A Scheme for Lightweight SCADA Packet Authentication

Page view(s)
Checked on Jan 05, 2024
A Scheme for Lightweight SCADA Packet Authentication
A Scheme for Lightweight SCADA Packet Authentication
Journal Title:
2017 23rd Asia-Pacific Conference on Communications (APCC)
Publication Date:
11 December 2017
L. Zhou, H. Guo, D. Li, J. Zhou and J. Wong, "A scheme for lightweight SCADA packet authentication," 2017 23rd Asia-Pacific Conference on Communications (APCC), Perth, Australia, 2017, pp. 1-6. doi: 10.23919/APCC.2017.8304051
Development and deployment of cyber security measures for legacy SCADA systems usually encounter challenges of limited computation resources in the field devices for supporting the designed cryptography processing. This paper presents a scheme with which the field device performs message authentication and integrity check only on selected critical packets such that it protects the system operation while avoiding high computation workload, and applies the scheme to a transportation SCADA system. The proposed scheme takes into account of the SCADA computation power limitation and real time requirements, and the extreme difficulty of making any changes to hardware or software in the legacy system. AES-CCM and symmetric key methods are applied for providing message authentication and integrity, and a bump-in-the-wire (BITW) implementation approach is adopted to avoid the changes to the legacy system. This lightweight packet authentication scheme is implemented and demonstrated over a testbed of a metro transportation SCADA system. Experiments show the effects of the scheme in blocking malicious packet attack and the comparison with a firewall approach.
License type:
Funding Info:
This work was supported by the National Research Foundation (NRF), Prime Minister’s Office, Singapore, under its National Cybersecurity R&D Programme (Award No. NRF2014NCR-NCR001-31) and administered by the National Cybersecurity R&D Directorate.
© 2017 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
Files uploaded:

File Size Format Action
apcc2017-1570389422.pdf 451.39 KB PDF Open