Date of Award

3-22-2012

Document Type

Thesis

Degree Name

Master of Science

Department

Department of Electrical and Computer Engineering

First Advisor

Jonathan W. Butts, PhD.

Abstract

Supervisory Control and Data Acquisition (SCADA) systems control and monitor the electric power grid, water treatment facilities, oil and gas pipelines, railways, and other Critical Infrastructure (CI). In recent years, organizations that own and operate these systems have increasingly interconnected them with their enterprise network to take advantage of cost savings and operational benefits. This trend, however, has introduced myriad vulnerabilities associated with the networking environment. As a result, the once isolated systems are now susceptible to a wide range of threats that previously did not exist. To help address the associated risks, security professionals seek to incorporate mitigation solutions designed for traditional networking and Information Technology (IT) systems. Unfortunately, the operating parameters and security principles associated with traditional IT systems do not readily translate to the SCADA environment. Security solutions for IT systems focus primarily on protecting the confidentiality of system and user data. Alternatively, SCADA systems must adhere to strict safety and reliability requirements and rely extensively on system availability. Mitigation strategies designed for traditional IT systems must first be evaluated prior to deployment on a SCADA system or risk adverse operational impacts such as a catastrophic oil spill, poisoning a water supply, or the shutdown of an electrical grid. This research evaluates the suitability of deploying a Host-Based Intrusion Detection System (IDS) to the Department of Defense SCADA fuels system. The impacts of the Host Intrusion Prevention System (HIPS) installed on the SCADA network's Human Machine Interface (HMI) is evaluated. Testing revealed that the HIPS agent interferes with the HMI's system services during startup. Once corrected, the HMI and connected SCADA network inherit the protections of the HIPS security agent and defenses associated with the Host-Based Security System.

AFIT Designator

AFIT-GCO-ENG-12-06

DTIC Accession Number

ADA557799

Download

Share

COinS