SKMA

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

SKMA: a key management architecture for SCADA systems

Full text

Pdf (251 KB)

Source

ACM International Conference Proceeding Series; Vol. 167 archive
Proceedings of the 2006 Australasian workshops on Grid computing and e-research - Volume 54 table of contents

Hobart, Tasmania, Australia

Pages: 183 - 192

Year of Publication: 2006

ISBN ~ ISSN:1445-1336 , 1-920-68236-8

Authors

Robert Dawson	Information Security Institute, Queensland University of Technology, Brisbane, QLD, Australia
Colin Boyd	Information Security Institute, Queensland University of Technology, Brisbane, QLD, Australia
Ed Dawson	Information Security Institute, Queensland University of Technology, Brisbane, QLD, Australia
Juan Manuel González Nieto	Information Security Institute, Queensland University of Technology, Brisbane, QLD, Australia

Publisher

Australian Computer Society, Inc. Darlinghurst, Australia, Australia

Bibliometrics

Downloads (6 Weeks): 16, Downloads (12 Months): 109, Citation Count: 0

Additional Information:

abstract references index terms collaborative colleagues

Tools and Actions:	Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

ABSTRACT

Supervisory Control And Data Acquisition (SCADA) systems are widely used in the management of critical infrastructure such as electricity and water distribution systems. Currently there is little understanding of how to best protect SCADA systems from malicious attacks. We review the constraints and requirements for SCADA security and propose a suitable architecture (SKMA) for secure SCADA communications. The architecture includes a proposed key management protocol (SKMP). We compare the architecture with a previous proposal from Sandia Labs.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	AGA 12-1 Working Group (2005), Cryptographic protection of SCADA communications, Technical Report 12-1 Draft 5 Revision 3, American Gas Association. http://www.gtiservices. org/security/; accessed 14 May, 2005.
	2	R. K. Bauer , T. A. Berson , R. J. Feiertag, A key distribution protocol using event markers, ACM Transactions on Computer Systems (TOCS), v.1 n.3, p.249-255, August 1983 [doi>10.1145/357369.357373]
	3	Beaver, C., Gallup, D., Neumann, W. & Torgerson, M. (2002), Key management for SCADA, Technical report, Sandia. http://www.sandia.gov/ scada/documents/013252.pdf; accessed 5 May, 2005.
	4	Mihir Bellare , Phillip Rogaway, Provably secure session key distribution: the three party case, Proceedings of the twenty-seventh annual ACM symposium on Theory of computing, p.57-66, May 29-June 01, 1995, Las Vegas, Nevada, United States [doi>10.1145/225058.225084]
	5	Bishop, M. (2002), Computer Security: Art and Science , Addison-Wesley, Boston, USA.
	6	Colin A. Boyd , Anish Mathuria, Protocols for Key Establishment and Authentication, Springer-Verlag New York, Inc., Secaucus, NJ, 2003
	7	Byres, E. & Lowe, J. (2004), The myths and facts behind cyber security risks for industrial control systems, in 'VDE Congress, VDE Association For Electrical, Electronic & Information Technologies', Berlin. http://brief.weburb. dk/archive/00000135/.
	8	Ulf Carlsen, Optimal privacy and authentication on a portable communications system, ACM SIGOPS Operating Systems Review, v.28 n.3, p.16-23, July 1994 [doi>10.1145/182110.182112]
	9	CERT/CC Statistics 1988-2005 (2005). http://www. cert.org/stats/cert_stats.html.
	10	Curtis, K. (2005), A DNP3 protocol primer, Technical report, DNP Users Group.
	11	Dorothy E. Denning , Giovanni Maria Sacco, Timestamps in key distribution protocols, Communications of the ACM, v.24 n.8, p.533-536, Aug. 1981 [doi>10.1145/358722.358740]
	12	IConics (2005), 'Iconics MobileHMI'. http: //www.iconics-uk.com/products/pdf/ mobilehmi_ds.pdf; accessed 22 August, 2005.
	13	IEEE Standards Board (1994), Ieee standard definition, specification, and analysis of systems used for supervisory control, data acquisition, and automatic control, Technical report, IEEE. http://ieeexplore.ieee.org/iel1/ 3389/10055/00478424.pdf; accessed 5 May, 2005.
	14	ISO (1996), Information Technology - Security Techniques - Key Management - Part 2: Mechanisms Using Symmetric Techniques ISO/IEC 11770-2. International Standard.
	15	Chris J. Mitchell, Making serial number based authentication robust against loss of state, ACM SIGOPS Operating Systems Review, v.34 n.3, p.56-59, July 2000 [doi>10.1145/506117.506124]
	16	Roger M. Needham , Michael D. Schroeder, Using encryption for authentication in large networks of computers, Communications of the ACM, v.21 n.12, p.993-999, Dec. 1978 [doi>10.1145/359657.359659]
	17	Neuman, B. C. & Ts'o, T. (1994), 'Kerberos: An authentication service for computer networks', IEEE Communications Magazine 32(9), 33-38.
	18	NIST (2003), 'Modes of operation for symmetric key block ciphers'. http://www.ecrypt.eu.org/ stream/; accessed 6 May, 2005.
	19	Adrian Perrig , Robert Szewczyk , J. D. Tygar , Victor Wen , David E. Culler, SPINS: security protocols for sensor networks, Wireless Networks, v.8 n.5, p.521-534, September 2002 [doi>10.1023/A:1016598314198]
	20	Wang, Y. & Chu, B.-T. (2004), 'sSCADA: Securing SCADA infrastructure communications', Cryptology ePrint Archive, Report 2004/265. http: //eprint.iacr.org/2004/265.pdf.