【 摘 要 】

Inter Control Center Communication Protocol (ICCP) plays a critical role in the Supervisory Control and Data Acquisition (SCADA) architecture by allowing utilities to exchange data in real time. Given the critical nature of ICCP, security of ICCP is of paramount importance to power community. However, the present state of ICCP security can be best described as an afterthought. The protocol itselfdoes not provide strong authentication and authorization primitives. Furthermore, like many other protocols, interpretation of ICCP's standards is subject to user's interpretation and can aggravate the security situation if not interpreted and implemented in a uniform manner. In this work we undertake the task of formalizing parts of ICCP protocol and analyze and address the potential security issues found within those parts. We develop model of the protocol in a model checking tool called UPPAAL and then use Computation Tree Logic (CTL) properties over this model to see if they are valid. Once a problem is identified, we design a checker that can detect exploitation of the identified vulnerabilities. The soundness of these checkers is then verified by validating properties on the system in conjunction with this new checker.

【 预 览 】

附件列表

Files	Size	Format	View
Security analysis of inter control center communication protocol using model checking	438KB	PDF	download