Abstract
Applications for developed Supervisory Control And Data Acquisition (SCADA) protocols in several domains, particularly the energy sector, must satisfy hard real-time constraints to ensure the safety of the systems they are deployed on. These systems are highly sensitive to Quality of Service (QoS) violations, but it is not always clear whether a compliant implementation will satisfy the stated QoS in the standard. This paper proposes a framework for studying a protocol’s QoS properties based on a queuing network approach that offers a number of advantages over state machine or model-checking approaches. The authors describe the framework as an instance of a network of M/M/1/K of queues with the block-after-service discipline to allow for the analysis of probabilistic
packet flows in valid protocol runs. This framework allows for the study of denial of service (DoS), performance degradation, and de-synchronisation attacks. The model is validated by a tool allowing automation of queue network analysis and is used to demonstrate a possible breach of the QoS guarantees of the ISO/IEC 61850-7-2 substation automation standard with a de-synchronisation attack.
packet flows in valid protocol runs. This framework allows for the study of denial of service (DoS), performance degradation, and de-synchronisation attacks. The model is validated by a tool allowing automation of queue network analysis and is used to demonstrate a possible breach of the QoS guarantees of the ISO/IEC 61850-7-2 substation automation standard with a de-synchronisation attack.
Original language | English |
---|---|
Title of host publication | Proceedings of the 12th International Conference on Critical Information Infrastructures Security (CRITIS 2017) |
Publisher | Springer-Verlag |
Pages | 131-143 |
Number of pages | 13 |
ISBN (Electronic) | 978-3-319-99843-5 |
ISBN (Print) | 978-3-319-99842-8 |
DOIs | |
Publication status | Published - 9 Sept 2018 |
Publication series
Name | Lecture Notes in Computer Science |
---|---|
Publisher | Springer-Verlag |
Volume | 10707 |
Keywords
- Queue Networks, ISO/IEC 61850, Quality of Service, Protocol Analysis, De-synchronisation Attack