Browse > Article
http://dx.doi.org/10.3745/KIPSTC.2009.16-C.1.37

Advanced Key Management Architecture Based on Tree Structure for Secure SCADA Communications  

Choi, Dong-Hyun (성균관대학교 휴대폰학과)
Lee, Sung-Jin (성균관대학교 휴대폰학과)
Jeong, Han-Jae (성균관대학교 휴대폰학과)
Kang, Dong-Joo (한국전기연구원 연구원)
Kim, Hak-Man (인천시립대학 전기과)
Kim, Kyung-Sin (인덕대학 인터넷TV방송과)
Won, Dong-Ho (성균관대학교 정보통신공학부)
Kim, Seung-Joo (성균관대학교 정보통신공학부)
Publication Information
The KIPS Transactions:PartC / v.16C, no.1, 2009 , pp. 37-50 More about this Journal
Abstract
The SCADA(Supervisory Control And Data Acquisition) system is a control system for infrastructure of nation. In the past, the SCADA system was designed without security function because of its closed operating environment. However, the security of the SCADA system has become an issue with connection to the open network caused by improved technology. In this paper we review the constraints and security requirements for SCADA system and propose advanced key management architecture for secure SCADA communications. The contributions of the present work are that our scheme support both message broadcasting and secure communications, while the existing key management schemes for SCADA system don't support message broadcasting. Moreover, by evenly spreading much of the total amount of computation across high power nodes (MTU or SUB-MTU), our protocol avoids any potential performance bottleneck of the system while keeping the burden on low power (RTU) nodes at minimal.
Keywords
SCADA; Key Management; Security; LKH;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 H. Harney, E. Harder, “Logical Key Hierachy Protocol,” Internet Draft(work in progress), draft-harney-spartr-lkhpsec-00.txt, Internet Engeneering Task Force, Mar. 1999
2 GAO, “Critical Infrastructure Protection : Challenge and Efforts to Secure Control Systems,” http://www.gao.gov, Mar., 2004
3 Cheryl Beaver, Donald Gallup, Willian Neumann, Mark Torgerson, “Key Management for SCADA,” Sandia, http://www.sandia.org/scada/documnets/013252.pdf;, Mar. 2002
4 김인중, 정윤정, 고재영, 원동호, “중요핵심시설(SCADA)에 대한 보안 관리 연구”, 한국통신학회논문지 Vol.30 No.8C, pp.838-848, 2005   과학기술학회마을
5 Curts, K. “A DNP3 protocol primer,” Technical report, DNP User Group, 2005
6 Robert Dawson, Colin Boyd, Ed Dawson, Juan Manuel Gonzalez Nieto, “SKMA - A Key Management Architecture for SCADA Systems,” In Proc. Fourth Australasian Information Security Workshop, Vol. 54, pp.138-192, 2006
7 Marcel Waldvogel, ”The VersaKey Framework: Versatile Group Key Management,” IEEE JSAC, Vol.17, No.9, Sept., 1999   DOI   ScienceOn
8 K. Stouffer, J. Falco and K. Kent, Guide to Supervisory Control and Initial Public Draft, National Institute of Standards and Technology, Gaithersburg, Maryland
9 IEEE Standards Board, “IEEE standard definition, specification, and analysis of systems used for supervisory control, data acquisition, and automatic control”, Technical report, IEEE. http://ieeexplore.ieee.org/iel1/3389/10055/00478424.pdf, March 1994
10 Information Technology - Security Techniques - Key Management - Part 2: Mechani는 Using Symmetric Techniques ISO/IEC 11770-2 International Standard, 1996
11 Vinay M. Igure, Sean A. Laughter, Ronald D. Williams, “Security issues in SCADA networks,” Computers & Security 25, pp.498-506, 2006   DOI   ScienceOn
12 American Petroleum Institute, “API 1164: Pipeline SCADA Security,” Washington, DC, 2004
13 Roberto Di Pietro, Luigi V. Mancini, Sushil Jajodia, “Efficient and Secure Keys Management for Wireless Mobile Communications,” Proceedings of the second ACM international workshop on Principles of mobile computing, pp.66-73, 2002   DOI
14 Instrumentation systems and Automation Society, “Integrating Electronic Security into the manufacturing and Control Systems Environment,” ANSI/ISA-TR99.00.02-2004, Research Triangle Park, North Carolina, 2004
15 National Institute of Standards and Technology, “System Protection Profile - Industrial Control Systems v1.0,” Gaithersburg, Maryland, 2004
16 American Gas Association, “Cryptographic Protection of SCADA Communications; Part2: Retrofit Link Encryption for Asynchronous Serial Communications,” AGA Report No. 12 (Part 2), Draft, 2005
17 Information Technology Laboratory, National Institute of Standards and Technology “Security Requirements for Cryptographic Modules,” FIPS PUB 140-1, 1994
18 Chung Kei Wong, Hohamed Gouda, Simon S. Lam, “Secure Group Communications Using Key Graphs,” Proceedings of the ACM SIGCOMM '98 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication, pp.68-79, 1998
19 American Gas Association, “Cryptographic protection of SCADA communications Part 1: Background, Policies and Test Plan,” Technical Report 12-1 Draft 5 revision 3, American Gas Assocation. http://www.gtiservice.org/security/; 2005
20 S. Mittra, “Iolus: A Framework for Scalable Secure Multicasting,” Proc. ACM SIGCOMM'97, pp.277-88, 1997   DOI
21 Instrumentation systems and Automation Society, “Security Technologies for Industrial Automation and Control Systems,” ANSI/ISA-TR99.00.01-2007, Research Triangle Park, North Carolina, 2007