Data Object Based Security for DNP3 Over TCP/IP for Increased Utility Commercial Aspects Security

Artigo Acesso aberto

Data Object Based Security for DNP3 Over TCP/IP for Increased Utility Commercial Aspects Security

2007; Institute of Electrical and Electronics Engineers; Linguagem: Inglês

10.1109/pes.2007.386243

ISSN

2693-7891

Autores

Todd Mander, Farhad Nabhani, Lin Wang, Richard Cheung,

Tópico(s)

Power Systems and Technologies

Resumo

Potential effectiveness of cyber-attacks against utility networks using protocol DNP3 would increase rapidly, when DNP3 is employed over TCP/IP, because attacks succeed on the Internet can be used against DNP3. This becomes a critical concern for DNP3 since an outstation may be accessed from multiple masters of external networks. However, commercial Internet security does not provide applicable security since they were not designed specifically for DNP3. This paper proposes a new efficient cyber-security specifically designed for DNP3 at its interface with TCP/IP to augment utility commercial security capability. Rule-based security is implemented for the proposed cyber-security for DNP3 over TCP/IP using the function codes, data objects, and data sets from DNP3 data link layer and application layer. The rule-based security is implemented on a connection basis so that detailed security rules are specifically defined for each connection to the device.

Ver no editor

Altmetric

PlumX

Entrar

Lembrar minha senha

Receber meu e-mail de confirmação

Data Object Based Security for DNP3 Over TCP/IP for Increased Utility Commercial Aspects Security