SCADA communication protocols: vulnerabilities, attacks and possible mitigations

Abstract

Current hierarchical SCADA systems uses communication protocols which aren’t having the inbuilt security mechanism. This lack of security mechanism will help attackers to sabotage the SCADA system. However, to cripple down the SCADA systems completely coordinated communication channel attacks can be performed. IEC 60870-5-101 and IEC 60870-5-104 protocols are widely used in current SCADA systems in power utilities sector. These protocols are lacking in the application layer and the data link layer security. Application layer security is necessary to protect the SCADA systems from Spoofing and Non-Repudiation attacks. Data link layer security is necessary to protect the systems from the Sniffing, Data modification and Replay attacks. IEC 60870-5-101 & 104 communication protocol vulnerabilities and their exploitation by coordinated attacks are explained in this paper. Proposed experimental research model can be used to mitigate the attacks at application layer and data link layer by adopting the IEC 62351 standards.