Re: [SystemSafety] SCADA; was: Static Analysis

From: Brent Kimberley < >
Date: Mon, 10 Mar 2014 06:08:51 -0700 (PDT)

Alternatives may include delays and/or RS-422 simplex.

From: "Driscoll, Kevin R" <kevin.driscoll_at_xxxxxx
Sent: Sunday, March 9, 2014 5:01:32 AM
Subject: [SystemSafety] SCADA; was: Static Analysis

SCADA has the problem of a huge number (100,000,000+) of proprietary boxes designed over a span of nearly half a century, without serious security consideration.  The referenced web page says:
“…breaching a power system through serial communication devices can be easier than attacking through the IP network because it does not require bypassing layers of firewalls.
     In theory, an intruder could exploit the vulnerabilities simply by breaching the wireless radio network.”  These networks typically do not provide any secrecy, integrity, or authentication.
Replacing these boxes with something more secure or adding firewall/encryption boxes to every node would be prohibitively expensive.  Utilities that I have talked to say that upgrading the existing boxes would be even more expensive.  One thing that the majority of these SCADA installations have in common is that the SCADA equipment connects to their network via a wired or RF modem which is connected to the local equipment via a DB-9 EIA/RS-232 cable.  To solve this problem, we are developing a "Crypto Dongle" that can be inserted into this cable connection and is self powered (scavenges power from the EIA/RS-232 signals).  Total acquisition and installation cost are so much lower than adding or replacing boxes, that encrypted SCADA networks would be economically viable.  In addition to the obvious design constraints of extremely low power and cost, these devices also need to have negligible increase in latency and bandwidth consumption.  Another
 interesting design requirement is dissection/vivisection prevention.  Most SCADA installations are unguarded and are far enough away from responders to an intrusion alarm that we must assume that an intruder can have significant time in which to physically attack the Dongle to try extract its secrets.
Cyber-physical systems (in which SCADA is a major sector) is a topic for this year’s DSN ( 
and the immediately following IFIP WG 10.4 meeting has the topic:  Energy Cyber-Physical System Assurance.  I am looking for presenters for this meeting.
Sent: Wednesday, February 26, 2014 05:25
Subject: Re: [SystemSafety] Static Analysis
On 25/02/14 20:40, Peter Bernard Ladkin wrote:

It`'s hard to believe. Does stuff like this happen in the safety-critical area to leading companies still? 
I appreciate that these may not be because of a lack of static analysis, but this caught my eye a little while back:

And it was interesting to see this mentioned in the Graham Cluley blog linked from The Guardian article.

ReVuln’s website declares that it can provide details of undisclosed and unpatched vulnerabilities in SCADA/HMI/ICS systems. These are the types of industrial control systems which are used by critical infrastructure such as water treatment, power stations and gas pipelines.

Mike RothonM::+44 7718 209010
Certisa is ISO 9001:2008 certified for Safety, Testing, Documentation and Certification
Contact: T::+44 1932 889 442 F::+44 1932 918 118

The System Safety Mailing List

The System Safety Mailing List
systemsafety_at_xxxxxx Received on Mon Mar 10 2014 - 14:09:06 CET

This archive was generated by hypermail 2.3.0 : Tue Jun 04 2019 - 21:17:06 CEST