Copyright (c) 2008, All Rights Reserved. Iowa State University G. Manimaran & Chen-Ching Liu CPS-Energy Workshop- 2009 Page 1 SCADA control network Vendor Personnel or S ite E ngineers C ontrol C enter Intranet Substation Intranet ` M odem O therIntranets Application S ervers IP:10.0.1.1-5 SCADA Servers, IP:10.0.1.6-10 D atabase Servers, IP:10.0.1.11-15 ` ` C orporate W AN ` ... IED s D ata Concentrator IP:10.0.10.71 Fram e R elay Netw ork / R adiow ave /D edicated Line Data C oncentrator IP:10.0.10.70 Engineering C onsoles IP:10.0.5.80-85 Router IP :10.0.5.102 U ser Interfaces IP :10.0.1.30-40 D ispatcher Training Sim ulators IP:10.0.1.50-55 U ser Interfaces IP :10.0.10.1-3 C orporate W AN G P S R eceiver IP:10.0.0.10.55 H ackers R em ote Access N etw ork through D ial-up,VP N ,or Wireless R em ote A ccess C onnection through TC P/IP C onnection through D N P/M odbus Protocol R outer,10.0.10.3 Firew all IP:10.0.1.100 Firew all, IP:10.0.1.101 Firew all, IP:10.0.10.0 W ireless H ub,IP:10.0.10.90 M odem M odem Application Servers IP:10.0.5.150-155 Firew all IP:10.0.5.101
SCADA control network. Cyber-Security Threats to Power Grid. Internet-Based Attacks. Worms / Trojan Horse / Spyware. Denial of Service (DoS). Routing Attacks. Intrusions. Protocol Attacks. Threats to Power Infrastructure. SCADA Network – Denial of service attack (model). - PowerPoint PPT Presentation
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Copyright (c) 2008, All Rights Reserved. Iowa State University G. Manimaran & Chen-Ching LiuCPS-Energy Workshop-2009Page 1
SCADA control network
Vendor Personnel or
Site Engineers
Control Center Intranet
Substation Intranet
`
Modem
Other Intranets
Application Servers
IP: 10.0.1.1-5
SCADA Servers,
IP: 10.0.1.6-10
Database Servers,
IP: 10.0.1.11-15
` `
Corporate WAN
`
...IEDs
Data ConcentratorIP: 10.0.10.71
Frame Relay Network / Radiowave / Dedicated Line
Data ConcentratorIP: 10.0.10.70
EngineeringConsolesIP: 10.0.5.80-85
RouterIP: 10.0.5.102
User InterfacesIP: 10.0.1.30-40
Dispatcher Training SimulatorsIP: 10.0.1.50-55
User InterfacesIP: 10.0.10.1-3
Corporate WAN
GPS ReceiverIP: 10.0.0.10.55
Hackers
Remote Access Network through Dial-up, VPN, or
Wireless
Remote Access Connection through TCP/IP
Connection through DNP/Modbus Protocol
Router, 10.0.10.3
FirewallIP: 10.0.1.100
Firewall, IP: 10.0.1.101
Firewall, IP: 10.0.10.0
Wireless Hub, IP: 10.0.10.90
Modem
Modem
Application ServersIP: 10.0.5.150-155
FirewallIP: 10.0.5.101
Copyright (c) 2008, All Rights Reserved. Iowa State UniversityPage 2
Cyber-Security Threats to Power Grid
Internet-Based Attacks
Protocol Attacks
Intrusions
Worms / Trojan Horse /
Spyware
Routing Attacks
Denial of Service (DoS)
Copyright (c) 2008, All Rights Reserved. Iowa State UniversityPage 3
SCADA Network – Denial of service attack (model)
Controller Network Delay
Network Delay
Actuator
Sensor
Output
SubstationForward Delay
Backward Delay
Control Center
Reference
+
-
Schematic of SCADA System
Control Model of SCADA System
Control Center Network
Substation Automation Network
`
Application Servers
SCADA Servers,
Database Servers,
` `
...IEDs
Data Concentrator
User Interfaces
Dispatcher Training Simulators User
Interfaces
GPS ReceiverFirewall
Modem
Modem
Firewall
WAN
Router
RouterRouter
RouterRouter
Router
Latency increase impact the real-time operation of the system
Copyright (c) 2008, All Rights Reserved. Iowa State University G. Manimaran & Chen-Ching LiuCPS-Energy Workshop-2009Page 4