Paper Authors

Abstract

NOTE: The first page of text has been automatically extracted and included below in lieu of an abstract

Session 2220

Supervisory Control And Data Acquisition Security Experience

R. Lessard, R. Goodrich, J. Beneat, S. Fitzhugh

Norwich University

Abstract

Supervisory Control And Data Acquisition (SCADA) systems are deployed in power and communication utility, transportation, and financial infrastructures. These infrastructures are potential targets of cyber-terrorism and protecting critical infrastructures against terrorist attacks is a national and international priority. Norwich University’s first year “Professional Projects” course sequence is designed to give computer and electrical engineering students their an awareness of the impact of technology on society. This is also their first experience with National Instruments’ LabVIEW in an instrume ntation and control application, and the SCADA system application illustrates the concepts of network-based computer systems. Students develop a SCADA system representative of a municipal water system using LabVIEW software and experiment with a simulated cyber attack. RoboLab-based programs for autonomous Lego Mindstorm robots to compete in intramural versions of the Trinity College Home Fire Fighting and RoboCup Jr competitions are used introduce LabVIEW programming techniques and the instrumentation and control issues they later apply to the SCADA problem solution. This experience also gives them a first understanding of an Artificial Intelligence_(AI) application. AI is beginning to find application in protecting SCADA systems against a cyber-based attack. The students complete a series of step-by-step instructions based on LabVIEW SCADA templates and laboratory documentation that were developed during the summer of 2003 under an NSA Grant. An attack simulation, limited to spoofing a rogue Master Terminal Unit (MTU) within the SCADA system, is conducted on the wired network. Development of an isolated wireless network used to further demonstrate denial of service, information tampering, and operating system (buffer overflow) attacks is discussed.

I. Introduction

A Supervisory Control And Data Acquisition_(SCADA) system is introduced for municipal water distribution system. Using commercial and affordable software, students develop a simple simulated version of a single pump/tank system that works over the network. A few vulnerabilities are discussed, and a simple demonstration is illustrated. The part that distributed artificial intelligence might play in protecting SCADA systems against cyber attack is also discussed. Robotic competitions earlier in the student experience were used to help the students understand the concepts of artificial intelligence.

"Proceedings of the 2004 American Society for Engineering Education Annual Conference & Exposition Copyright © 2004, American Society for Engineering Education"

• Citation

• Format
  • APA
  • APA - LaTeX bibitem
  • MLA
  • MLA - LaTeX bibitem
  • Bibtex
  • EndNote - RIS

Fitzhugh, S., & Goodrich, R., & Lessard, R., & Beneat, J. (2004, June), Supervisory Control And Data Acquisition Security Experience Paper presented at 2004 Annual Conference, Salt Lake City, Utah. 10.18260/1-2--12778