Skip to main content
SpringerLink
Log in

Scada Malware, a Proof of Concept

  • Conference paper
Critical Information Infrastructure Security (CRITIS 2008)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5508))

Abstract

Critical Infrastructures are nowadays exposed to new kind of threats. The cause of such threats is related to the large number of new vulnerabilities and architectural weaknesses introduced by the extensive use of ICT and Network technologies into such complex critical systems. Of particular interest are the set of vulnerabilities related to the class of communication protocols normally known as “SCADA” protocols, under which fall all the communication protocols used to remotely control the RTU devices of an industrial system. In this paper we present a proof of concept of the potential effects of a set of computer malware specifically designed and created in order to impact, by taking advantage of some vulnerabilities of the ModBUS protocol, on a typical Supervisory Control and Data Acquisition system.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Dondossola, G., Masera, M., Nai Fovino, I., Szanto, J.: Effects of intentional threats to power substation control systems. International Journal of Critical Infrastructure (IJCIS) 4(1/2) (2008)

    Google Scholar 

  2. Nai Fovino, I., Masera, M., Leszczyna, R.: ICT Security Assessment of a Power Plant, a Case Study. In: Proceeding of the Second Annual IFIP Working Group 11.10 International Conference on Critical Infrastructure Protection, George Manson University, Arlington, USA (March 2008)

    Google Scholar 

  3. Huitsing, P., Chandia, R., Papa, M., Shenoi, S.: Attack Taxonomies for the Modbus Serial and TCP Protocols. In: Proceeding of the Second Annual IFIP Working Group 11.10 International Conference on Critical Infrastructure Protection, George Manson University, Arlington, USA (March 2008)

    Google Scholar 

  4. Creery, A., Byres, E.: Industrial Cybersecurity for power system and SCADA networks. IEE Industry Apllication Magazine (July-August 2007)

    Google Scholar 

  5. Chandia, R., Gonzalez, J., Kilpatrick, T., Papa, M., Shenoi, S.: Security Strategies for Scada Networks. In: Proceeding of the First Annual IFIP Working Group 11.10 International Conference on Critical Infrastructure Protection, Dartmouth College, Hanover, New Hampshire, USA, March 19-21 (2007)

    Google Scholar 

  6. Majdalawieh, M., Parisi-Presicce, F., Wijesekera, D.: Distributed Network Protocol Security (DNPSec) security framework. In: Proceedings of the 21st Annual Computer Security Applications Conference, Tucson, Arizona, December 5-9 (2005)

    Google Scholar 

  7. Hong, J.H.C.S., Ho Ju, S., Lim, Y.H., Lee, B.S., Hyun, D.H.: A Security Mechanism for Automation Control in PLC-based Networks. In: Proceedings of the ISPLC 2007. IEEE International Symposium on Power Line Communications and Its Applications, Pisa, Italy, March 26-28, pp. 466–470 (2007)

    Google Scholar 

  8. Mander, T., Nabhani, F., Wang, L., Cheung, R.: Data Object Based Security for DNP3 Over TCP/IP for Increased Utility Commercial Aspects Security. In: Proceedings of the Power Engineering Society General Meeting, Tampa, FL, USA, June 24-28, pp. 1–8. IEEE, Los Alamitos (2007)

    Google Scholar 

  9. Jones, A., Ashenden, D.: Risk Management for Computer Security: Protecting Your Network & Information Assets. Elsevier, Amsterdam (2005)

    Google Scholar 

  10. Alhazmi, O., Malaiya, Y., Ray, I.: Security Vulnerabilities in Software Systems: A Quantitative Perspective. In: Jajodia, S., Wijesekera, D. (eds.) Data and Applications Security 2005. LNCS, vol. 3654, pp. 281–294. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  11. Bishop, M.: Computer Security Art and Science. Addison Wesley, Reading (2004)

    Google Scholar 

  12. http://www.modbus.org/

  13. Leszczyna, R., Nai Fovino, I., Masera, M.: MAlSim. Mobile Agent Malware Simulator. In: Proceeding of the First International Conference on Simulation Tools and Techniques for Communications, Networks and Systems, Marseille (2008)

    Google Scholar 

  14. Leszczyna, R., Nai Fovino, I., Masera, M.: Simulating Malware with MAlSim. In: Proceeding of the 17th EICAR Annual Conference 2008, Laval, France (2008)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute for the Protection and the Security of the Citizen, Joint Research Centre, European Commission, via E. Fermi 1, Ispra, 21027, VA, Italy

    Andrea Carcano, Igor Nai Fovino & Marcelo Masera

  2. Department of Computer Science, University of Insubria, Via H.J. Dunant 3, 21100, Varese, Italy

    Alberto Trombetta

Authors
  1. Andrea Carcano
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Igor Nai Fovino
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Marcelo Masera
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Alberto Trombetta
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Complex Systems & Security Lab, University CAMPUS Bio-Medico of Roma, Italy

    Roberto Setola

  2. IABG mbH Germany, InfoCom, Safety and Security, Dept. for Critical Infrastructures, Einsteinstr. 20, 855211, Ottobrunn, Germany

    Stefan Geretshuber

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Carcano, A., Fovino, I.N., Masera, M., Trombetta, A. (2009). Scada Malware, a Proof of Concept. In: Setola, R., Geretshuber, S. (eds) Critical Information Infrastructure Security. CRITIS 2008. Lecture Notes in Computer Science, vol 5508. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-03552-4_19

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-03552-4_19

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-03551-7

  • Online ISBN: 978-3-642-03552-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation