Identifying Supervisory Control and Data Acquisition (SCADA) Systems on a Network via Remote Reconnaissance
Abstract
Presidential Decision Directive (PDD) 63 calls for improving the security of Supervisory Control And Data Acquisition (SCADA) and other control systems which operate the critical infrastructure of the United States. In the past, these industrial computer systems relied on security through obscurity. Recent economic and technical shifts within the controls industry have increased their vulnerability to cyber attack. Concurrently, their value as a target has been recognized by terrorist organizations and competing nation states. Network reconnaissance is a basic tool that allows computer security managers to understand their complex systems. However, existing reconnaissance tools incorporate little or no understanding of control systems. This thesis provided a conceptual analysis for the creation of a SCADA network exploration/reconnaissance tool. Several reconnaissance techniques were research and reviewed in a laboratory environment to determine their utility for SCADA system discovery. Additionally, an application framework using common non-SCADA security tools was created to provide a proof of concept. Development of a viable tool for identifying SCADA systems remotely will help improve critical infrastructure security by improving situational awareness for network managers.
Document Details
- Document Type
- Technical Report
- Publication Date
- Sep 01, 2006
- Accession Number
- ADA457371
Entities
People
- Kenneth C. Wiberg
Organizations
- Naval Postgraduate School