A Taxonomy of Attacks on the DNP3 Protocol
نویسندگان
چکیده
Distributed Network Protocol (DNP3) is the predominant SCADA protocol in the energy sector – more than 75% of North American electric utilities currently use DNP3 for industrial control applications. This paper presents a taxonomy of attacks on the protocol. The attacks are classified based on targets (control center, outstation devices and network/communication paths) and threat categories (interception, interruption, modification and fabrication). To facilitate risk analysis and mitigation strategies, the attacks are associated with the specific DNP3 protocol layers they exploit. Also, the operational impact of the attacks is categorized in terms of three key SCADA objectives: process confidentiality, process awareness and process control. The attack taxonomy clarifies the nature and scope of the threats to DNP3 systems, and can provide insights into the relative costs and benefits of implementing mitigation strategies.
منابع مشابه
Real-Time and Interactive Attacks on DNP3 Critical Infrastructure Using Scapy
The Distributed Network Protocol v3.0 (DNP3) is one of the most widely used protocols, to control national infrastructure. Widely used interactive packet manipulation tools, such as Scapy, have not yet been augmented to parse and create DNP3 frames (Biondi 2014). In this paper we extend Scapy to include DNP3, thus allowing us to perform attacks on DNP3 in real-time. Our contribution builds on E...
متن کاملSimulated Attack on DNP3 Protocol in SCADA System
Supervisory Control and Data Acquisition (SCADA) system monitors and controls industrial process in physical critical Infrastructures. It is thus of vital importance that any vulnerabilities of SCADA system must be identified and mitigated. DNP3 is and open SCADA network protocol that is mainly used in electrical utilities. However, the security mechanisms of DNP3 were neglected at its design s...
متن کاملCategorizing Attacks on Cryptographic Protocols Based on Intruders' Objectives and Roles
A taxonomy of cryptographic protocol attacks is helpful for cryptographic protocol analysis. There are taxonomies of cryptographic protocol awss5, 9] and a taxonomy of replay attacks in terms of message origin and destinationn25]. This paper presents an attack taxonomy based on an intruder's objectives when launching attacks and the roles s/he plays. Understanding an intruder's possible behavio...
متن کاملSecure Authentication in the Grid: A Formal Analysis of DNP3: SAv5
Most of the world’s power grids are controlled remotely. Their control messages are sent over potentially insecure channels, driving the need for an authentication mechanism. The main communication mechanism for power grids and other utilities is defined by an IEEE standard, referred to as DNP3; this includes the Secure Authentication v5 (SAv5) protocol, which aims to ensure that messages are a...
متن کاملA Taxonomy of Replay Attacks
This paper presents a taxonomy of replay attacks on cryptographic protocols in terms of message origin and destination. The taxonomy is independent of any method used to analyze or prevent such attacks. It is also complete in the sense that any replay attack is composed entirely of elements classi ed by the taxonomy. The classi cation of attacks is illustrated using both new and previously know...
متن کامل