A Case Study Assessing the Effects of Cyber Attacks on a River Zonal Dispatcher

  • Ronald Joseph WrightEmail author
  • Ken Keefe
  • Brett Feddersen
  • William H. Sanders
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10242)


A river zonal dispatcher is a system that sends collected environmental data to a national dispatcher and sends warnings in case of danger (such as flooding of river basins). If the system fails to function normally, warnings may cease, putting lives and property in serious peril. We have examined the security of a river zonal dispatcher using the ADVISE modeling formalism in the Möbius modeling tool. This work both illustrates the usefulness of ADVISE in choosing among alternative approaches to system security and provides a quantitative evaluation of the dispatcher itself. In doing so, it shows whether intrusion detection systems (IDSes) make a difference in the behavior of an adversary, and which path of attack is most attractive to particular types of adversaries.


Control systems security Quantitative security metrics State-based security model Discrete event simulation 



The work described here was performed, in part, with funding from the Department of Homeland Security under contract HSHQDC-13-C-B0014, “Practical Metrics for Enterprise Security Engineering.” The authors would also like to thank Jenny Applequist for her editorial efforts.


  1. 1.
    Gao, W., Morris, T., Reaves, B., Richey, D.: On SCADA control system command and response injection and intrusion detection. In: Proceedings of the 2010 eCrime Researchers Summit (eCrime), pp. 1–9, October 2010Google Scholar
  2. 2.
    LeMay, E., Ford, M., Keefe, K., Sanders, W., Muehrcke, C.: Model-based security metrics using ADversary VIew Security Evaluation (ADVISE). In: Proceedings of the 2011 Eighth International Conference on Quantitative Evaluation of Systems (QEST), pp. 191–200, September 2011Google Scholar
  3. 3.
    LeMay, E.: Adversary-driven state-based system security evaluation. Ph.D. thesis, University of Illinois at Urbana-Champaign, Urbana, IL (2011).
  4. 4.
    Meyer, J.F., Movaghar, A., Sanders, W.H.: Stochastic activity networks: structure, behavior, and application. In: Proceedings of the International Conference on Timed Petri Nets, Torino, Italy, pp. 106–115, July 1985Google Scholar
  5. 5.
    Modbus: Modbus application protocol specification v1.1b3, April 2012.
  6. 6.
    Morris, T.H., Gao, W.: Industrial control system cyber attacks. In: Proceedings of the 1st International Symposium on ICS & SCADA Cyber Security Research 2013, ICS-CSR 2013, pp. 22–29. BCS, UK (2013)Google Scholar
  7. 7.
    Stoian, I., Ignat, S., Capatina, D., Ghiran, O.: Security and intrusion detection on critical SCADA systems for water management. In: Proceedings of the 2014 IEEE International Conference on Automation, Quality and Testing, Robotics, pp. 1–6, May 2014Google Scholar
  8. 8.
    Tenable Network Security Inc.: Modicon Modbus/TCP programming function code access (2016).
  9. 9.
    U.S. Department of Homeland Security: Dams sector-specific plan: an annex to the national infrastructure protection plan (2010).
  10. 10.
    U.S. Department of Homeland Security: Dams Sector (2015).
  11. 11.
    U.S. Department of Homeland Security: National infrastructure protection plan: dams sector, August 2015.
  12. 12.
    U.S. Environmental Protection Agency: Cyber security 101 for water utilities, July 2012.
  13. 13.
    Zhu, B., Joseph, A., Sastry, S.: A taxonomy of cyber attacks on SCADA systems. In: Proceedings of the 2011 International Conference on Internet of Things and 4th International Conference on Cyber, Physical and Social Computing, pp. 380–388 (2011)Google Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Ronald Joseph Wright
    • 1
    Email author
  • Ken Keefe
    • 2
  • Brett Feddersen
    • 2
  • William H. Sanders
    • 1
  1. 1.Department of Electrical and Computer EngineeringUniversity of Illinois at Urbana-ChampaignUrbanaUSA
  2. 2.Information Trust InstituteUniversity of Illinois at Urbana-ChampaignUrbanaUSA

Personalised recommendations