Proposed Architecture For Scada Network Security Computer Science Essay

Published:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Nowadays security plays the major role in the network. Growing size of such proprietary networks creates increased opportunity for successful attack. Supervisory control and data-acquisition (SCADA) networks are more secure and vulnerable to attach from both internal and external intruders. It is the mechanism which is used to provide continuous monitoring and authentication to the network. Authentication provided for the individual users and the nodes. Data collected from the various wireless sensor nodes. Active mode of operation is used to block the unauthorized nodes. After that the packets are given to the main system. MD5 (Message-Digest algorithm 5) is a widely used cryptographic hash function with a 128-bit hash value which is used to verify the packets. The packets may be the normal or malicious packets. Normal packets are given to the overall network. The malicious packets are given to the sink node for finding the compromised node in the network.

Keywords: Supervisory control and data-acquisition (SCADA) system, Wireless sensor nodes, Packet format.

1. INTRODUCTION

A SCADA system is a security mechanism which is used to protect the network from the attackers [both the internal and external intruders]. The main aim of the scada system is to provide reliability, security and availability. This system is used for all the real time environments. In previous cases, they are using various types of modes. Each mode contains some limitations.

The earlier system, passive modes are mostly used. Passive mode is just like a mirror page. It will monitor and analyze the packet flow then send the packet to the destination. All the packets including malicious packets also passed through the traffic. Only information is get from this mode of operation. Figure1 is the example diagram for passive mode of operation.

After that we go for half active mode. It's also some what similar to the previous one. Monitor and gather information, if any malicious packet will occur means halt the transaction. Figure2 is the example diagram for Active mode of operation. The various types of limitations are there so we go for the new proposed system. Continuous monitoring is present, may avoid loss of packets. The trust system intercepts and reacts to status messages and commands from network nodes destined for the master control station and other nodes in the network. The trust system's cost-effective, modular acquisition and employment options are well suited for meeting a wide range of implementation requirements.

Fig.1 Passive mode of operation

Previous existing system had an active mode with TCP/IP. Active mode [1] is much better than the previous modes of operations. The whole network is continuously monitored and analyzes the packet flow, the report it to the system.

Fig.2 Active mode of operation

In our proposed system, the same active mode of operation is used. The information's are collected from the various wireless sensor nodes [2]. When compare to the existing one, the data's or packets are collected from the network which is present near to the system. We can not able to collect packets from the wireless node.

II. SCADA System

In the past, a lot of these control systems operated in isolated environments with proprietary technologies. Consequently, they faced little to no cyber-security risk from external attackers. But today, modernization and the adoption of available commercial technologies have resulted in these systems becoming increasingly connected and interdependent. Security has been lagging during the increased modernization of these systems.

Authentication is fairly common for devices in the control space to use default passwords for access and control. The problem is further complicated by the move toward commercial, off-the-shelf (COTS) appliances and systems being integrated with the networks or part of the control systems themselves. While cutting costs and eliminating some of the proprietary nature of control systems, these appliances and systems bring with them the well-known passwords and vulnerabilities that each product may be subject to. Often these COTS systems may end up providing a point of entry for an attacker into the critical control network.

Attacks focusing on inserting faulty data can originate at the sensors on the communication networks that carry the data. Sensors that provide information about the control systems are subject to data falsification. They are the core of the control system and provide a fairly centralized point of control and data aggregation. These systems are subject to directed exploits in the control system software, exploits against the operating system, Trojans, malware, spy ware, and pretty much any attack other computers are subject to.

III. Literature Review

A. Wireless Sensor Mesh Networks in Highly Critical Systems

The SCADA systems are mainly focused on wireless sensor nodes [2]. These sensors are used to measure environmental data, such as temperature, pressure, vibration, light intensity etc. basically these sensors are located in various remote areas. The main aim of this sensor is to collect information from their current location. These devices should be autonomous. Light weight devices are used. The hardware and software for the node should be reliable and efficient one. By using this wireless sensor nodes, the whole system will be protected from the intruders.

There are various types of attacks are present. Sniffing attack is the one of the main attack present in the system. A sniffing attack may be carried out by both an insider and an outsider. These are the some of the common attacks present in the system. They are Jamming Attack, Sink hole Attack, Worm Hole Attack.

B. Understanding Trust and Security in SCADA System

In real time environment, they are using various types of architecture. Each architecture will give certain ways to implement our network in an efficient manner. In this we have "trusted secure networked architecture based on interlocking rings (SNAIR)". The whole architecture is considered as a ring. Initially it will starts from zero. The architecture should be well developed and then checked for their reliability.

There are many real time applications present. They are Oil and Gas, Air Traffic and Railways, Power generation and Transmission, Manufacturing and Water Management etc.

C. A Trust System Architecture for SCADA Network Security

The main aim of the trust system is to improve security by using existing utility systems. In the networking systems, the trust system is placed in the broader context. It will improve the security and flexibility using TCP traffic. A trust system can perform at or near the real-time requirements that the supervisory control and data acquisition (SCADA) network requires even with the overhead of TCP/IP and UDP/IP communications, Internet Protocol Security (IPsec) encryption, firewall rules, format check, and access control functions.

The main aspect is to share the information with regional utilities with some enhanced security features. So many types of operations are there. They are passive mode, half-active mode, tunnel mode and gateway mode. Each mode of operation contains some limitations and security problems. In this trust system uses an active mode of operation; it means that there is no need to upgrade the system every time. Active mode of operation is used because restructuring and all time upgrading process is reduced. The trust system intercepts and reacts to status messages and commands from network nodes destined for the master control station and other nodes in the network.

The original trust system only had an active mode router-based implementation. This paper introduces passive mode, half-active mode, and tunnel/gateway mode trust systems to greatly add to the range of situations where security can be added to existing SCADA systems. The new trust system implementations allow firewall and intrusion detection security to be embedded through tunneled connections when SCADA traffic must pass through the Internet or other unsecured networks. Passive and half-active implementations also allow for trust systems in environments where router replacements or direct modifications are not possible.

D. Improving Security for SCADA Control Systems

A SCADA system is a common process automation system which is used to gather data from sensors and instruments located at remote sites and to transmit data at a central site for either control or monitoring purposes. The reality is that a growing number of worms and viruses spread by exploiting software design, operations and human interface. Solutions for preventing the attacks are becoming more important. Security knowledge is likely to include policy, standards, and design and attack patterns, thread models, code samples, reference architecture, and secure development frame work.

Information security management principles and processes need to be applied to SCADA systems without except ion. More efforts should be planned on reducing the vulnerabilities and improving the security operations of these systems. Methods for risk management that are based on automated tools and intelligent techniques are more beneficial to SCADA systems because they require minimum or no human intervention in cont rolling the processes. SCADA systems evolution allows us to better understand many security concerns. The regular environment is placing increased demands on SCADA system, driving data capture and retention, documentation, training, security, policy, and reporting requirements.

Fig 3. Integrated SCADA Architecture

This is the general diagrammatic format of the integrated SCADA Architecture. In this all the hosts and various Remote terminal Units are connected to the SCADA nodes. LAN is used for local area connection. Information security management principles and processes need to be applied to SCADA systems without except ion. More efforts should be planned on reducing the vulnerabilities and improving the security operations of these systems.

In addition, the LANs that these architectures use raise a new set of security concerns, leading to the introduction of features such as encrypted data sets and dedicated access mechanisms in information assurance applications. without any connect ion to the Internet these systems are still vulnerable to external or internal attackers that can exploit vulnerabilities in software such as operating systems, custom and vendor software, data storage software, databases, and applications. Modern products are often based on component architectures using commercial off-the-shelf products (COTS) elements as units. Most SCADA systems are not protected with appropriate security safeguards.

IV.EXISTING SYSTEM

In the existing system, isolated environments are mostly used because at that time the attackers target levels are low. Nowadays the technologies are improved. So the degree of attack also increased. Security has been lagging during the increased modernization of these systems. Various modes of operations are used. Passive modes are mostly used. Passive mode is just like a mirror page. It will monitor and analyze the packet flow then send the packet to the destination. All the packets including malicious packets also passed through the traffic. Only information is get from this mode of operation. Figure1 is the example diagram for passive mode of operation.

After that we go for half active mode. It's also some what similar to the previous one. Monitor and gather information, if any malicious packet will occur means halt the transaction. Figure2 is the example diagram for Active mode of operation.

Previous system had an active mode with TCP/IP. Active mode [1] is much better than the previous modes of operations. The whole network is continuously monitored and analyzes the packet flow, the report it to the system. In our proposed system, the same active mode of operation is used. The information's are collected from the various wireless sensor nodes [2]. When compare to the existing one, the data's or packets are collected from the network which is present near to the system. We can not able to collect packets from the wireless node. The various types of limitations are there so we go for the new proposed system. Continuous monitoring is present, may avoid loss of packets.

i. Limitation of the System

The existing system has many limitations. Here, the passive mode of operation is used, so in that the system will maintain the intruders list. Passive mode of operation will collect all the intruders' information. This mode of operation allows the intruder pass the packet to the network. The network will know the information about the intruder after he sends the packet. This is the main demerit of the existing system. So we go for the new proposed system. It will overcome the all above mentioned problems.

V. PROPOSED SYSTEM

Nowadays security plays the major role in the network. Growing size of such proprietary networks creates increased opportunity for successful attack. Supervisory control and data-acquisition (SCADA) networks are more secure and vulnerable to attach from both internal and external intruders. It is the mechanism which is used to provide continuous monitoring and authentication to the network. Authentication provided for the individual users and the nodes. Data collected from the various wireless sensor nodes.

Fig.3 Architecture diagram for proposed system

Active mode of operation is used to block the unauthorized nodes. After that the packets are given to the main system. MD5 (Message-Digest algorithm 5) is a widely used cryptographic hash function with a 128-bit hash value which is used to verify the packets. The packets may be the normal or malicious packets. Normal packets are given to the overall network. The malicious packets are given to the sink node for finding the compromised node in the network.

5.1Trust System Solutions:

Even with technical training, regular application of the latest patches, security software and hardware, and dedicated specialists for round-the-clock monitoring, even the most heavily defended IT networks see their share of system compromises throughout the year from Internet connections. The trust system records suspicious event details useful for IT and security personnel to prove to management the types and quantities of attacks against the network. These records should prove useful when investing in security purchases.

6. CONCLUSION

The proposed system will provide the secured environment to the user. Active mode of operation is used. Continuously monitor the network will provide the secured environment. Authorization is provided by the master, when the unauthorized user enters into the network means that particular IP address is blocked. In the existing system focused on the technical operation of the system by augmenting routers to protect user datagram protocol (UDP) based traffic.

In our proposed system, the data are collected from the wireless sensor nodes (WSN). By using this we can able to collect data's from various areas. These are protected by digital certificates to prevent unauthorized users from intercepting the information or introducing false data into the SCADA system. Authorization is the main security part present in this project. My future work is going to develop the proposed system with some security features. Checking process will be provided for both users and the packets. Continuous assessment is the main part of this project. By using this we can able to avoid the malicious packets as well as users.

In conclusion, believe that as long as the security issues are adequately addressed, the Proposed System should be able to achieve great success in future.

Writing Services

Essay Writing
Service

Find out how the very best essay writing service can help you accomplish more and achieve higher marks today.

Assignment Writing Service

From complicated assignments to tricky tasks, our experts can tackle virtually any question thrown at them.

Dissertation Writing Service

A dissertation (also known as a thesis or research project) is probably the most important piece of work for any student! From full dissertations to individual chapters, we’re on hand to support you.

Coursework Writing Service

Our expert qualified writers can help you get your coursework right first time, every time.

Dissertation Proposal Service

The first step to completing a dissertation is to create a proposal that talks about what you wish to do. Our experts can design suitable methodologies - perfect to help you get started with a dissertation.

Report Writing
Service

Reports for any audience. Perfectly structured, professionally written, and tailored to suit your exact requirements.

Essay Skeleton Answer Service

If you’re just looking for some help to get started on an essay, our outline service provides you with a perfect essay plan.

Marking & Proofreading Service

Not sure if your work is hitting the mark? Struggling to get feedback from your lecturer? Our premium marking service was created just for you - get the feedback you deserve now.

Exam Revision
Service

Exams can be one of the most stressful experiences you’ll ever have! Revision is key, and we’re here to help. With custom created revision notes and exam answers, you’ll never feel underprepared again.