earticle

영어

SCADA networks and its protocols are developed based on reliability, availability, and speed but with no or little attention paid to security. In particular, SCADA network using Modbus protocol is designed to be inherently insecure and vulnerable to attacks. The lack of common security mechanisms in the protocol such as authentication, confidentiality and integrity must be addressed. In this paper, SCADA networks insecurity will be studied through security exploitation and monitoring. A detailed analysis of the Modbus protocol message frame formats being sent between master and slave will be discussed to expose the insecurities by design. This will enable SCADA users to find ways to fix the security flaws of the protocol and design mitigation strategies to reduce the impact of the possible attacks. This paper will also provide security mechanisms on how to protect the SCADA critical infrastructures.