Skip to main content
SpringerLink
Log in

Investigating the Effect of Network Parameters on Coordinated Cyber Attacks against a Simulated Power Plant

  • Conference paper
Book cover Critical Information Infrastructure Security (CRITIS 2011)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6983))

Abstract

The fact that modern Networked Industrial Control Systems (NICS) depend on Information and Communication Technologies (ICT), is well known. Although many studies have focused on the security of these systems, today we still lack the proper understanding of the effects that cyber attacks have on NICS. In this paper we use our previously developed framework to study the effects of network parameters, i.e. delay, packet losses and background traffic, on coordinated cyber attacks against NICS. Coordinated attacks rely on several infected hosts to disrupt the normal functionality of the system. Within the context of NICS we consider multiple infected control hardware, a highly similar setting to the recently reported Stuxnet worm, the first malware specifically designed to attack NICS. Furthermore, we assume that the coordinator is located outside the system, in the Internet, from where it launches attacks by sending packets to each infected control hardware. The main goal of the attacker is to bring the physical process into a critical state, i.e. dangerous, or more generally unwanted state of the system. For the physical process we used the Boiling Water Power Plant (BWPP) model developed by Bell and Åström.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 49.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Nai Fovino, I., Carcano, A., Masera, M., Trombetta, A.: An experimental investigation of malware attacks on SCADA systems. International Journal of Critical Infrastructure Protection 2(4), 139–145 (2009)

    Article  Google Scholar 

  2. East, S., Butts, J., Papa, M., Shenoi, S.: A Taxonomy of Attacks on the DNP3 Protocol. In: Palmer, C., Shenoi, S. (eds.) Critical Infrastructure Protection III. IFIP AICT, vol. 311, pp. 67–81. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  3. The Symantec Stuxnet Dossier (2010), http://www.wired.com/images_blogs/threatlevel/2010/11/w32_stuxnet_dossier.pdf

  4. Tan, Y., Sengupta, S., Subbalakshmi, K.P.: Analysis of Coordinated Denial-of-Service Attacks in IEEE 802.22 Networks. IEEE JSAC Special Issue on Cognitive Radio Networking and Communications 29(4), 890–902 (2011)

    Google Scholar 

  5. Botnet Twitter Attack (2009), http://www.usatoday.com/tech/news/2009-08-06-twitter-attack_N.htm

  6. Genge, B., Siaterlis, C., Nai Fovino, I., Masera, M.: A Cyber-Physical Experimentation Environment for the Security Analysis of Networked Industrial Control Systems. Computers and Electrical Engineering 38(5), 1146–1161 (2012)

    Article  Google Scholar 

  7. Nai Fovino, I., Masera, M., Guglielmi, M., Carcano, A., Trombetta, A.: Distributed Intrusion Detection System for SCADA Protocols. In: Moore, T., Shenoi, S. (eds.) Critical Infrastructure Protection IV. IFIP AICT, vol. 342, pp. 95–110. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  8. White, B., Lepreau, J., Stoller, L., Ricci, R., Guruprasad, S., Newbold, M., Hibler, M., Barb, C., Joglekar, A.: An integrated experimental environment for distributed systems and networks. In: Proc. of the Fifth Symposium on Operating Systems Design and Implementation, pp. 255–270 (2002)

    Google Scholar 

  9. Bell, R.D., Åström, K.J.: Dynamic models for boiler-turbine alternator units: data logs and parameter estimation for a 160MW unit. Lundt Institute of Technology. Report TFRT–3192, Sweden (1987)

    Google Scholar 

  10. Queiroz, C., Mahmood, A., Hu, J., Tari, Z., Yu, X.: Building a SCADA Security Testbed. In: Proc. 3rd NSS, pp. 357–364 (2009)

    Google Scholar 

  11. Davis, C.M., Tate, J.E., Okhravi, H., Grier, C., Overbye, T.J., Nicol, D.: SCADA Cyber Security Testbed Development. In: Proc. NAPS, pp. 483–488 (2006)

    Google Scholar 

  12. Chabukswar, R., Sinopoli, B., Karsai, G., Giani, A., Neema, H., Davis, A.: Simulation of Network Attacks on SCADA Systems. First WSCS (April 2010)

    Google Scholar 

  13. Nai Fovino, I., Masera, M., Guidi, L., Carpi, G.: An Experimental Platform for Assessing SCADA Vulnerabilities and Countermeasures in Power Plants. In: Proc. HSI, pp. 679–686 (2010)

    Google Scholar 

  14. Cárdenas, A., Amin, S., Lin, Z.S., Huang, Y.L., Huang, C.Y., Sastry, S.: Attacks Against Process Control Systems: Risk Assessment, Detection, and Response. In: Proc. ASIACCS, pp. 355–366 (2011)

    Google Scholar 

  15. Google Aurora attack (2010), http://www.wired.com/threatlevel/2010/01/operation-aurora/

Download references

Author information

Authors and Affiliations

  1. Joint Research Centre, European Commission, Institute for the Protection and Security of the Citizen, Via E. Fermi, 2749, Ispra, VA, 21027, Italy

    Béla Genge & Christos Siaterlis

Authors
  1. Béla Genge
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Christos Siaterlis
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. ENEA, Via Anguillarese 301, S. Maria di Galeria, 00060, Rome, Italy

    Sandro Bologna

  2. Acris GmbH, Bodenhofstr. 29, 6005, Luzern, Switzerland

    Bernhard Hämmerli

  3. Dept. of Informatics, Athens University of Economics and Business, 47 Evelpidon Str., 113 62, Athens, Greece

    Dimitris Gritzalis

  4. Dept. of Mathematics, Royal Holloway, University of London, TW20 0EX, Egham, UK

    Stephen Wolthusen

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Genge, B., Siaterlis, C. (2013). Investigating the Effect of Network Parameters on Coordinated Cyber Attacks against a Simulated Power Plant. In: Bologna, S., Hämmerli, B., Gritzalis, D., Wolthusen, S. (eds) Critical Information Infrastructure Security. CRITIS 2011. Lecture Notes in Computer Science, vol 6983. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-41476-3_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-41476-3_12

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-41475-6

  • Online ISBN: 978-3-642-41476-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation