Toward Survivable Intrusion-Tolerant Open-Source SCADA
نویسنده
چکیده
As vital components of critical infrastructure, SCADA systems must continue to operate correctly and at their expected level of performance at all times. However, current SCADA systems are vulnerable to intrusions, and even a single compromise can cause catastrophic consequences. We present the architecture of and initial steps toward the first intrusion-tolerant open-source SCADA system that is survivable over the required long system lifetimes. We perform a case study of a hypothetical deployment on the Eastern Seaboard of the United States to validate that our SCADA system will meet SCADA application latency requirements.
منابع مشابه
Constructing a Practical Intrusion Tolerant Replication System
The increasing number of cyber attacks against critical infrastructures, which typically require large state and long system lifetimes, necessitates the design of systems that are able to work correctly even if part of them is compromised. We present the first practical survivable intrusion tolerant replication system, which defends across space and time using compiler-based diversity and proac...
متن کاملThe DPASA Survivable JBI—A High-Water Mark in Intrusion-Tolerant Systems1
In this paper, we describe the design, development, and validation of an information system that has recently set a new high-water mark for intrusion tolerance. The system, known as the DPASA Survivable JBI, conforms to an abstract architecture for survivable systems and integrates concrete defense mechanisms for preventing intrusion and for detecting and responding to intrusions that cannot be...
متن کاملA real time OCSVM Intrusion Detection module with low overhead for SCADA systems
In this paper we present a intrusion detection module capable of detecting malicious network traffic in a SCADA (Supervisory Control and Data Acquisition) system. Malicious data in a SCADA system disrupt its correct functioning and tamper with its normal operation. OCSVM (One-Class Support Vector Machine) is an intrusion detection mechanism that does not need any labeled data for training or an...
متن کاملDeveloping a Heterogeneous Intrusion Tolerant CORBA System
Intrusion Tolerant systems provide high-integrity and high-availability services to their clients in the face of successful attacks from an adversary. The Intrusion Tolerant Distributed Object Systems (ITDOS) research project is developing an architecture for a heterogeneous intrusion tolerant distributed object system. ITDOS integrates a Byzantine Fault Tolerant multicast protocol into an open...
متن کاملExperiences on Intrusion Tolerance Distributed Systems
Distributed systems today are very vulnerable to malicious attacks, either from insiders or outsiders. When an attacker controls a component of the system, he may steal some sensitive information, create some false information, or prevent legitimate users from using the system. An intrusion-tolerant distributed system is a system which is designed so that any intrusion into a part of the system...
متن کامل