Security Analysis of DNP3 Protocol in SCADA System

• Published in: 2023 IEEE 13th International Conference on Control System, Computing and Engineering (ICCSCE) pp. 314 - 319
• Main Authors: Qassim, Qais Saif, Ali, Musab A. M., Tahir, Nooritawati Md
• Format: Conference Proceeding
• Language: English
• Published: IEEE 25.08.2023
• Subjects: Critical infrastructure; Cyberattacks; Industrial Control Systems; National Critical Infrastructures; Pressing; Process control; Production; Protocols; SCADA systems; Sensor systems; Vulnerabilities
• DOI: 10.1109/ICCSCE58721.2023.10237142

The safeguarding of Supervisory Control and Data Acquisition (SCADA) systems and their cyber-security have been the subject of extensive research for many years, owing to the severe ramifications that can result from their breach or compromise. SCADA is a system that facilitates the monitoring and control of physical infrastructures in industrial processes from a centralized control station. The utilization of this technology is prevalent in crucial infrastructure domains, such as the electricity, oil, and gas industries, encompassing production and distribution. The compromise of data integrity in SCADA systems through cyber-attacks, specifically the unauthorized manipulation of sensors or control signals, has the potential to disrupt the operation of critical national infrastructure significantly. Therefore, this research is intended to investigate the limitations and drawbacks of one of the commonly used communication protocols in SCADA, namely; DNP3, investigate the cyber-attacks exploiting the weaknesses of this protocol, and put forward a recommendation to protect the SCADA networks and prevent devastating consequences.