Security Considerations in SCADA Communication Protocols

Supervisory Control and Data Acquisition (SCADA) networks control the critical utility and process control infrastructures in many countries. They perform vital functions for utility companies including electricity, natural gas, oil, water, sewage, and railroads. However, little attention was given to security considerations in the initial design and deployment of these systems, which has caused an urgent need to upgrade existing systems to withstand unauthorized intrusions potentially leading to terrorist attacks. This research identifies threats faced by SCADA and investigates effective methods to enhance its security by analyzing DNP3 protocols, which has become a de facto industry standard protocol for implementing the SCADA communications. We propose cost-effective implementation alternatives including SSL/TLS, IPsec, object security, encryption, and message authentication object. This report evaluates implementation details of these solutions, and analyzes and compares these approaches. We also suggest new research directions to more adequately secure SCADA communications over the long run.