Author : Bhagyashri Sangewar, Bimal Shah and Dr. A. R. Buchade

Industrial Automation and Control Systems (IACS) required to facilitate the safer means of information communication between smart devices such as various Intelligent Electronic Devices (IEDs). Security in Industrial Automation and Control Systems (IACS) is critical task as many of these devices are present in remote location and controlling critical plant processes. These IEDs and SCADA or other hosts uses various protocols such as Modbus, DNP3 etc. Here focus of work is to detect security attacks on IACS products. Protocols such as Modbus or basic DNP3 does not provide any security features. These creates opportunity for attacker to attack IACS devices using man in the middle, packet modification, eavesdropping types of attacks. Attack on any device is possible due to vulnerabilities in device itself or kind of protocols used. It is important to understand such communication protocols so that we can understand how attacker can affect communication mechanism to attack the device. Here as a reference we have considered Distributed network protocol version 3 (DNP3) which is nonproprietary protocol used in Supervisory Control and Data Acquisition (SCADA) system. DNP3-SA provides authentication mechanism which ensures the integrity and confidentiality between communicating devices. However, it may need to detect attacks if attacker can breach the defense mechanism of the protocol. The purpose of this project to detect attacks. This can be done by monitoring network packet of given protocol (which is DNP3 in this case) as well as by monitoring various system information. Network packets can help us to prevent the attacks while system information can be utilized to identify attack as soon as attack has taken place.

Keywords: Industrial Automation and Control Systems, SCADA, DNP3 protocol, Secure authentication, Security