An Efficient Key Management and Multi-layered Security Framework for SCADA Systems

Darshana Upadhyay, Marzia Zaman, Rohit Joshi, Srinivas Sampalli
2021 IEEE Transactions on Network and Service Management  
Supervisory Control and Data Acquisition (SCADA) networks play a vital role in industrial control systems. Industrial organizations perform operations remotely through SCADA systems to accelerate their processes. However, this enhancement in network capabilities comes at the cost of exposing the systems to cyber-attacks. Consequently, effective solutions are required to secure industrial infrastructure as cyber-attacks on SCADA systems can have severe financial and/or safety implications.
more » ... er, SCADA field devices are equipped with microcontrollers for processing information and have limited computational power and resources. This makes the deployment of sophisticated security features challenging. As a result, effective lightweight cryptography solutions are needed to strengthen the security of industrial plants against cyber threats. In this paper, we have proposed a multi-layered framework by combining both symmetric and asymmetric key cryptographic techniques to ensure high availability, integrity, confidentiality, authentication and scalability. Further, an efficient session key management mechanism is proposed by merging random number generation with a hashed message authentication code. Moreover, for each session, we have introduced three symmetric key cryptography techniques based on the concept of Vernam cipher and a preshared session key, namely, random prime number generator, prime counter, and hash chaining. The proposed scheme satisfies the SCADA requirements of real-time request response mechanism by supporting broadcast, multicast, and point to point communication. Index Terms-SCADA Systems, random number generator, symmetric key cryptography, public key algorithm, cyber security, network attacks, key management itoring and system control [6] . Large SCADA networks such as those on a power plant requires hundreds of field devices and dedicated subsystems to reduce the load on the centralized server [2] . SCADA communication messages have sensitive information as they are used to monitor and control the plant floor devices. For example, in water and sewage systems, the communication messages are used to raise and lower water tank levels or open and close the safety valves. Since, these control devices are operated and monitored remotely, they can make them high-value targets for attackers to launch various cyber-attacks that can compromise the control systems, communication, and emergency services. Consequently, one of the critical aspects of the SCADA systems is secure transmission of messages so that they cannot be tampered during the communication. Moreover, the SCADA devices must authenticated and maintain confidentiality of the information during the transmission so that no interceptor can misuse the system. In the last few years, many key management techniques have been published to secure SCADA communication, namely, SCADA key establishment (SKE), SCADA Key Management Architecture (SKMA), Advanced SCADA Key Management Architecture (ASKMA), Hybrid Key Management Architecture (HKMA) and Advanced Hybrid SCADA Key Management Architecture (AHSKMA), Limited Self-Healing key distribution (LiSH) [7], [8], [9], [10], [11], [12]. These techniques fall under two main categories, namely, centralized key management and decentralized key management schemes. Moreover, each of these categories uses three approaches to generate and extract the session key, namely, symmetric, asymmetric, and hybrid approach. The drawback of the centralized scheme is that if the key distribution center (KDC) is down, the communication is cut off, which is not acceptable in SCADA systems. In a decentralized approach, the keys are created using keying material and may only affect the single communication link in case of a breakdown. Moreover, the symmetric key based approach is efficient in terms of message integrity and high availability but does not provide authentication and confidentiality. On the other end, asymmetric key provides message integrity, authentication, and privacy but may compromise availability. Hence, hybrid techniques are more suitable for SCADA systems. Few key management techniques have been proposed using hybrid methods. For example, Rezai et al. [10] propose an advanced Hybrid key management architecture (HSKMA), which improves the key management architecture proposed by Choi et al. [11]. However, it uses a centralized KDC to distribute the keys. Moreover, the communication between the MTU and the sub-MTU is established using Elliptic-Curve Cryptography (ECC) based asymmetric key cryptography while the sub-MTU and the RTU communicate using Rivest-Shamir-Adleman (RSA) asymmetric key cryptography. The same approach has been used to enhance the scheme proposed by Rezai et al. [13] using a decentralized system in [9] . In this scheme, the master keys are refreshed using ECC and symmetric cryptography is used for encryption, decryption, and session key updates. However, this scheme does not validate the message integrity and authentication. Moreover, This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/ This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information:
doi:10.1109/tnsm.2021.3104531 fatcat:w4e4vyx6ijc45mskgnbhyboqzq