More Web Proxy on the site http://driver.im/

research-article

Open access

SCADA World: An Exploration of the Diversity in Power Grid Networks

Authors:

Alvaro A. Cardenas,

Avishai WoolAuthors Info & Claims

Proceedings of the ACM on Measurement and Analysis of Computing Systems, Volume 8, Issue 1

Article No.: 10, Pages 1 - 32

https://doi.org/10.1145/3639036

Published: 21 February 2024 Publication History

Abstract

Despite a growing interest in understanding the industrial control networks that monitor and control our critical infrastructures (such as the power grid), to date, SCADA networks have been analyzed in isolation from each other. They have been treated as monolithic networks without taking into consideration their differences. In this paper, we analyze real-world data from different parts of a power grid (generation, transmission, distribution, and end-consumer) and show that these industrial networks exhibit a variety of unique behaviors and configurations that have not been documented before. To the best of our knowledge, our study is the first to tackle the analysis of power grid networks at this level. Our results help us dispel several misconceptions proposed by previous work, and we also provide new insights into the differences and types of SCADA networks.

References

[1]

2006. IEC 60870--5--104. (jun 2006). https://webstore.iec.ch/publication/3746&preview=1

[2]

2012. MODBUS Application Protocol Specification V1.1b3. (apr 2012). https://www.modbus.org/docs/Modbus_ Application_Protocol_V1_1b3.pdf

[3]

IEEE Standards Association. 2011. IEEE Std C37.118.2--2011 IEEE Standard for Synchrophasor Data Transfer for Power Systems. (dec 2011), 53. https://ieeexplore.ieee.org/document/6111222

[4]

IEEE Standards Association. 2014. Telecontrol protocols compatible with ISO standards and ITU-T recommendations - TASE.2 User guide. (dec 2014), 53. https://webstore.iec.ch/publication/3760

[5]

Amy Babay, John Schultz, Thomas Tantillo, Samuel Beckley, Eamon Jordan, Kevin Ruddell, Kevin Jordan, and Yair Amir. 2019. Deploying Intrusion-Tolerant SCADA for the Power Grid. In 2019 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). 328--335. https://doi.org/10.1109/DSN.2019.00043

[6]

Amy Babay, Thomas Tantillo, Trevor Aron, Marco Platania, and Yair Amir. 2018. Network-Attack-Resilient Intrusion- Tolerant SCADA for the Power Grid. In 2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). 255--266. https://doi.org/10.1109/DSN.2018.00036

[7]

Rafael R. R. Barbosa, Ramin Sadre, and Aiko Pras. 2012. Difficulties in Modeling SCADA Traffic: A Comparative Analysis. In Passive and Active Measurement, Nina Taft and Fabio Ricciato (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 126--135.

[8]

Rafael Ramos Regis Barbosa, Ramin Sadre, and Aiko Pras. 2016. Exploiting traffic periodicity in industrial control networks. International Journal of Critical Infrastructure Protection 13 (June 2016), 52--62. https://doi.org/10.1016/j. ijcip.2016.02.004

[9]

Eli Biham, Sara Bitan, Aviad Carmel, Alon Dankner, Avishai Wool, and Uriel Malin. 2019. Rogue7: Rogue Engineering Station attacks on S7 Simatic PLCs. Black Hat 13, 2 (2019), 21.

[10]

Atul Bohara, Jordi Ros-Giralt, Ghada Elbez, Alfonso Valdes, Klara Nahrstedt, and William H. Sanders. 2020. ED4GAP: Efficient Detection for GOOSE-Based Poisoning Attacks on IEC 61850 Substations. In 2020 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids (SmartGridComm). 1--7. https://doi.org/10. 1109/SmartGridComm47815.2020.9303015

[11]

Steven Cheung, Bruno Dutertre, Martin Fong, Ulf Lindqvist, Alfonso Valdes, and Keith Skinner. 2007. Using Model-based Intrusion Detection for SCADA Networks. Proceeding of the SCADA Security Scientifc Symposium (2007), 12.

[12]

Fan Chung. 1996. Spectral Graph Theory (1 ed.). CBMS Regional Conference Series in Mathematics, Vol. 92. American Mathematical Society.

[13]

International Electrotechnical Commission, Technical Committee 57, and International Electrotechnical Commission. 2011. Communication networks and systems for power utility automation. Part 8--1,. OCLC: 914242803.

[14]

Tsvika Dagan and Avishai Wool. 2014. Parrot, a software-only anti-spoofing defense system for the CAN bus. (2014), 10.

[15]

Noam Erez and Avishai Wool. 2015. Control variable classification, modeling and anomaly detection in Modbus/TCP SCADA systems. International Journal of Critical Infrastructure Protection 10 (2015), 59--70. https://doi.org/10.1016/j. ijcip.2015.05.001

Digital Library

[16]

Noam Erez and Avishai Wool. 2015. Control variable classification, modeling and anomaly detection in Modbus/TCP SCADA systems. International Journal of Critical Infrastructure Protection 10 (sep 2015), 59--70. https://doi.org/10. 1016/j.ijcip.2015.05.001

Digital Library

[17]

David Formby, Anwar Walid, and Raheem Beyah. 2017. A Case Study in Power Substation Network Dynamics. Proc. ACM Meas. Anal. Comput. Syst. 1, 1, Article 19 (jun 2017), 24 pages. https://doi.org/10.1145/3084456

Digital Library

[18]

Andy Greenberg. 2019. Sandworm: A new era of cyberwar and the hunt for the Kremlin's most dangerous hackers. Anchor.

[19]

Vipul Harsh, Sangeetha Abdu Jyothi, and P. Brighten Godfrey. 2020. Spineless Data Centers (HotNets '20). Association for Computing Machinery, New York, NY, USA, 67--73. https://doi.org/10.1145/3422604.3425945

Digital Library

[20]

Ersi Hodo, Stepan Grebeniuk, Henri Ruotsalainen, and Paul Tavolato. 2017. Anomaly Detection for Simulated IEC- 60870--5--104 Trafiic. In Proceedings of the 12th International Conference on Availability, Reliability and Security (ARES '17). Association for Computing Machinery, New York, NY, USA, Article 100, 7 pages. https://doi.org/10.1145/3098954. 3103166

Digital Library

[21]

A. J. Hoffman. 1964. On the Line Graph of the Complete Bipartite Graph. The Annals of Mathematical Statistics 35, 2 (1964), 883 -- 885. https://doi.org/10.1214/aoms/1177703593

[22]

Juan Hoyos, Mark Dehus, and Timthy X Brown. 2012. Exploiting the GOOSE protocol: A practical attack on cyberinfrastructure. In 2012 IEEE Globecom Workshops. 1508--1513. https://doi.org/10.1109/GLOCOMW.2012.6477809

[23]

Devika Jay, Himanshu Goyel, Umayal Manickam, and Gaurav Khare. 2022. Unsupervised Learning based Intrusion Detection for GOOSE Messages in Digital Substation. In 2022 22nd National Power Systems Conference (NPSC). 242--247. https://doi.org/10.1109/NPSC57038.2022.10069042

[24]

Sang Shin Jung, David Formby, Carson Day, and Raheem Beyah. 2014. A first look at machine-to-machine power grid network traffic. In 2014 IEEE International Conference on Smart Grid Communications (SmartGridComm). 884--889. https://doi.org/10.1109/SmartGridComm.2014.7007760

[25]

Monica Kaminska, James Shires, and Max Willem Eline Smeets. 2022. Cyber Operations During the 2022 Russian Invasion of Ukraine: Lessons Learned (so far). In European Cyber Conflict Research Initiative Tallinn Workshop (ECCRI 2022). European Cyber Conflict Research Initiative.

[26]

Hubert Kirrmann, Mats Hansson, and Peter Muri. 2007. IEC 62439 PRP: Bumpless recovery for highly available, hard real-time industrial networks. In 2007 IEEE Conference on Emerging Technologies and Factory Automation (EFTA 2007). IEEE, 1396--1399.

[27]

Amit Kleinman and Avishai Wool. 2014. ACCURATE MODELING OF THE SIEMENS S7 SCADA PROTOCOL FOR INTRUSION DETECTION AND DIGITAL FORENSICS. The Journal of Digital Forensics, Security and Law : JDFSL 9, 2 (2014), 37--50. https://www.proquest.com/scholarly-journals/accurate-modeling-siemens-s7-scada-protocol/docview/ 1626534339/se-2

[28]

Amit Kleinmann, Ori Amichay, Avishai Wool, David Tenenbaum, Ofer Bar, and Leonid Lev. 2018. Stealthy Deception Attacks Against SCADA Systems. In Computer Security, Sokratis K. Katsikas, Frédéric Cuppens, Nora Cuppens, Costas Lambrinoudakis, Christos Kalloniatis, John Mylopoulos, Annie Antón, and Stefanos Gritzalis (Eds.). Springer International Publishing, Cham, 93--109.

[29]

C.-Y. Lin and Simin Nadjm-Tehrani. 2021. A Comparative Analysis of Emulated and Real IEC-104 Spontaneous Traffic in Power System Networks. In Cyber-Physical Security for Critical Infrastructures Protection, Habtamu Abie, Silvio Ranise, Luca Verderame, Enrico Cambiaso, Rita Ugarelli, Gabriele Giunta, Isabel Praça, and Federica Battisti (Eds.). Springer International Publishing, Cham, 207--223.

[30]

Chih-Yuan Lin, Simin Nadjm-Tehrani, and Mikael Asplund. 2018. Timing-Based Anomaly Detection in SCADA Networks. In Critical Information Infrastructures Security. Springer International Publishing, Cham, 48--59.

[31]

Juan C. Lozano, Keerthi Koneru, Neil Ortiz, and Alvaro A. Cardenas. 2023. Digital Substations and IEC 61850: A Primer. IEEE Communications Magazine 61, 6 (2023), 28--34. https://doi.org/10.1109/MCOM.001.2200568

Digital Library

[32]

Kelvin Mai, Xi Qin, Neil Ortiz, Jason Molina, and Alvaro A. Cardenas. 2020. Uncharted Networks: A First Measurement Study of the Bulk Power System. In Proceedings of the ACM Internet Measurement Conference. ACM, Virtual Event USA, 201--213. https://doi.org/10.1145/3419394.3423630

Digital Library

[33]

Peter Maynard, Kieran McLaughlin, and Berthold Haberler. 2014. Towards Understanding Man-In-The-Middle Attacks on IEC 60870--5--104 SCADA Networks. In 2nd International Symposium for ICS & SCADA Cyber Security Research 2014. BCS Learning & Development. https://doi.org/10.14236/ewic/ics-csr2014.5

[34]

Neil Ortiz, Alvaro A. Cardenas, and Avishai Wool. 2023. A Taxonomy of Industrial Control Protocols and Networks in the Power Grid. IEEE Communications Magazine 61, 6 (2023), 21--27. https://doi.org/10.1109/MCOM.001.2200574

Digital Library

[35]

Xi Qin, Martin Rosso, Alvaro A. Cardenas, Sandro Etalle, Jerry den Hartog, and Emmanuele Zambon. 2022. You Can't Protect What You Don't Understand: Characterizing an Operational Gas SCADA Network. In 2022 IEEE Security and Privacy Workshops (SPW). IEEE, San Francisco, CA, USA, 243--250. https://doi.org/10.1109/SPW54247.2022.9833864

[36]

Pedro Juan Roig, Salvador Alcaraz, Katja Gilly, and Carlos Juiz. 2020. Modelling a Leaf and Spine Topology for VM Migration in Fog Computing. In 2020 24th International Conference Electronics. 1--6. https://doi.org/10.1109/ IEEECONF49502.2020.9141611

[37]

L. Salazar, S. Castro, J. Lozano, K. Koneru, E. Zambon, B. Huang, R. Baldick, and A. Cardenas. 2024. A Tale of Two Industroyers: It was the Season of Darkness. In 2024 IEEE Symposium on Security and Privacy.

[38]

Leonidas Stylianou, Lenos Hadjidemetriou, Markos Asprou, Lazaros Zacharia, and Maria K. Michael. 2021. A behavioral model to detect data manipulation attacks of synchrophasor measurements. In 2021 IEEE PES Innovative Smart Grid Technologies Europe (ISGT Europe). IEEE, Espoo, Finland, 1--6. https://doi.org/10.1109/ISGTEurope52324.2021.9639905

[39]

Hongsuda Tangmunarunkit, Ramesh Govindan, and Sugih Jamin. 2002. Network topology generators: Degree-based vs. structural. ACM SIGCOOM (2002), 147--159.

Digital Library

[40]

ChristianWressnegger, Ansgar Kellner, and Konrad Rieck. 2018. ZOE: Content-Based Anomaly Detection for Industrial Control Systems. In 2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). 127--138. https://doi.org/10.1109/DSN.2018.00025

[41]

Y. Yang, K. McLaughlin, T. Littler, S. Sezer, B. Pranggono, and H. F. Wang. 2013. Intrusion Detection System for IEC 60870--5--104 based SCADA networks. In 2013 IEEE Power Energy Society General Meeting. 1--5. https://doi.org/10.1109/ PESMG.2013.6672100

Cited By

Ortiz NCardenas AWool A(2024)SCADA World: An Exploration of the Diversity in Power Grid NetworksACM SIGMETRICS Performance Evaluation Review10.1145/3673660.365507852:1(13-14)Online publication date: 13-Jun-2024
https://dl.acm.org/doi/10.1145/3673660.3655078
Ortiz NCardenas AWool AGaretto MMarin ACiucu FFanti GRighter R(2024)SCADA World: An Exploration of the Diversity in Power Grid NetworksAbstracts of the 2024 ACM SIGMETRICS/IFIP PERFORMANCE Joint International Conference on Measurement and Modeling of Computer Systems10.1145/3652963.3655078(13-14)Online publication date: 10-Jun-2024
https://dl.acm.org/doi/10.1145/3652963.3655078
Candia ACappo C(2024)TinyICS: An Industrial Control System Simulator Based on NS-32024 43rd International Conference of the Chilean Computer Science Society (SCCC)10.1109/SCCC63879.2024.10767629(1-8)Online publication date: 28-Oct-2024
https://doi.org/10.1109/SCCC63879.2024.10767629

Index Terms

SCADA World: An Exploration of the Diversity in Power Grid Networks
1. Computer systems organization
  1. Real-time systems
2. Networks
  1. Network architectures
  2. Network protocols

Recommendations

SCADA World: An Exploration of the Diversity in Power Grid Networks
SIGMETRICS/PERFORMANCE '24: Abstracts of the 2024 ACM SIGMETRICS/IFIP PERFORMANCE Joint International Conference on Measurement and Modeling of Computer Systems

Despite a growing interest in understanding the industrial control networks that monitor and control our critical infrastructures (such as the power grid), to date, SCADA networks have been analyzed in isolation from each other. They have been treated as ...
SCADA World: An Exploration of the Diversity in Power Grid Networks
SIGMETRICS '24

Despite a growing interest in understanding the industrial control networks that monitor and control our critical infrastructures (such as the power grid), to date, SCADA networks have been analyzed in isolation from each other. They have been treated as ...
From Power to Water: Dissecting SCADA Networks Across Different Critical Infrastructures
Passive and Active Measurement
Abstract
In recent years, there has been an increasing need to understand the SCADA networks that oversee our essential infrastructures. While previous studies have focused on networks in a single sector, few have taken a comparative approach across ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Proceedings of the ACM on Measurement and Analysis of Computing Systems

Proceedings of the ACM on Measurement and Analysis of Computing Systems Volume 8, Issue 1

POMACS

March 2024

494 pages

EISSN:2476-1249

DOI:10.1145/3649331

Editors:
Augustin Chaintreau
Columbia University
,
Leana Golubchik
University of Southern California, United States
,
Zhi-Li Zhang
University of Minnesota, United States

Issue’s Table of Contents

Copyright © 2024 Owner/Author.

This work is licensed under a Creative Commons Attribution International 4.0 License.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 21 February 2024

Published in POMACS Volume 8, Issue 1

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

NSF-CNS

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
566
Total Downloads

Downloads (Last 12 months)566
Downloads (Last 6 weeks)65

Reflects downloads up to 16 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Ortiz NCardenas AWool A(2024)SCADA World: An Exploration of the Diversity in Power Grid NetworksACM SIGMETRICS Performance Evaluation Review10.1145/3673660.365507852:1(13-14)Online publication date: 13-Jun-2024
https://dl.acm.org/doi/10.1145/3673660.3655078
Ortiz NCardenas AWool AGaretto MMarin ACiucu FFanti GRighter R(2024)SCADA World: An Exploration of the Diversity in Power Grid NetworksAbstracts of the 2024 ACM SIGMETRICS/IFIP PERFORMANCE Joint International Conference on Measurement and Modeling of Computer Systems10.1145/3652963.3655078(13-14)Online publication date: 10-Jun-2024
https://dl.acm.org/doi/10.1145/3652963.3655078
Candia ACappo C(2024)TinyICS: An Industrial Control System Simulator Based on NS-32024 43rd International Conference of the Chilean Computer Science Society (SCCC)10.1109/SCCC63879.2024.10767629(1-8)Online publication date: 28-Oct-2024
https://doi.org/10.1109/SCCC63879.2024.10767629

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Media

Figures

Other

Tables

View Issue’s Table of Contents