computing tools is going to significantly improve the productivity and consistency of smart grid systems with renewable energy resources. Together with the topographies of the smart grid, cyber security appears as a serious concern since a huge number of automatic devices are linked through communication networks. Cyber attacks on those devices had a direct influence on the reliability of extensive infrastructure of the power system. In this survey, several published works related to smart grid system vulnerabilities, potential intentional attacks, and suggested countermeasures for these threats have been investigated.
Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...Abhishek Goel
SCADA systems control some of the most vital infrastructure in industrial and energy sectors, from oil and gas pipelines to nuclear facilities to water treatment plants.
Critical infrastructure is defined as the physical and IT assets, networks and services that if disrupted or destroyed would have a serious impact on the health, security, or economic wellbeing of citizens and the efficient functioning of a country’s government.
SCADA forensic tools open source. What are they What they doSo.pdfebrahimbadushata00
SCADA forensic tools open source. What are they? What they do?
Solution
SCADA stands for Supervisory Control and Data Acquisition.
This technology is used to mainly ensure the operations and functionality of the control systems
used in many industries.
It is a software application program which is used to gathering of the data in real time from
remote locations so as to control the equipment and conditions in such device environments.
SCADA is mainly used in Transportation, Telecommunications, power plants, Gas refining
industries and as well in water and waste control by government agencies too.
they include software and hardware components, which gather and inputs the data into a
computer machine and processes it.
It also records all the log events into a file and stores in the local hardisk/server.
These SCADA Systems/applications also warn when conditions become hazardous by sounding
alarams.
As these systems are operated in huge network environments there is a very high possibility of
attacks.
In recent years there has been an increasing number of attacks directly targeting these systems
including the well published networks.
Therefore , there is a need to have forensic analysis of these systems to determine, if breah has
occured and the extent to which the system is compromised and also the details of how the
functional operations and assets are affected.
Apart from normal threats there are many cyber threats against SCADA systmes with
sophisticated malware attacks, SQL Injection, cross-site scripting, and the buffer overflow
attacks being the most common type of vulnerability.
Digital forensic is an important part of an incident response strategy in an IT forensic
investigation following an incident and will provide an effective response in a forensic manner.
Investigative Steps:
1 Examination: Deals with the identitfy of potential sources of evidence, including the systems,
the network and connected devices.
2 Identification: identify the types of systems to be investigated, which includes OS, serail
numbers and model types of the PLC\'s, the network design and the implementation.
3 Collection: Collect the potential evidence from the memory systems that are suspected to be
part of the SCADA system which is being investigated.
4 Documentation: It is very critcial to keep accurate documentation of the investigation to ensure
chain of custody. Records need to be kept of the evidence.
The existing tools for SCADA Systems are:.
A data quarantine model to secure data in edge computingIJECEIAES
Edge computing provides an agile data processing platform for latencysensitive and communication-intensive applications through a decentralized cloud and geographically distributed edge nodes. Gaining centralized control over the edge nodes can be challenging due to security issues and threats. Among several security issues, data integrity attacks can lead to inconsistent data and intrude edge data analytics. Further intensification of the attack makes it challenging to mitigate and identify the root cause. Therefore, this paper proposes a new concept of data quarantine model to mitigate data integrity attacks by quarantining intruders. The efficient security solutions in cloud, ad-hoc networks, and computer systems using quarantine have motivated adopting it in edge computing. The data acquisition edge nodes identify the intruders and quarantine all the suspected devices through dimensionality reduction. During quarantine, the proposed concept builds the reputation scores to determine the falsely identified legitimate devices and sanitize their affected data to regain data integrity. As a preliminary investigation, this work identifies an appropriate machine learning method, linear discriminant analysis (LDA), for dimensionality reduction. The LDA results in 72.83% quarantine accuracy and 0.9 seconds training time, which is efficient than other state-of-the-art methods. In future, this would be implemented and validated with ground truth data.
In this research work an Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) will be implemented to detect and prevent critical networks infrastructure from cyber-attacks. To strengthen network security and improve the network's active defense intrusion detection capabilities, this project will consist of intrusion detection system using honey token based encrypted pointers and intrusion prevention system which based on the mixed interactive honeypot. The Intrusion Detection System (IDS) is based on the novel approach of Honey Token based Encrypted Pointers. This honey token inside the frame will serve as a trap for the attacker. All nodes operating within the working domain of critical infrastructure network are divided into four different pools. This division is based per their computational power and level of vulnerability. These pools are provided with different levels of security measures within the network. IDS use different number of Honey Tokens (HT) per frame for every different pool e.g. Pool-A contains 4 HT/frame, Pool-B contains 3 HT/frame, Pool-C contains 2 HT/frame and Pool-D contain 1 HT/frame. Moreover, every pool uses different types of encryption schemes (AES-128,192,256). Our critical infrastructure network of 64 nodes is under the umbrella of unified security provided by this single Network Intrusion Detection System (NIDS). After the design phase of IDS, we analyze the performance of IDS in terms of True Positives (TP) and False Negatives (FN). Finally, we test these IDS through Network Penetration Testing (NPT) phase. The detection rate depends on the number of honey tokens per frame. Our proposed IDS are a scalable solution and it can be implemented for any number of nodes in critical infrastructure network. However, in case of Intrusion Prevention System (IPS) we use Virtual honeypot technology which is the best active prevention technology among all honeypot technologies. By using the original operating system and virtual technology, the honeypot lures attackers in a pre-arranged manner, analyzes and audits various attacking behavior, tracks the attack source, obtains evidence, and finds effective solutions.
Cloud assisted io t-based scada systems security- a review of the state of th...redpel dot com
Cloud assisted io t-based scada systems security- a review of the state of the art and future challenges.
for more ieee paper / full abstract / implementation , just visit www.redpel.com
Experimental analysis of intrusion detection systems using machine learning a...IJECEIAES
Since the invention of the internet for military and academic research purposes, it has evolved to meet the demands of the increasing number of users on the network, who have their scope beyond military and academics. As the scope of the network expanded maintaining its security became a matter of increasing importance. With various users and interconnections of more diversified networks, the internet needs to be maintained as securely as possible for the transmission of sensitive information to be one hundred per cent safe; several anomalies may intrude on private networks. Several research works have been released around network security and this research seeks to add to the already existing body of knowledge by expounding on these attacks, proffering efficient measures to detect network intrusions, and introducing an ensemble classifier: a combination of 3 different machine learning algorithms. An ensemble classifier is used for detecting remote to local (R2L) attacks, which showed the lowest level of accuracy when the network dataset is tested using single machine learning models but the ensemble classifier gives an overall efficiency of 99.8%.
A Defense-in-depth Cybersecurity for Smart SubstationsIJECEIAES
The increase of cyber-attacks on industrial and power systems in the recent years make the cybersecurity of supervisory control and data acquisition and substation automation systemsa high important engineering issue. This paper proposes a defense in depth cybersecurity solution for smart substations in different layers of the substation automation system. In fact, it presents possible vulnerabilities in the substation automation system and propose a multiple layer solution based on best practice in cyber security such as the hardening ofdevices, whitelisting, network configuration, network segmentation, role-based account management and cyber security management and deployement.
Cybersecurity Considerations for Power Substation SCADA Systems Using IEC 618...Power System Operation
Because of recent cyber-attacks and threats against power utilities, cybersecurity continues to increase in importance and be on the minds of substation design engineers.
One major concern for power distribution utilities is “ensuring that all communication protocols performing control functions and data acquisition for substations are properly secured. With IEC-61850 being one of the most widely used communications protocols by utilities today, particularly in distribution automation (DA),” increases the need for greater security in communication protocols. [1]
IEC-61850 is also becoming the preferred standard for substation design and operations due to the common framework and object-oriented design for point names as well as the increased performance and lower lifecycle cost of SCADA systems utilizing the methodology and protocols. This paper will discuss major vulnerabilities and cybersecurity considerations that require proper analysis when designing and implementing a secure IEC-61850 standard-based SCADA system within a power substation. However, this paper will not discuss implementation methods or provide implementation concepts.
A new algorithm to enhance security against cyber threats for internet of thi...IJECEIAES
One major problem is detecting the unsuitability of traffic caused by a distributed denial of services (DDoS) attack produced by third party nodes, such as smart phones and other handheld Wi-Fi devices. During the transmission between the devices, there are rising in the number of cyber attacks on systems by using negligible packets, which lead to suspension of the services between source and destination, and can find the vulnerabilities on the network. These vulnerable issues have led to a reduction in the reliability of networks and a reduction in consumer confidence. In this paper, we will introduce a new algorithm called rout attack with detection algorithm (RAWD) to reduce the affect of any attack by checking the packet injection, and to avoid number of cyber attacks being received by the destination and transferred through a determined path or alternative path based on the problem. The proposed algorithm will forward the real time traffic to the required destination from a new alternative backup path which is computed by it before the attacked occurred. The results have showed an improvement when the attack occurred and the alternative path has used to make sure the continuity of receiving the data to the main destination without any affection.
Recommended Solutions to Major Security Challenges Facing OT & IT Personnel w...Power System Operation
The electric power industry has come a long way since the 1900s, with respect to evolving from legacy analog devices to new and advanced digital technologies. “Today, microprocessor devices used by power utilities have advanced into smarter and more intelligent devices, known as intelligent electronic devices (IEDs). These IEDs aid power operators, technicians, and engineers in better decision making, offering more tools for controlling and monitoring power flow that can perform routine maintenance testing via remote control and automated functions. IEDs can detect and protect against various power fault and system disturbance scenarios along with providing power flow waveforms, metering data, and supervisory control and data acquisition (SCADA) functionality.” [1]
As power control systems and operational technology (OT) systems continue to progress so does their dependence on information technology (IT) systems for communications and enterprise network connectivity. The OT world of SCADA and control systems for power substations continues to evolve with more influence, products and services from the IT world. The need for a unified cyber/physical security approach within the smart substation environment that protects the overall goal of safely delivering electric power to customers is not only a laudable goal, but an absolute requirement as the two traditional OT and IT environments start to become a single solution. The OT and IT convergence are a reality due to the integrated and complex computing e.g. networking and communications taking place within OT environments. This paper reviews some of the major security challenges facing OT and IT convergence with power utilities, particularly within smart grid (SG) and smart substation environments. Also, recommendations are provided for implementing and maintaining proper security controls in the new combined OT/IT environment.
SCADA Systems Vulnerabilities and Blockchain Technologyijtsrd
SCADA systems are one of the most important part of industrial operations. Before SCADA, plant personnel had to monitor and control industrial process via selector switches, pushbuttons and dials for analog signals. As manufacturing grew and sites became more remote, relays and timers were used to assist supervision. With the onset of technology and advent of network based protocols, these systems became more reliable, fast and it became easy to troubleshoot problems. Indeed progress also brings vulnerabilities, which was no new for SCADA. The IP protocols brought threat to the security of these systems. The devastation that cyber predators on SCADA can inflict, could be illustrated by the Stuxnet virus attack. This paper discusses what SCADA systems are, their uses, protocols being used by these systems, vulnerabilities and ways to combat those vulnerabilities. It focusses on the use of Blockchain Technology as a step in security of such systems. Diksha Chhonkar | Garima Pandey "SCADA Systems: Vulnerabilities and Blockchain Technology" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-4 | Issue-4 , June 2020, URL: https://www.ijtsrd.com/papers/ijtsrd31586.pdf Paper Url :https://www.ijtsrd.com/computer-science/computer-security/31586/scada-systems-vulnerabilities-and-blockchain-technology/diksha-chhonkar
Similar to Encryption Security in SCADA Networks (20)
Exploratory study on the use of crushed cockle shell as partial sand replacem...IJRES Journal
The increasing demand for natural river sand supply for the use in construction industry along
with the issue of environmental problem posed by the dumping of cockle shell, a by-product from cockle
business have initiated research towards producing a more environmental friendly concrete. This research
explores the potential use of cockle shell as partial sand replacement in concrete production. Cockle shell used
in this experimental work were crushed to smaller size almost similar to sand before mixed in concrete. A total
of six concrete mixtures were prepared with varying the percentages of cockle shell viz. 0%, 5%, 10%, 15%,
20% and 25%. All the specimens were subjected to continuous water curing. The compressive strength test was
conducted at 28 days in accordance to BS EN 12390. Finding shows that integration of suitable content of
crushed cockle shell of 10% as partial sand replacement able to enhance the compressive strength of concrete.
Adopting crushed cockle shell as partial sand replacement in concrete would reduce natural river sand
consumption as well as reducing the amount of cockle shell disposed as waste.
Congenital Malaria: Correlation of Umbilical Cord Plasmodium falciparum Paras...IJRES Journal
The vertical (trans-placental) transmission of the parasite Plasmodium falciparum from
pregnant mother to fetus during gestational period was investigated in a clinical research involving 43 full term
pregnant women in selected Hospitals in Jimeta Yola, Adamawa State Nigeria. During the observational study,
parasitemia was determined by light microscopic examination of umbilical and maternal peripheral blood film
for the presence of the trophozoites of Plasmodium falciparum. Correlational analysis was then carried on the
result obtained at p<0.05.><0.05) was established between maternal peripheral blood and umbilical cord
blood parasitemia with Pearson’s correlation coefficient of 0.762. Thus, in a malaria endemic area like Yola,
Adamawa State, Nigeria, with a stable transmission of parasite, there is a high probability of vertical
transmission of Plasmodium falciparum parasite from mother to fetus during gestation that can be followed by
the presentation of the symptoms of malaria by the newborn and other malaria related complications. Families
are advised to consistently sleep under appropriately treated insecticide mosquito net to avoid mosquito bite and
subsequent infestation.
Review: Nonlinear Techniques for Analysis of Heart Rate VariabilityIJRES Journal
Heart rate variability (HRV) is a measure of the balance between sympathetic mediators of heart
rate that is the effect of epinephrine and norepinephrine released from sympathetic nerve fibres acting on the
sino-atrial and atrio-ventricular nodes which increase the rate of cardiac contraction and facilitate conduction at
the atrio-ventricular node and parasympathetic mediators of heart rate that is the influence of acetylcholine
released by the parasympathetic nerve fibres acting on the sino-atrial and atrio-ventricular nodes leading to a
decrease in the heart rate and a slowing of conduction at the atrio-ventricular node. Sympathetic mediators
appear to exert their influence over longer time periods and are reflected in the low frequency power(LFP) of
the HRV spectrum (between 0.04Hz and 0.15 Hz).Vagal mediators exert their influence more quickly on the
heart and principally affect the high frequency power (HFP) of the HRV spectrum (between 0.15Hz and 0.4
Hz). Thus at any point in time the LFP:HFP ratio is a proxy for the sympatho- vagal balance. Thus HRV is a
valuable tool to investigate the sympathetic and parasympathetic function of the autonomic nervous system.
Study of HRV enhance our understanding of physiological phenomenon, the actions of medications and disease
mechanisms but large scale prospective studies are needed to determine the sensitivity, specificity and predictive
values of heart rate variability regarding death or morbidity in cardiac and non-cardiac patients. This paper
presents the linear and nonlinear to analysis the HRV.
Dynamic Modeling for Gas Phase Propylene Copolymerization in a Fluidized Bed ...IJRES Journal
A two-phase model is proposed for describing the dynamics of a fluidized bed reactor used for
polypropylene production. In the proposed model, the fluidized bed is divided into an emulsion and bubble
phase where the flow of gas is considered to be plug flow through the bubbles and perfectly mixed through the
emulsion phase. Similar previous models, consider the reaction in the emulsion phase only. In this work the
contribution of reaction in the bubble phase is considered and its effect on the overall polypropylene production
is investigated the kinetic model is combined with hydrodynamic model in order to develop a comprehensive
model for gas-phase propylene copolymerization reactor. Simulation profiles of the proposed model were
compared with those of well mixed model for the emulsion phase temperature. The simulated temperature
profile showed a lower rate of change compared to the previously reported models due to lower polymerization
rate. Model simulation showed that about 13% of the produced polymer comes from the bubble phase and this
considerable amount of polymerization in the bubbles should not be neglected in any modeling attempt.
Study and evaluation for different types of Sudanese crude oil propertiesIJRES Journal
Sudanese crude oil is regarded as one of the sweet types of crude in the world, Sulphur containing
compounds are un desirable in petroleum because they de activate the catalyst during the refining processes and
are the main source of acid rains and environmental pollution.(Mark Cullen 2001),Since it contains considerable
amount of salts and acids, it negatively impact the production facilities and transportation lines with corrosive
materials. However it suffers other problems in flow properties represented by the high viscosity and high
percentage of wax. Samples were collected after the initial and final treatment at CPF, and tested for
physical and chemical properties.wax content is in the range 23-31 weight % while asphalting content is about
0.1 weight% . Resin content is 13-7 weight % and deposits are 0.01 weight%. The carbon number distribution in
the crude is in the range 7-35 carbon atoms. The pour point vary between 39°C-42°C and the boiling point is in
the range 70 °C - 533 °C.
A Short Report on Different Wavelets and Their StructuresIJRES Journal
This article consists of basics of wavelet analysis required for understanding of and use of wavelet
theory. In this article we briefly discuss about HAAR wavelet transform their space and structures.
A Case Study on Academic Services Application Using Agile Methodology for Mob...IJRES Journal
Recently, Mobile Cloud Computing reveals many modern development areas in the Information
Technology industry. Several software engineering frameworks and methodologies have been developed to
provide solutions for deploying cloud computing resources on mobile application development. Agile
methodology is one of the most commonly used methodologies in the field. This paper presents the MCCAS a
Web and Mobile application that provide feature for the Palestinian higher education/academic institutions. An
Agile methodology was used in the development of the MCCAS but in parallel with emphasis on Cloud
computing resources deployment. Also many related issues is discussed such as how software engineering
modern methodologies (advances) influenced the development process.
Wear Analysis on Cylindrical Cam with Flexible RodIJRES Journal
Firstly, the kinetic equation of spatial cylindrical cam with flexible rod has been established. Then, an
accurate cylindrical cam mechanism model has been established based on the spatial modeling software
Solidworks. The dynamic effect of flexible rod on mechanical system was studied in detail based on the
mechanical system dynamics analytical software Adams, and Archard wear model is used to predict the wear of
the cam. We used Ansys to create finite element model of the cam link, extracted the first five order mode to
export into Adams. The simulation results show that the dynamic characteristics of spatial cylindrical cam
mechanical system with flexible rod is closed to ideal mechanism. During the cam rotate one cycle, the collision
in the linkage with a clearance occurs in some special location, others still keep a continuous contact, and the
prediction of wear loss is smaller than rigid body.
DDOS Attacks-A Stealthy Way of Implementation and DetectionIJRES Journal
Cloud Computing is a new paradigm provides various host service [paas, saas, Iaas over the internet.
According to a self-service,on-demand and pay as you use business model,the customers will obtain the cloud
resources and services.It is a virtual shared service.Cloud Computing has three basic abstraction layers System
layer(Virtual Machine abstraction of a server),Platform layer(A virtualized operating system, database and
webserver of a server and Application layer(It includes Web Applications).Denial of Service attack is an attempt
to make a machine or network resource unavailable to the intended user. In DOS a user or organization is
deprived of the services of a resource they would normally expect to have.A Successful DOS attack is a highly
noticeable event impacting the entire online user base.DOS attack is found by First Mathematical Metrical
Method (Rate Controlling,Timing Window,Worst Case and Pattern Matching)DOS attack not only affect the
Quality of the service and also affect the performance of the server. DDOS attacks are launched from Botnet-A
large Cluster of Connected device(cellphone,pc or router) infected with malware that allow remote control by an
attacker. Intruder using SIPDAS in DDOS to perform attack.SIPDAS attack strategies are detected using Heap
Space Monitoring Algorithm.
An improved fading Kalman filter in the application of BDS dynamic positioningIJRES Journal
Aiming at the poor dynamic performance and low navigation precision of traditional fading
Kalman filter in BDS dynamic positioning, an improved fading Kalman filter based on fading factor vector is
proposed. The fading factor is extended to a fading factor vector, and each element of the vector corresponds to
each state component. Based on the difference between the actual observed quantity and the predicted one, the
value of the vector is changed automatically. The memory length of different channel is changed in real time
according to the dynamic property of the corresponding state component. The actual observation data of BDS is
used to test the algorithm. The experimental results show that compared with the traditional fading Kalman filter
and the method of the third references, the positioning precision of the algorithm is improved by 46.3% and
23.6% respectively.
Positioning Error Analysis and Compensation of Differential Precision WorkbenchIJRES Journal
Positioning error is a widely problem exists in mechanism, the important factors affecting machining
precision. In order to reduce the error caused by positioning problem processing, based on the differential
workbench as the research object, using the method of theoretical analysis and experimental verification, the
analysis of positioning error mechanism and source of complete differential precision workbench error
compensation, improve the accuracy of the device, provides a method for the application of modern machine
tools. table.
Status of Heavy metal pollution in Mithi river: Then and NowIJRES Journal
The Mithi River runs through the heart of suburban Mumbai. Its path of flow has been severely
damaged due to industrialization and urbanization. The quality of water has been deteriorating ever since. The
Municipal and industrial effluents are discharged in unchecked amounts. The municipal discharge comprises
untreated domestic and sewage wastes whereas the industries are majorly discharge chemicals and other toxic
effluents which are responsible in increasing the metal load of the river. In the current study, the water is
analysed for heavy metals- Copper, Cadmium, Chromium, Lead and Nickel. It also includes a brief
understanding on the fluctuations that have occurred in the heavy metal pollution, through the compilation of
studies carried out in the area previously.
The Low-Temperature Radiant Floor Heating System Design and Experimental Stud...IJRES Journal
In order to analyze the temperature distribution of the low-temperature radiant floor heating system
that uses the condensing wall-hung boiler as the heat source, the heating system is designed according to a typical
house facing south in Shanghai. The experiments are carried out to study the effects of the supply water
temperature on the thermal comfort of the system. Eventually, the supply water temperature that makes people in
the room feel more comfortable is obtained. The result shows that in the condition of that the outside temperature
is 8~15℃ and the relative humidity is 30~70%RH, the temperature distribution in the room is from high to low
when the height is from bottom to top. The floor surface temperature is highest, but its uniformity is very poor.
When the heating system reaches the steady state, the air temperature of the room is uniform. When the supply
water temperature is 63℃ The room is relatively comfortable at the above experimental condition.
Experimental study on critical closing pressure of mudstone fractured reservoirsIJRES Journal
In the process of oil and gas exploitation of mudstone-fractured reservoir in Daqing oilfield, the
permeability of fracture is easily affected by the influence of stress change, which is shown by the sensitivity of
the permeability to the stress. With the extension of time mining in the fractured mudstone reservoir, fracture
stress sensitivity is obvious in vast decline of production and great influence on reduced yields. In order to
reasonably determine the way of developing method, working system and the exploitation rate of the reservoir,
correspondingly protecting reservoir productivity, improve ultimate recovery. On the basis of the previous
research on the stress sensitivity of fractured mudstone, this essay studied the critical closing pressure of the
simulated underground fractured mudstone under the laboratory condition.
Correlation Analysis of Tool Wear and Cutting Sound SignalIJRES Journal
With the classic signal analysis and processing method, the cutting of the audio signal in time
domain and frequency domain analysis. We reached the following conclusions: in the time domain analysis,
cutting audio signals mean and the variance associated with tool wear state change occurred did not change
significantly, and tool wear is not high degree of correlation, and the mean-square value of the audio signal
changes in the size and tool wear the state has a good relationship.
Reduce Resources for Privacy in Mobile Cloud Computing Using Blowfish and DSA...IJRES Journal
Mobile cloud computing in light of the increasing popularity among users of mobile smart
technology which is the next indispensable that enables users to take advantage of the storage cloud computing
services. However, mobile cloud computing, the migration of information on the cloud is reliable their privacy
and security issues. Moreover, mobile cloud computing has limitations in resources such as power energy,
processor, Memory and storage. In this paper, we propose a solution to the problem of privacy with saving and
reducing resources power energy, processor and Memory. This is done through data encryption in the mobile
cloud computing by symmetric algorithm and sent to the private cloud and then the data is encrypted again and
sent to the public cloud through Asymmetric algorithm. The experimental results showed after a comparison
between encryption algorithms less time and less time to decryption are as follows: Blowfish algorithm for
symmetric and the DSA algorithm for Asymmetric. The analysis results showed a significant improvement in
reducing the resources in the period of time and power energy consumption and processor.
Resistance of Dryland Rice to Stem Borer (Scirpophaga incertulas Wlk.) Using ...IJRES Journal
Rice stem borer is one of the important pests that attack plants so as to reduce production. One way
to control pests is to use organic fertilizers that make the plant stronger and healthier. This study was conducted
to determine the effects of organic fertilizers with various doses without the use of pesticides in controlling stem
borer, Scirpophaga incertulas. Methods using split-split plot design which consists of two levels of the whole
plot factor (solid and liquid organic fertilizers), two levels of the subplot factor (conventional and industry,
Tiens and Mitraflora), and four levels of the sub-subplot factor of conventional and industry (5, 10, 15, 20
tonnes/ha), and one level of the sub-subplot factor of Tiens and Mitraflora (each 2 ml/l). Based on the results
Statistical analysis there were no significant differences among treatments and this shows that the use of organic
fertilizers that only a dose of 5 tonnes/ha is sufficient available nutrients that make plants more robust and
resistant to control stem borer, besides that can reduce production costs and friendly to the environment when
compared with using inorganic fertilizers.
A novel high-precision curvature-compensated CMOS bandgap reference without u...IJRES Journal
A novel high-precision curvature-compensated bandgap reference (BGR) without using op-amp
is presented in this paper. It is based on second-order curvature correction principle, which is a weighted sum of
two voltage curves which have opposite curvature characteristic. One voltage curve is achieved by first-order
curvature-compensated bandgap reference (FCBGR) without using op-amp and the other found by using W
function is achieved by utilizing a positive temperature coefficient (TC) exponential current and a linear
negative TC current to flow a linear resistor. The exponential current is gained by using anegative TC voltage to
control a MOSFET in sub-threshold region. In the temperature ranging from -40℃ to 125℃, experimental
results implemented with SMIC 0.18μm CMOS process demonstrate that the presented BGR can achieve a TC
as low as 2.2 ppm/℃ and power-supply rejection ratio(PSRR)is -69 dB without any filtering capacitor at 2.0 V.
While the range of the supply voltage is from 1.7 to 3.0 V, the output voltage line regulation is about1 mV/ V
and the maximum TC is 3.4 ppm/℃.
Structural aspect on carbon dioxide capture in nanotubesIJRES Journal
In this work we reported the carbon dioxide adsorption (CO2) in six different nanostructures in order
to investigate the capturing capacity of the materials at nanoscale. Here we have considered the three different
nanotubes including zinc oxide nanotube (ZnONT), silicon carbide nanotube (SiCNT) and single walled carbon
nanotube (SWCNT). Three different chiralities such as zigzag (9,0), armchair (5,5) and chiral (6,4) having
approximately same diameter are analyzed. The adsorption binding energy values under various cases are
estimated with density functional theory (DFT). We observed CO2 molecule chemisorbed on ZnONT and
SiCNT’s whereas the physisorption is predominant in CNT. To investigate the structural aspect, the tubes with
defects are studied and compared with defect free tubes. We have also analyzed the electrical properties of tubes
from HOMO, LUMO energies. Our results reveal the defected structure enhance the CO2 capture and is
predicted to be a potential candidate for environmental applications.
Thesummaryabout fuzzy control parameters selected based on brake driver inten...IJRES Journal
In this paper, the brake driving intention identification parameters based on the fuzzy control are
summarized and analyzed, the necessary parameters based on the fuzzy control of the brake driving intention
recognition are found out, and I pointed out the commonly corrupt parameters, and through the relevant
parameters , I establish the corresponding driving intention model.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
Encryption Security in SCADA Networks
1. International Journal of Research in Engineering and Science (IJRES)
ISSN (Online): 2320-9364, ISSN (Print): 2320-9356
www.ijres.org Volume 2 Issue 11 ǁ November. 2014 ǁ PP.88-94
www.ijres.org 88 | Page
Encryption Security in SCADA Networks
Rahul Kumar1
, Rishabh Shukla2
, Ajit Pratap Singh3
, Sachin Kumar
1,2,3,4
M.Tech,Sam Hagginbottom Institute of Agriculture Technology & Sciences ,
Abstract: Supervisory control and data acquisition (SCADA) are applications that collect data from a system
in order to automate the monitoring and controlling of its activities. Several industrial fields such as, electric
utilities, water supplies and buildings’ facilities have already adopted SCADA systems to increase the efficiency
and reduce cost. However, the IT community is concerned about the level of security that any applied SCADA
system provides. This paper concentrates on the major security threats encountered in SCADA systems. In
addition, it discusses a new proposed methodology in order to increase the system security with minimal impact
on efficiency. The proposed scheme provides several security services which are mutual authentication,
confidentiality, data integrity and accountability.
Keywords: SCADA · Smart grid · Security · Mutual authentication.
I. Introduction
Supervisory control and data acquisition (SCADA) systems have been one of the active topics for
researchers in the last five years, and due to the IT technology evolution it has become more complicated and
advanced. Nowadays, one of the indispensable critical infrastructures, such as water treatment facilities,
chemicals plants and nuclear reactors to gas pipelines, dams and switches on train lines. The electric power
systems are also adopting SCADA systems and producing intelligent networks called smart grid networks. In
electric networks, controlling the electricity consumption in the house can be remotely enabled for the
consumer, in order to fulfill their demands and avoid excess electricity gen-eration. This feature is made
possible in the smart grid system by having smart meters and controllers, substations, power operator, and
communication networks for monitoring, control and operation. Figure 1 shows a general architecture of a smart
grid network. Each substation is monitored and controlled by a smart meter. All the smart appliances in the
substation will be connected to a smart meter by internal wireless technology such as WiFi. The smart meter
will communicate the collected information with its substation owner and the control center via the available
communication network. The substation owner device (using a smart phone application) collects real-time usage
information from the smart meter and can reduce the usage of the electricity by sending a request. The collected
information and requests would be sent to the electricity supplier systems (control center) via a SCADA system.
However, within the past few years, some of the existing SCADA systems had suffered from cyber attacks due
to their existing vulnerabilities.
In November 2011, the US department of Homeland Security and the FBI probed a cyber attack on the
water system. The attackers accessed the network of the water utility in state capital Springfield using stolen
credentials from a company that supplies software to control industrial systems. Cyber security experts
commented on the incident by highlighting the risk that attackers can break into what is known as SCADA
systems [ 1].
In July 2010, Belarus-based Security Company discovered a worm called Stuxnet into a computer
belonging to Iranian client. Since then the Stuxnet has been studied by security researchers. At the start they
thought it has been written to steal industrial information. However, after months from private security
forensics, some of the researchers said that the worm has a kind of fingerprint that tells it has been designed to
destroy something large that it looks for a very specific Programmable Logic Controller (PLC) that runs in a
SCADA system, such as the Iranian’s nuclear reactors [ 2].
Targeted cyber attacks that caused multiple-city blackout have been reported to the CIA, January 2008 [
3]. Although there are no physical damage reports, somehow lives could be depending on the availability of
electricity in hospitals, airports, or train networks. There-fore, the information pushed between the components
of the smart grid network should be secure. From the previous incidents, we conclude that a secure SCADA
network is crucial to any critical infrastructure facilities. Therefore, searching for the SCADA security require-
ments that address majority of the threats is a must in order to provide a suitable security methodology.
Section 2 provides an explanation of SCADA security and some proposed schemes in this field. Section 3
discusses our proposed scheme for smart grid systems. The analysis and evolution of our scheme are given in
Sect. 4. Finally, Sect. 5 concludes the paper and suggests some future work in this field.
2. Encryption Security in SCADA Networks
www.ijres.org 89 | Page
II. SCADA Security And Related Work
Sommestad et al. in [ 4] have analyzed the SCADA security using a comprehensive search on a large
number of documents produced by governmental agencies and standardization bodies. This search was to come
up with standards and recommendations that are related to SCADA security. Based on their statistics, they
identified how much attention is given to the countermeasures and threats in SCADA systems. For
countermeasures, authentications with cryptographic techniques have taken the most interest percentage in order
to secure SCADA. However, on the other side of the scale, a few interests were found in developing a secure
organization, supporting system management tools; creating a system resilience or hardening of computers and
services. Figure 2 shows some statistics about the threats on SCADA systems. Also, the study found out that the
most common threat that occurred in SCADA systems was malicious code, and then comes the threat on data
communication that comes from authentication, integrity and confidentiality issues such as, spoofing, replay
attack, Man-In-The-Middle (MITM), interception, and data integrity. In the third place, the availability attacks
such as Denial of Service attacks (DoS) and Distributed DoS (DDoS)The percentage of this attack is marginally
equal the percentage of overall attacks targeting the authentication, confidentiality and integrity. This makes the
DoS solution more required in securing SCADA, however, it is not an easy field to address. The other
remaining threats were addressed for information gathering, threats from employees, social engineering, and
other threats such as password stealing, web-attacks, non-repudiation attack, etc.
The definition of some of these threats can be explained as the following:
Malicious Code or Malware is software designed to steal sensitive information or gain unauthorized access into
a critical infrastructure. It comes in different shape of code or script that are called viruses, worms, Trojan
horses, spyware and other malicious programs[ 5].
• Eavesdropping attack is the attempt of sniffing the network bandwidth and reading the data content for
valuable information such as, passwords, keys, results, or any kind of secret information.
• DoS and DDoS attacks are one of the most common attacks that can affect SCADA systems. They mostly
deprive the consumer from the service such as electricity blackout, or forbid the control center from
monitoring or communicating with its substations. These attacks come with a lot of concerns due to their
impact of suddenly losing a service.
• Spoofing and MITM attacks are related to authentication attacks that threaten the SCADA systems by
either claiming to be the control center or smart meter, and then they send false information and corrupt
the system.
• Data Integrity attacks impact the SCADA system by manipulating the information and forcing the control
center to make decisions based on wrong information.
Most control systems transmitting their measures and control commands via SCADA
network to the substations or owners. The attacker can find a way to exploit the existing vulnerabilities in this
network and impact on the physical appliances. Therefore, several solutions have been proposed to secure
SCADA systems. In [ 6], Hong et al. developed two computational algorithms to detect malicious attempts in a
power system environment. They gave cyber security scenarios for their algorithms and evaluated it on
University College Dublin (UCD) testbed. In addition, they apply an Inter-Control Center Communications
Protocol (ICCP) to link between two testbeds in UCD and Iowa State University. In [ 7], Davis et al. presented
an experiment by using the client network to act as a control station in a power system. Their experiment
demonstrated the vulnerability of the control station to a DDoS attack and the possibility for reducing the effects
of the attacks. They define an attack by “a way to prevent data from reaching its destination across the
network”.
They also used tools for their demonstrations; these tools are PowerWorld [ 8] for simulation and RINSE [ 9]
for realistic emulation of a large network. In [ 10], Chim et al. proposed a privacy-preserving authentication
protocol for smart grid system so-called PASS.
Their scheme is meant to be for providing authenticated messages between the substations smart
meters and the control center. They suggest supporting the smart appliances with sort of tamper-resistant
3. Encryption Security in SCADA Networks
www.ijres.org 90 | Page
devices in order to secure the data from cracking. The major feature of their protocol is providing the privacy of
the electricity usage for each consumer while the control center can appropriately generate enough amount of
electricity. From the previous work [ 5– 12], we can conclude that the most threats that affect the SCADA
system security are the ones linked to authentication, confidentiality, and integrity. Therefore, we propose a
novel solution that provides several security requirements as mutual authentication, confidentiality, data
integrity and accountability by combining both hardware and software security tools into one scheme to prevent
these types of attacks in SCADA systems
III. Our Proposed Scheme
In this section, we first explain the preliminaries of the proposed scheme, and then we discuss in details how it
works.
3.1 Preliminaries
Symmetric key encryption is a shared key algorithm where both parties should agree on one key K .
This key should be secret and no untrusted entity knows it. Ciphertext C is the result of encryption performed on
plaintext m using the symmetric-key K and the encrypt algorithm E.
C = EK {m}
The ciphertext C is sent to the second party which has to decrypt the ciphertext C. The second party has a
decryption algorithm D and the symmetric-key K in order to decrypt the ciphertext C and obtains the plaintext
m.
DK {C} = DK { EK {m}} = m
Hash-based Message Authentication Code(HMAC)has the same technique from the original message
authentication code (MAC). It uses a cryptographic hash function with a secret key sharing between both parties.
However in HMAC, the secret key is used to produce other two keys; using outer pad (opad) and inner pad
(ipad). This technique is used to provide an evidence for data integrity between the communicated parties. In the
MAC technique:
M AC = H (K , m)
Where the HMAC is generated using the following technique:
H M AC = H M AC(K , m) = H ((K ⊕ opad)_ H ((K ⊕ i pad)_m))
The reason of choosing HMAC over MAC is that the HMAC is more resistant to integrity attacks than MAC.
Also, the reason why we choose HMAC over digital signature is because it
requires less computation time for providing integrity check.
Nonce (N) is usually a random number used for authentication process in order that the message cannot be
reused and its freshness is guaranteed, thus avoiding the replay attack. In our scheme, in addition to providing
freshness and authentication, the nonce is also used to generate symmetric keys to encrypt the information
between the smart meters and control center.
Security Integrated Circuit (SIC) [ 13] is a physical temper resistant IC that has an internal security algorithm to
generate unclonable symmetric keys using nonce and another attribute called secret number (SN) which is
stored in the SIC. This IC is embedded into each produced smart meter from the power generators. Malicious
entities could impersonate authorized smart meter and send false information to the control center. Therefore,
the SIC provides active logical process for the smart meter to protect the shared information against various
kinds of physical and logical tampering attacks.
Two-factor Authentication (T-FA) is an authentication approach when the system requires two or more
evidences to verify the identity of the user. Nowadays, several critical institutes and companies are using two
factor authentication techniques to identify their customers such as tokens with a display, USB tokens or
smartcards. On account of the smart grid critical system, two factor authentications are required from the
consumer.
4. Encryption Security in SCADA Networks
www.ijres.org 91 | Page
Since we are relaying on a mobile device usage, therefore, a software token [ 14] could be adopted in the
electricity company’s application The application should produce a tokencode from 6 or 8 digits (secureID)
each 30–60 seconds for real-time communication.
Secret Key Generation Algorithm is a security algorithm implemented in the SIC. There could be more than one
algorithm inside the SIC and they are independent from the hardware manufacturers in their operation. They can
be used to generate keys, challenges, encrypted data or hash values.
3.2 The Proposed Scheme
Based on the smart grid SCADA system, the system consists of number of smart meters, set of servers
which formation the control center, the consumer who wants to monitor and adjust his electricity usage from a
mobile device [ 15]. The smart meters in our proposed solution are produced from the power generators with
each of which has a unique ID. This ID refers to the consumer in the control center’s secure database. Also,
each smart meter has a SIC that store a secret key (Ki) and a secret number (SN). These secret information also
store in the secure database. Each consumer in our SCADA system should have a username and password along
with his/her unique ID. The consumer could have smart meters for his/her house, company, and farm, therefore,
more than one unique ID could be linked to his/her username.
In brief, the control center might be located inside the electricity main station, where it works
continuously. The smart meter is installed by the electricity technicians inside a house, company or any institute
supplied by the electricity company. In addition, the smart meter should be linked to all the available smart
electricity sockets and smart appliances inside the premises. The consumer or substation owner should install
software to monitor and control the smart meter in his/her mobile devices such as smart phones, tablets or
laptops. The software has an embedded token generator linked to the user account for two-factor authentication.
When the smart meter is installed and turned on, it directly communicates with the control center by a wired or
wireless medium. Then, the control center verifies the smart meter and starts monitoring its electricity usage. In
the consumer side of view, the owner of the smart meter enters his/her username and password in the
application to authenticate his/her identity to the control center. The control center verifies the consumer and
provides him/her with current secret key of the smart meter along with a ticket for verification. Finally, the
consumer can securely monitor the collected data from his/her smart meter about the active electricity smart
sockets and he/she can initiate action remotely to disable or enable these sockets. Any actions done from the
consumer will be recorded from the smart meter and transmitted to the control center.
Step 1. The smart meter is turned on. It generates a nonce N1 and combines it with SN using SAlgo function to
generate KS. Then, the SM uses the Ki to produce HMAC of the [KS_N1]. The
result is sent to ContC as the following:
KS : SAlgo(N1, SN)
SM → ContC : SMid_ N1_ H M AC(Ki , M)
WhereM = [KS_N1]
Step 2. When the consumer wants to communicate with its smart meter, he/she has to login into the smart grid
network by a username and password. The consumer types them into the downloaded software from the
electricity company which has an embedded virtual token that generates SecureIDs. Then, his/her smart device
generates KC from the hashed password and encrypts the nonce N3 and SecureID, then it sends them along with
the username, as the following
C → ContC : Cid_{N3_SecureID}KC
Step 3. The control center receives the Cid and gets its password’s hash value from the secure database. The
control center generates KC , in order to decrypt the nonce and SecureID. If the decryption process succeeds,
then the first factor authentication is verified. The con-trol center generates a SecureID based on the Cid’s
software, and then matches it with the received one. If they match, the second factor authentication is also
5. Encryption Security in SCADA Networks
www.ijres.org 92 | Page
verified. The control center generates a session key KC,SM between the consumer and its smart meter. In
addition, it will generate a ticket for the consumer to forward it to the smart meter. As shown in the syntax
below, the ticket has a freshness parameter (N4).
ContC → C : {N3_KC,SM_VPT}KC_{T}KS
WhereT = [Cid_N3_N4_KC,SM_VPT]
Then, the consumer decrypts the first part of the message using the K
C
, and by checking the response nonce N
3
,
a mutual authentication is achieved between the consumer and control center. Of course the consumer cannot
decrypt the second part of the message because he/she does not have the key KS.
Step 4. The consumer prepares request to monitor the collected data by the smart meter and sends the request
along with the ticket received from the control center.
C → SM : Cid_{N3_Req}KC,SM_{T}KS
Step 5. The smart meter decrypts the ticket and ensures the freshness by checking N
4
, then, it uses the K
C,SM
to
decrypt the consumer’s request. By successful decryption and matching the N
3
from both parts of the message,
the smart meter authenticates the source Cid. It sends the result encrypted using K
C,SM
along the N
3
and a new
nonce N
5
to prove freshness. The following syntax shows the last required message in our scheme:
SM → C : SMid_{Res_N3_N5}KC,SM
Step 6. The smart meter is responsible for reporting all the consumer actions from mon-itoring to sending
commands and his behavior in using the electricity to SCADA central. These reports should be secured in order
to be used later on for consumer accountability. The following syntax shows the content of secure reports along
with freshness parameter (N6).
SM → ContC : SMid_{Report_Cid_N6}KS
IV. Security Analysis
In this section, we analyze the security properties of our proposed scheme. The analysis will focus on
how this scheme can address the security requirements. Our scheme givesthe monitoring and controlling process
for the smart grid network a secure environment that verifies the participant devices and end-users (consumers
or control center operators) in a mutual authentication process. It also provides a data integrity proof in order to
verify the integrity of requests and responses in the network. Our scheme supports a robustness key exchange
methodology based on a secret shared numbers, algorithms, and keys that stored in a secure integrated circuit
and databases. Therefore, data privacy using symmetric cryptographic keys is granted. The security analysis will
be divided into two parts; one that covers the security
requirements available between the smart meter and control center; and another covers the security requirement
available for consumer’s processes in the system.
4.1 Smart Meter and Control Center Security Analysis
From Step 1 and Step 2, the smart meter in this proposed scheme has physically a SIC that is sensitive
from any tampering attempts in order to secure the integrity of the internal secret number, SAlgo, and internal
key. This SIC provides the smart grid systems with a better security level by providing mutual authentication,
integrity and confidentiality for the communication process.
1) Mutual Authentication: Smart meter has basically two sides of communication; the first one is with the smart
electric sockets in the building, and the second one is with the control center server. Each electric socket is
connected in a way that communicates the information with a smart meter via IPv4 level of trust. The smart
meter can remotely activate or deactivate electronic socket based on its owner (consumer) or control center
commands. On the other side, the smart meter authenticates the control center using a change and response
technique. It sends a nonce which ensures the freshness as a plaintext along with the hash value for the nonce
and the generated secret key to the control center. Then, when the smart meter receives a hash value for the
6. Encryption Security in SCADA Networks
www.ijres.org 93 | Page
same nonce combined with a new nonce and a new generated secret key, it verifies the control center. Via a
simple comparison for the HMAC value, the control center authenticates the identity of the smart meters; and
vice versa.
2) Confidentiality: Generating a new secret key between the smart meter and the control center is a must to
complete the mutual authentication process between them. This secret key is either randomly generated
every time the smart meter is restarted or automatically in regular basis case. The generated key from the
nonce and the secret number should be long and does not have pattern with used nonce. The smart meter
uses this key to communicate securely with the control center.
3) Data Integrity: All the initial communications require a hash value which is generated using HMAC
function. This process supports the data integrity service in the scheme in order to verify the identities and
generated secret key authenticity. The usage of the hash value is to check if the message has been tampered
with or not. In case something went wrong the control center or the smart meter obviously would reject the
message and report the event.
4.2 Consumer, Control Center and Smart Meter Security Analysis
From Steps (3–7), basically, each consumer should be confident that only his/her devices can access
his/her own smart meter for monitoring or controlling purpose. Therefore, two-factor authentication is adopted
in our proposed scheme. Each consumer has a username and password which is something only he/she knows
and a licensed software application downloaded in his/her mobile device which produces tokencode for real
time communication. Our proposed scheme provides the consumer with a mutual authentication service with the
control center and the smart meter, in addition to integrity and confidentiality. Moreover, our scheme provides
authorization level for multiple system users, in addition to accountability.
1) Mutual Authentication: the proposed scheme is based on change and response technique using nonce and
two-factor authentication to provide mutual authentication between the consumer and the control center. The
change and response technique is also provided between the consumer and the smart meter along with
encrypted ticket which the intended smart meter only is able to decrypt. The consumer could have more than
one place to monitor. The control center is able to provide the authenticated consumer with an authentication
icket for each smart meter, and then the consumer has the option to choose the smart meter to connect. The
login stage of the consumer does not require the password to be sent in the network. The only things which
are sent are the consumer ID and an encrypted secureID by the hash value of the consumer’s password. The
secureID is a tokencode changing regularly, which makes it impossible to the attacker to login into the
system even if he/she successfully guesses the password with a dictionary or brute-force attack. Although,
the attacker could somehow find the password and find out the nonce N3 (freshness element), in order to
change the request of the consumer by replacing {N3_Req}KC,SM by his/her request, he/she should have
the KS to change the content of the ticket. As mentioned previously KS is a variable secret key between the
control center and smart meter. Therefore, impersonating the consumer in this scheme is very difficult,
unless the attacker has the user name and password along with the device that has the licensed application.
2) Confidentiality: Our proposed scheme guarantees that all the communication for the consumer is secured
using cryptography schemes such as AES. Once the consumer login, his/her password will be hashed to
generate a secret key in order to encrypt the generated nonce for the login process. In addition the response
from the control center is encrypted using the same key except the ticket which is encrypted using the smart
meter secret key. Our scheme prevents any eavesdropping or any attempts to disclose the information.
3) Integrity: Even though there is no one-way hash function in the consumer communication with the control
center and smart meter, the transmitted data cannot be changed as long as they are encrypted. In addition,
each message between the participants in our scheme consists of at least two parts; where one part ensures
the authenticity of the other.
4) Accountability: Each consumer should pass through a trusted third party (control cen-ter) in order to
communicate with his/her smart meter. The control center recodes the consumer ID and his session key with
the smart meter in secure database. Any action taken from the consumer side on the smart meter will be
reported to the control center. For example, if the consumer decides to perform a real-life monitoring, the
smart meter reports this request to the control center, the same for switching off the light in a room. The
smart meter’s reports have evidence that the consumer took the action.
7. Encryption Security in SCADA Networks
www.ijres.org 94 | Page
V. Conclusion And Future Work
This paper first introduces SCADA’s elements in the smart grid systems and how they are connected to
each other. Then, it highlights some of the recent security incidents on existing SCADA systems and how much
risks will be incurred if users ignore its security threats. The paper also discusses some of the related work in the
field of securing SCADA systems . and offers a survey on the most recent attacks performed on them. Then, it
proposes a novel scheme which aims to provide enhanced security for remote monitoring and control over
building electricity consumption. The proposed scheme provides mutual authentication, confidentiality, data
integrity and non repudiation between the participants of smart grid SCADA system against cyberattacks. In this
paper, a block diagram for the proposed scheme was provided with details for its secure communication. In
addition, a security analysis of the scheme highlighted the benefit from combining several security techniques
such as two-factor authentication, nonce, hash-based message authentication code (HMAC), and symmetric key
cryptography. As future work, a security analysis and verification based on a formal model could be pro-vided.
The verification process for our proposed scheme can be implemented using ProVerif tool [ 16]. This process
can clearly expose and evaluate the security mechanism of the scheme and detect any security defects and
develop model for information security criteria for smart grid system as in [ 17]. Finally, as some of the related
work, a demonstration using the freeware “Power World” or a simulation using RINSE would be provided in
order to collect results about the stability of our scheme.
BIBLIOGRAPHY
[1.] Hussam M. N. Al Hamadi, Chan Yeob Yeun, Mohamed Jamal Zemerly .A Novel Security Scheme for the Smart Grid and
SCADA Networks Wireless Personal Communications December 2013, Volume 73, Issue 4, pp 1547-1559.
[2.] Prolexic. (2012). Prolexic Quarterly Global DDoS Attack Report. Prolexic.com Retrieved from
http://www.prolexic.com/kcresources/attack-report/prolexic-quarterly-global-ddos-attack-report-q412-
1713/ProlexicQuarterlyGloba_DDoS_Attack_Report_Q412_011413.pdf
[3.] G. Preetha, B.S. Kiruthika Devi, and S. Mercy Shalinie. Combat model based ddos detection and defence using experimental
testbed: a quantitative approach. International Journal of Intelligent Engineering Informatics, pages 261-279, 2011.
[4.] T. Thapngam, S. Yu, W. Zhou, and G. Beliakov, "Discriminating DDoS Attack Traffic from Flash Crowd through Packet Arrival
Patterns," in Proceedings of the 30th Annual IEEE International Conference on Computer Communications (IEEE INFOCOM
2011), Shanghai, China, 2011, pp. 969 - 974.
[5.] Danny McPherson and Dave Oran. Architectural considerations of IP anycast. Draft -iab-anycast-arch-implications, February
2010.
[6.] http://thehackernews.com/2013/03/world-biggestddosattackthat-lmost.html
[7.] Behrouz A. Forouzan. Cryptography and network security, Fifth Edition ,Tata McGraw Hill Publication, 2010.
[8.] Arbor-Networks, "Worldwide Infrastructure Security Report: 2010 Report," Arbor Networks, 2011.
[9.] Shubha Kher Jinran Chen and Arun Somani. Mitigating denial of service attack using proof of work and token bucket algorithm.
Proceedings of the 2006 workshop on Dependability issues in wireless ad hoc networks and sensor networks, pages 65{72, 2011}
[10.] G. Preetha, B.S. Kiruthika Devi, and S. Mercy Shalinie. Combat model based ddos detection and defence using experimental
testbed: a quantitative approach. International Journal of Intelligent Engineering Informatics, pages 261{279, 2011}
[11.] Chin-Ling Chen, Chih-Yu Chang,” A Two-Tier Coordinated Defense Scheme against DDoS Attacks”, IEEE, 2011
[12.] Huey-Ing Liu, Kuo-Chao Chang” Defending Systems against Tilt DDoS Attacks”The 6th International Conference on
Telecommunication Systems, Services, and Applications, IEEE 2011.
[13.] Chengxu Ye, Kesong Zheng, Chuyu She,” Application layer DDoS detection using clustering analysis”,2nd International
Conference on Computer Science and Network Technology, IEEE, 2012.
[14.] S. Renuka Devi, P. Yogesh," An Effective Approach to Counter Application Layer DDoS Attacks", IEEE, ICCCNT'12.