Security Analysis of DNP3 Protocol in SCADA System

• Published in: Proceedings - 13th IEEE International Conference on Control System, Computing and Engineering, ICCSCE 2023
• Main Author: Qassim Q.S.; Ali M.A.M.; Tahir N.M.
• Format: Conference paper
• Language: English
• Published: Institute of Electrical and Electronics Engineers Inc. 2023
• Online Access: https://www.scopus.com/inward/record.uri?eid=2-s2.0-85172901789&doi=10.1109%2fICCSCE58721.2023.10237142&partnerID=40&md5=493ff4901342c649d827d4cc2b660276

The safeguarding of Supervisory Control and Data Acquisition (SCADA) systems and their cyber-security have been the subject of extensive research for many years, owing to the severe ramifications that can result from their breach or compromise. SCADA is a system that facilitates the monitoring and control of physical infrastructures in industrial processes from a centralized control station. The utilization of this technology is prevalent in crucial infrastructure domains, such as the electricity, oil, and gas industries, encompassing production and distribution. The compromise of data integrity in SCADA systems through cyber-attacks, specifically the unauthorized manipulation of sensors or control signals, has the potential to disrupt the operation of critical national infrastructure significantly. Therefore, this research is intended to investigate the limitations and drawbacks of one of the commonly used communication protocols in SCADA, namely; DNP3, investigate the cyber-attacks exploiting the weaknesses of this protocol, and put forward a recommendation to protect the SCADA networks and prevent devastating consequences. © 2023 IEEE.