Formal modelling and analysis of DNP3 secure authentication

Formal modelling and analysis of DNP3 secure authentication

Supervisory Control and Data Acquisition (SCADA) systems are one of the key foundations of smart grids. The Distributed Network Protocol version 3 (DNP3) is a standard SCADA protocol designed to facilitate communications in substations and smart grid nodes. The protocol is embedded with a security m...

Full description

Saved in:
Bibliographic Details
Published in:Journal of network and computer applications Vol. 59; pp. 345 - 360
Main Authors: Amoah, Raphael, Camtepe, Seyit, Foo, Ernest
Format: Journal Article
Language:English
Published: Elsevier Ltd 01-01-2016
Subjects:
CPN
DNP3
DNP3-SA
Formal methods
SCADA
Smart grid
CPN
Formal methods
Smart grid
DNP3
DNP3-SA
SCADA
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Supervisory Control and Data Acquisition (SCADA) systems are one of the key foundations of smart grids. The Distributed Network Protocol version 3 (DNP3) is a standard SCADA protocol designed to facilitate communications in substations and smart grid nodes. The protocol is embedded with a security mechanism called Secure Authentication (DNP3-SA). This mechanism ensures that end-to-end communication security is provided in substations. This paper presents a formal model for the behavioural analysis of DNP3-SA using Coloured Petri Nets (CPN). Our DNP3-SA CPN model is capable of testing and verifying various attack scenarios: modification, replay and spoofing, combined complex attack and mitigation strategies. Using the model has revealed a previously unidentified flaw in the DNP3-SA protocol that can be exploited by an attacker that has access to the network interconnecting DNP3 devices. An attacker can launch a successful attack on an outstation without possessing the pre-shared keys by replaying a previously authenticated command with arbitrary parameters. We propose an update to the DNP3-SA protocol that removes the flaw and prevents such attacks. The update is validated and verified using our CPN model proving the effectiveness of the model and importance of the formal protocol analysis.
ISSN:1084-8045
1095-8592
DOI:10.1016/j.jnca.2015.05.015