Project: SCADA Protocol Vulnerability Analysis
Funded by: National Infrastructure Security Coordination Centre, London, UK
The National Infrastructure Security Centre of London has contracted the BCIT Technology Centre to conduct a study on the vulnerability of protocols used in the SCADA (Supervisory Control and Data Acquisition) systems. SCADA is the network system used to control the power generation grid and facilities. The SCADA systems reliance on information systems, puts industrial production and human safety at risk from potential cyber attacks. For obvious reasons, security is becoming an increasing and major concern in this industry. The BCIT team will study and test the SCADA protocol Modbus/TCP, develop software for automatic vulnerability check and provide recommendations to improve the security of this protocol and associated SCADA devices.
Computer networks based on Ethernet and TCP/IP are now being used in the electricity, oil production, and water industries to operate the critical processes. These systems, known in the industry as either process control systems or as Supervisory Control And Data Acquisition (SCADA) systems, are now responsible for the uninterrupted operation of services that we consider essential for our way of life.
At the same time, the core of our information infrastructure - the Internet - has come under increasing attack from a wide variety of sources. Cyber attacks on information networks occur regularly and could have serious consequences such as disrupting critical services and even loss of life.
The NISCC, an organization set up to coordinate efforts within government and the private sector to defend Critical Infrastructures in the UK against electronic harm, contracted BCIT to develop a strategy to evaluate SCADA products for security weaknesses. The research team, including members from the University of Victoria and Cisco System's Critical Infrastructure Assurance Group, conducted an in-depth analysis of a widely used SCADA protocol, looking for inherent security flaws that could be exploited. They then developed an automated vulnerability checker designed to locate possible security vulnerabilities. The final result was as series of recommendations for improving the security of the protocol that will form a key part of the British Government's strategy for securing critical infrastructure in the UK.