nach oben

Erschienen in:

2018 | OriginalPaper | Buchkapitel

De-Synchronisation Attack Modelling in Real-Time Protocols Using Queue Networks: Attacking the ISO/IEC 61850 Substation Automation Protocol

verfasst von : James G. Wright, Stephen D. Wolthusen

Erschienen in: Critical Information Infrastructures Security

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Applications developed for Supervisory Control And Data Acquisition (SCADA) protocols in several domains, particularly the energy sector, must satisfy hard real-time constraints to ensure the safety of the systems they are deployed on. These systems are highly sensitive to Quality of Service (QoS) violations, but it is not always clear whether a compliant implementation will satisfy the stated QoS of the standard. This paper proposes a framework for studying a protocol’s QoS properties based on a queuing network approach that offers a number of advantages over state machine or model-checking approaches.

The authors describe the framework as an instance of a network of M/M/1/K of queues with the block-after-service discipline, to allow for the analysis of probabilistic packet flows in valid protocol runs. This framework allows for the study of denial of service (DoS), performance degradation, and de-synchronisation attacks. The model is validated by a tool allowing automation of queue network analysis, and is used to demonstrate a possible breach of the QoS guarantees of the ISO/IEC 61850-7-2 substation automation standard with a de-synchronisation attack.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Analysis of Cybersecurity Threats in Industry 4.0: The Case of Intrusion Detection

Nächstes Kapitel Assessing Urban Rail Transit Systems Vulnerability: Metrics vs. Interdiction Models

Ansilla, J.D., Vasudevan, N., JayachandraBensam, J., Anunciya, J.D.: Data security in smart grid with hardware implementation against DoS attacks. In: International Conference on Circuit Power and Computing Technologies, ICCPCT 2015, pp. 1–7 (2015)

Cherepanov, A.: WIN32/INDUSTROYER: A New Threat for Industrial Control Systems. Technical report, ESET, 12 June 2017

Dolev, D., Yao, A.: On the security of public key protocols. IEEE Trans. Inf. Theory 29(2), 198–208 (1983)MathSciNetCrossRef

Gaderer, G., Treytl, A., Sauter, T.: Security aspects for IEEE 1588 based clock synchronization protocols. In: IEEE International Workshop on Factory Communication Systems, WFCS 2006, Torino, Italy, pp. 247–250. Citeseer (2006)

Gross, D., Shortle, J.F., Thompson, J.M., Harris, C.M.: Fundamentals of Queueing Theory, 4th edn. Wiley-Interscience, New York (2008)CrossRef

Hurst, W., Shone, N., Monnet, Q.: Predicting the effects of DDoS attacks on a network of critical infrastructures. In: IEEE International Conference on Computer and Information Technology; Ubiquitous Computing and Communications; Dependable, Autonomic and Secure Computing; Pervasive Intelligence and Computing, 2015, pp. 1697–1702, October 2015

Itkin, E., Wool, A.: A security analysis and revised security extension for the precision time protocol. In: IEEE International Symphosium on Precision Clock Synchronization for Measurement, Control, and Communication, ISPCS 2016, pp. 1–6 (2016)

Kammas, P., Komninos, T., Stamatiou, Y.C.: A queuing theory based model for studying intrusion evolution and elimination in computer networks. In: The Fourth International Conference on Information Assurance and Security, pp. 167–171, September 2008

Li, Q., Ross, C., Yang, J., Di, J., Balda, J.C., Mantooth, H.A.: The effects of flooding attacks on time-critical communications in the smart grid. In: 2015 IEEE Power Energy Society Innovative Smart Grid Technologies Conference (ISGT), pp. 1–5, February 2015

10.

Liu, S., Liu, X.P., Saddik, A.E.: Denial-of-Service (dos) attacks on load frequency control in smart grids. In: IEEE PES Innovative Smart Grid Technologies Conference ISGT 2013, pp. 1–6 (2013)

11.

Malhotra, A., Goldberg, S.: Attacking NTP’s authenticated broadcast mode. SIGCOMM Comput. Commun. Rev. 46(2), 12–17 (2016)CrossRef

12.

TC 57 Power Systems Management and Associated Information Exchange. Communication Networks and Systems for Power Utility Automation - Part 7–2: Basic Information and Communication Structure - Abstract Communication Service Interface. IEC standard 61850-7-2. Technical report, International Electrotechnical Commission (2010)

13.

Mitchell, D.L., Durgin, N.A., Lincoln, P.D., Mitchell, J.C., Scedrov, A.: Undecidability of bounded security protocols. In: Workshop on Formal Methods and Security Protocols (1999)

14.

Mizrahi, T.: A game theoretic analysis of delay attacks against time synchronization protocols. In: 2012 IEEE International Symposium on Precision Clock Synchronization for Measurement, Control and Communication, pp. 1–6, September 2012

15.

Moussa, B., Debbabi, M., Assi, C.: A detection and mitigation model for PTP delay attack in a smart grid substation. In: IEEE International Conference on Smart Grid Communications, SmartGridComm 2015, pp. 497–502, November 2015

16.

Osorio, C., Bierlaire, M.: An analytic finite capacity queueing network model capturing the propagation of congestion and blocking. Eur. J. Oper. Res. 196(3), 996–1007 (2009)CrossRef

17.

Patel, R., Borisaniya, B., Patel, A., Patel, D., Rajarajan, M., Zisman, A.: Comparative analysis of formal model checking tools for security protocol verification. In: Meghanathan, N., Boumerdassi, S., Chaki, N., Nagamalai, D. (eds.) CNSA 2010. CCIS, vol. 89, pp. 152–163. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-14478-3_16CrossRefMATH

18.

Srikantha, P., Kundur, D.: Denial of service attacks and mitigation for stability in cyber-enabled power grid. In: 2015 IEEE Power Energy Society Innovative Smart Grid Technologies Conference (ISGT), pp. 1–5, February 2015

19.

TC 57 Power systems management and associated information exchange. Communication networks and systems for power utility automation - Part 5: Communication requirements for functions and device models. IEC standard 61850–5. Technical report, International Electrotechnical Commission (2013)

20.

Tsang, J., Beznosov, K.: A security analysis of the precise time protocol (short paper). In: Ning, P., Qing, S., Li, N. (eds.) ICICS 2006. LNCS, vol. 4307, pp. 50–59. Springer, Heidelberg (2006). https://doi.org/10.1007/11935308_4CrossRef

21.

Ullmann, M., Vgeler, M.: Delay attacks - implication on NTP and PTP time synchronization. In: 2009 International Symposium on Precision Clock Synchronization for Measurement, Control and Communication, pp. 1–6, October 2009

22.

Wan, X.Y., Li, Z., Fan, Z.F.: A SIP DoS flooding attack defense mechanism based on priority class queue. In: 2010 IEEE International Conference on Wireless Communications, Networking and Information Security, pp. 428–431, June 2010

23.

Wang, Y., Lin, C., Li, Q., Fang, Y.: A queueing analysis for the denial of service (DoS) attacks in computer networks. Comput. Netw. 51(12), 3564–3573 (2007)CrossRef

24.

Wei, J., Kundur, D.: A flocking-based model for DoS-resilient communication routing in smart grid. IEEE Global Communications Conference, GLOBECOM 2012, pp. 3519–3524, December 2012

Titel: De-Synchronisation Attack Modelling in Real-Time Protocols Using Queue Networks: Attacking the ISO/IEC 61850 Substation Automation Protocol
verfasst von: James G. Wright
Stephen D. Wolthusen
Verlag: Springer International Publishing
Buch: Critical Information Infrastructures Security
Print ISBN: 978-3-319-99842-8

Electronic ISBN: 978-3-319-99843-5

Copyright-Jahr: 2018
DOI: https://doi.org/10.1007/978-3-319-99843-5_12

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"