Skip to main content
SpringerLink
Log in

Security Issue of WirelessHART Based SCADA Systems

  • Conference paper
  • First Online:
Risks and Security of Internet and Systems (CRiSIS 2015)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 9572))

Included in the following conference series:

Abstract

The security of Supervisory Control and Data Acquistition systems (SCADA) has become these last years, a major worldwide concern. Indeed, several incidents and cyber-attacks stressed the emergency to make more efforts to secure these systems which manage important economical infrastructures. The increasing use of wireless sensors also brings their security vulnerabilities. Therefore, several communication protocols were developed to meet real time and security requirements needed by this kind of systems. WirelessHART is the first approved international standard for industrial wireless devices. It implements several mechanisms to ensure hop-by-hop and end-to-end security. However, despite these mechanisms, it remains possible for an attacker to conduct an attack against such wireless networks. In this paper, we give the first description of a Sybil attack specially tailored to target WirelessHART based SCADA systems. This attack can lead to harmful consequences such as disturbing the infrastructure functioning, interrupting it or more again causing its destruction (overheating of a nuclear reactor).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Falliere, N., Murchu, L.O., Chien, E.: W32. stuxnet dossier. White paper, Symantec Corp., Security Response, vol. 5 (2011)

    Google Scholar 

  2. Slay, J., Miller, M.: Lessons learned from the maroochy water breach. In: Goetz, E., Shenoi, S. (eds.) Critical Infrastructure Protection, Post-Proceedings of the First Annual IFIPWorking Group 11.10 International Conference on Critical Infrastructure Protection. IFIP, vol. 253, pp. 73–82. Springer, USA (2007)

    Google Scholar 

  3. Cárdenas, A.A., Roosta, T., Sastry, S.: Rethinking security properties, threat models, and the design space in sensor networks: a case study in SCADA systems. Ad Hoc Netw. 7(8), 1434–1447 (2009)

    Article  Google Scholar 

  4. ZigBee Alliance: ZigBee Pro. http://www.zigbee.org

  5. HART Communication Foundation: WirelessHART. http://www.hartcom.org

  6. Wireless System for Automation: ISA100. http://www.isa.org

  7. Douceur, J.R.: The sybil attack. In: Druschel, P., Kaashoek, M.F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 251–260. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  8. Karlof, C., Wagner, D.: Secure routing in wireless sensor networks: attacks and countermeasures. Ad Hoc Netw. 1(2–3), 293–315 (2003)

    Article  Google Scholar 

  9. Newsome, J., Shi, E., Song, D.X., Perrig, A.: The sybil attack in sensor networks: analysis and defenses. In: Ramchandran, K., Sztipanovits, J., Hou, J.C., Pappas, T.N. (eds.) Proceedings of the Third International Symposium on Information Processing in Sensor Networks, IPSN, pp. 259–268. ACM, USA (2004)

    Google Scholar 

  10. Igure, V.M., Laughter, S.A., Williams, R.D.: Security issues in SCADA networks. Comput. Secur. 25(7), 498–506 (2006)

    Article  Google Scholar 

  11. Stouffer, K.A., Falco, J.A., Scarfone, K.A.: SP 800–82. Guide to industrial control systems (ICS) security. Technical report, National Institute of Standards and Technology, Gaithersburg, MD, United States (2011)

    Google Scholar 

  12. Larkin, R.D., Lopez Jr., J., Butts, J.W., Grimaila, M.R.: Evaluation of security solutions in the SCADA environment. SIGMIS Database 45(1), 38–53 (2014). http://dx.doi.org/10.1145/2591056.2591060

    Article  Google Scholar 

  13. Tabrizi, F.M., Pattabiraman, K.: A model-based intrusion detection system for smart meters. In: 15th International IEEE Symposium on High-Assurance Systems Engineering, HASE 2014, Miami Beach, FL, USA, 9–11 January 2014, pp. 17–24. IEEE Computer Society (2014)

    Google Scholar 

  14. Huitsing, P., Chandia, R., Papa, M., Shenoi, S.: Attack taxonomies for the modbus protocols. IJCIP 1, 37–44 (2008)

    Google Scholar 

  15. Fovino, I.N., Carcano, A., Murel, T.D.L., Trombetta, A., Masera, M.: Modbus/DNP3 state-based intrusion detection system. In: 24th IEEE International Conference on Advanced Information Networking and Applications, AINA, pp. 729–736. IEEE Computer Society, Australia (2010)

    Google Scholar 

  16. Coppolino, L., D’Antonio, S., Romano, L., Spagnuolo, G.: An intrusion detection system for critical information infrastructures using wireless sensor network technologies. In: 2010 5th International Conference on Critical Infrastructure (CRIS), pp. 1–8, September 2010

    Google Scholar 

  17. Han, S., Zhu, X., Mok, A.K., Chen, D., Nixon, M.: Reliable and real-time communication in industrial wireless mesh networks. In: 17th IEEE RTAS, pp. 3–12. IEEE Computer Society, USA (2011)

    Google Scholar 

  18. Kim, A.N., Hekland, F., Petersen, S., Doyle, P.: When HART goes wireless: understanding and implementing the wirelesshart standard. In: Proceedings of 13th IEEE International Conference on Emerging Technologies and Factory Automation, ETFA, Hamburg, Germany, pp. 899–907. IEEE (2008)

    Google Scholar 

  19. Song, J., Han, S., Mok, A., Chen, D., Lucas, M., Nixon, M.: Wirelesshart: applying wireless technology in real-time industrial process control. In: Real-Time and Embedded Technology and Applications Symposium, RTAS 2008, pp. 377–386, IEEE, April 2008

    Google Scholar 

  20. Alcaraz, C., Lopez, J.: A security analysis for wireless sensor mesh networks in highly critical systems. IEEE Trans. Syst. Man Cybern. Part C 40(4), 419–428 (2010)

    Article  Google Scholar 

  21. Petersen, S., Carlsen, S.: Wirelesshart versus ISA100.11a: the format war hits the factory floor. Ind. Electron. Mag. IEEE 5(4), 23–34 (2011)

    Article  Google Scholar 

  22. Raza, S., Slabbert, A., Voigt, T., Landernäs, K.: Security considerations for the wirelesshart protocol. In: Proceedings of 12th IEEE International Conference on Emerging Technologies and Factory Automation, ETFA, pp. 1–8. IEEE, Spain (2009)

    Google Scholar 

  23. Roosta, T., Nilsson, D.K., Lindqvist, U., Valdes, A.: An intrusion detection system for wireless process control systems. In: IEEE 5th International Conference on Mobile Adhoc and Sensor Systems, MASS, pp. 866–872. IEEE, USA (2008)

    Google Scholar 

  24. OMNeT++. http://www.omnetpp.org/

  25. InetManet. https://github.com/aarizaq/inetmanet-2.0

  26. IEEE 802.15.4-2006: Standard for local and metropolitan area networks-part 15.4: Low-Rate Wireless Personal Area Networks (LR-WPANs). http://www.ieee.org

Download references

Author information

Authors and Affiliations

  1. Télécom Bretagne-LabSTICC, 2 Rue de la Châtaigneraie, Césson Sévigné, France

    Lyes Bayou, Nora Cuppens-Boulahia & Frédéric Cuppens

  2. University of Western Brittany - LabSTICC, Brest, France

    David Espes

Authors
  1. Lyes Bayou
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. David Espes
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Nora Cuppens-Boulahia
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Frédéric Cuppens
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Lyes Bayou .

Editor information

Editors and Affiliations

  1. University of Piraeus, Piraeus, Greece

    Costas Lambrinoudakis

  2. Université de la Polynésie Française, Faa'a, French Polynesia

    Alban Gabillon

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing Switzerland

About this paper

Cite this paper

Bayou, L., Espes, D., Cuppens-Boulahia, N., Cuppens, F. (2016). Security Issue of WirelessHART Based SCADA Systems. In: Lambrinoudakis, C., Gabillon, A. (eds) Risks and Security of Internet and Systems. CRiSIS 2015. Lecture Notes in Computer Science(), vol 9572. Springer, Cham. https://doi.org/10.1007/978-3-319-31811-0_14

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-31811-0_14

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-31810-3

  • Online ISBN: 978-3-319-31811-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation