Elsevier

Ad Hoc Networks

Volume 11, Issue 3, May 2013, Pages 1091-1104
Ad Hoc Networks

Security of industrial sensor network-based remote substations in the context of the Internet of Things

https://doi.org/10.1016/j.adhoc.2012.12.001Get rights and content

Abstract

The main objective of remote substations is to provide the central system with sensitive information from critical infrastructures, such as generation, distribution or transmission power systems. Wireless sensor networks have been recently applied in this particular context due to their attractive services and inherent benefits, such as simplicity, reliability and cost savings. However, as the number of control and data acquisition systems that use the Internet infrastructure to connect to substations increases, it is necessary to consider what connectivity model the sensor infrastructure should follow: either completely isolated from the Internet or integrated with it as part of the Internet of Things paradigm. This paper therefore addresses this question by providing a thorough analysis of both security requirements and infrastructural requirements corresponding to all those TCP/IP integration strategies that can be applicable to networks with constrained computational resources.

Introduction

The introduction of new technologies and different types of communication systems (Information and Communication Technologies, ICT) in industrial control networks have given rise to new and important advances in the automation and control processes. A particular case is the Supervisory Control and Data Acquisition (SCADA) system, which uses new technologies to monitor in real-time many of the Critical Infrastructures (CIs) deployed in our society, such as energy systems, transport systems or oil/water distribution systems. In particular, Internet connectivity is in high demand as it offers global connectivity and communication, irrespective of the physical location of devices; either industrial engineering devices or communication components.

Fig. 1 depicts a current SCADA system [1], [2], where authenticated human operators are authorized to read and manage data streams transmitted by substations. A remote substation is composed of automated electronic devices, known as Remote Terminal Units (RTUs), which are able to collect, manage and resend sensitive data (e.g. temperature, pressure or voltage) received from their sensors to the central system. On the other hand, Fig. 1 also shows how the substations have evolved quickly, trying to adapt new technologies; standing out from among them, Wireless Sensor Networks (WSNs), which are based on industrial sensor nodes and are able to offer control services as an RTU but with a low installation and maintenance cost. Said sensor nodes can be configured in remote substations to supervise, at first level, the natural state of deployed CIs, such as industrial pipelines with water, oil or fuel, as well as electricity pylons or generators. However, current communication standards for this type of technology only contemplate local connectivity, significantly reducing its functionalities out in the field. For this reason, both industry and scientific communities are trying to offer remote control and data acquisition through different types of ICTs. As a result, a new paradigm starts to emerge in the context of CI, the Internet of Things (IoT).

The IoT consists of large heterogeneous and interconnected ICT infrastructures, where the Internet, services and physical objects (‘Things’) play an important role in the control and automation processes. For example, in an industrial context, these things could be industrial sensor nodes, actuators, smart meters, pole-top devices, Radio-Frequency Identification (RFID) tags, Personal Digital Assistants (PDAs), and any other automation devices, such as RTUs [3]. Focusing on WSNs, their sensor nodes will create an autonomous and intelligent virtual layer over the physical environment of remote substations, providing information about the state of the real world that can be accessed from anywhere at any-time. This interaction can be achieved by using many different types of integration strategies: From sensor nodes implementing the TCP/IP stack and becoming fully-fledged citizens of the Internet to capillary networks that maintain their independence, while using Internet servers as interfaces to external entities.

However, it is necessary to study whether the security requirements of critical systems can be fulfilled in this upcoming networks or not. In fact, there are no studies in the literature that provide a systematic analysis of which strategies should be used in the integration of industrial WSNs in the IoT. The purpose of this paper is to provide a basis to try and respond to all these questions; analyzing the security and infrastructural requirements of industrial WSNs connected to the Internet, and discussing the suitability of the integration strategies that will realize the vision of ubiquitous management in the area of control and industrial networks.

The paper is organized as follows. In Section 2, we introduce the advances in remote substation technologies in terms of hardware devices and TCP/IP connectivity. Section 3 explains how the Internet and Wireless connectivity is changing the landscape of industrial control networks. Section 4 describes both the integration strategies and the requirements that have to be considered for achieving a secure integration. Finally, Section 5 provides an analysis of the integration between WSNs and the Internet in the context of control networks taking into account the previously mentioned requirements. Section 6 concludes the paper and outlines future work.

Section snippets

Advances in remote substations and communication protocols

The hardware and software (HW/SW) capabilities of RTUs in remote substations have significantly evolved in recent times [4]. In 1970, RTUs used 8-bit microprocessors with limited memory (e.g. 4–16 KB) and processing power. Later, faster microprocessors, math co-processors and larger memories increased their intelligence and autonomy. By the 1980s, serial interfaces with advanced I/O functions and operational software were supported; and from the end of the 1990s to the present, RTUs have

Internet as a global solution

The adaptation of ICTs and their application for CIs are bringing new and interesting challenges to the industrial sector. Researchers and engineers in particular are actively working in this field in order to analyze and develop constructive Internet-based or web-based SCADA solutions, and in doing this improve automation processes in terms of operational time [18]. This improvement includes monitoring and supervision at all times irrespective of geographic locations, in addition to

Industrial WSN requirements and integration strategies

In order to provide their services, industrial wireless sensors could greatly benefit from being integrated into the envisioned IoT. Collaboration and critical data aggregation between geographically dispersed sensors could be enhanced providing more reliable and accurate information. Moreover, system operators and also end-users (with restricted privileges) could benefit from anywhere real-time access to infrastructure data with reduced system costs. However, as there are many integration

Analysis of integration mechanisms

Once we have introduced the integration strategies and the requirements of industrial WSNs, we should be able to tackle these two questions: (i) What are the specific advantages and disadvantages of every integration strategy in the context of industrial WSNs?; and (ii) Which strategy should I choose for a particular deployment? In the following paragraphs we will answer the first question by discussing the influence of the integration strategies over the requirements presented in Section 4.1.

Conclusions

As sensor nodes have become part of the IoT, new challenges and research horizons have emerged. This paper is a clear example of these challenges. Here, an analysis has been presented of the secure integration of sensor nodes in the Internet, with a clear focus on the industrial environment. As a conclusion of this analysis, it can be stated that for the existing needs of the industry, it is not necessary to fully integrate the industrial WSNs with in the Internet, and a simple capillary

Acknowledgement

This work has been partially supported by PISCIS (P10-TIC-06334), ARES (CSD2007-00004) and SPRINT (TIN2009-09237) Projects. This last one is co-funded by the FEDER Program.

Cristina Alcaraz received her M.Sc. and Ph.D. degrees in Computer Science in 2006 and 2003, respectively, from the University of Malaga. She is a postdoctoral researcher working on topics related to critical information infrastructure protection. Her research activities are mainly focused on Critical Information Infrastructure Protection, and more precisely on secure monitoring of critical infrastructures, security of SCADA systems and Smart Grids, as well as the use of Wireless Sensor Networks

References (39)

  • J. Lopez et al.

    Trust management systems for wireless sensor networks: best practices

    Computer Communications

    (2010)
  • C. Alcaraz et al.

    Security aspects of SCADA and DCS environments

  • B. Reaves et al.

    An open virtual testbed for industrial control system security research

    International Journal of Information Security (IJIS)

    (2012)
  • M. Botterman

    Internet of things: an early reality of the Future Internet

    Information Society and Media Directorate General, Networked Enterprise & RFID, European Commission

    (2009)
  • W. Shaw, Cybersecurity for SCADA systems, PennWell Corp, Tulsa, 2006, ISBN:...
  • F. Baker et al.

    RFC 6272-Internet protocols for the smart grid

    Internet Engineering Task Force (IETF)

    (2011)
  • G. Irwin et al.

    An overview of wireless networks in control and monitoring

  • ZigBee Alliance. <http://www.zigbee.org/> (accessed...
  • HART Communication Foundation. <http://www.hartcomm.org/> (accessed...
  • ISA100, Wireless Systems for Automation. <http://www.isa.org/> (accessed...
  • Modbus-IDA the architecture for distributed automation. <http://www.modbus.org/> (accessed...
  • DNP3, DNP Users Group. <http://www.dnp.org> (accessed...
  • IEC 60870-5-104, Part 5-104: Transmission Protocols – Network Access for IEC 60870-5-101 Using Standard Transport...
  • IEC-62351,Power systems management and associated information exchange – data and communication security, International...
  • EPRI, DNP Security Development, Evaluation and Testing Project Opportunity, Electric Power Research Institute....
  • ISO New England, DRI Project: DNP Secure Authentication....
  • NISTIR 7628, Guidelines for Smart Grid Cyber Security: vol. 1, Smart Grid Cyber Security Strategy, Architecture, and...
  • C. Alcaraz, J. Lopez, Analysis of requirements for Critical Control Systems, International Journal of Critical...
  • M. Jain, A. Jain, M. Srinivas, A web based expert system shell for fault diagnosis and control of power system...
  • Cited by (53)

    • Securing the operations in SCADA-IoT platform based industrial control system using ensemble of deep belief networks

      2018, Applied Soft Computing Journal
      Citation Excerpt :

      Commands and data are sent using plain text and can be easily captured and spoofed since no encryption. DoS attacks can be easily implemented since there is no legitimate address checking [29–33,38]. Inter-Control Center Communication Protocol (ICCP) [26–33] is used to communicate between control centers such as EMS-SCADA or Regional SCADA centers.

    • Threat Sensitive Networking: On the Security of IEEE 802.1CB and (un)Effectiveness of Existing Security Solutions

      2023, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
    View all citing articles on Scopus

    Cristina Alcaraz received her M.Sc. and Ph.D. degrees in Computer Science in 2006 and 2003, respectively, from the University of Malaga. She is a postdoctoral researcher working on topics related to critical information infrastructure protection. Her research activities are mainly focused on Critical Information Infrastructure Protection, and more precisely on secure monitoring of critical infrastructures, security of SCADA systems and Smart Grids, as well as the use of Wireless Sensor Networks for protection of critical systems. She is actively participating as a program committee member in several international conferences. Likewise, she has collaborated in several European and national research projects, all of them also closely related to her research areas.

    Rodrigo Roman ([email protected]) is a security researcher at the University of Malaga (Spain), where he obtained his Ph.D. and M.Sc. degrees in Computer Engineering and Computer Science, respectively, in 2008 and 2003. He is currently working as visiting researcher at the Institute for Infocomm Research (I2R) in Singapore. His research is focused on protecting sensor networks in various contexts, such as critical infrastructures and the Internet of Things. He has published over 25 referred papers at international conferences and journals, served over 30 times in international conference committees, and organized and chaired several workshops and conferences. Besides, he has participated in several European and national research projects.

    Pablo Najera is a Ph.D. student at University of Malaga. He obtained his M.Sc. degree in Computer Science in 2006 being awarded as the most outstanding student of the year. His research interests focus on security in RFID, personal area networks and future networks. He was granted a Research Assistant Fellowship from the Spanish Ministry of Science and has participated in multiple research projects (e.g. IDENTICA, SPRINT, SERSAF). He has been a committee member and invited reviewer in around 40 international conferences and indexed journals.

    Javier Lopez received his M.Sc. and Ph.D. degrees in Computer Science in 1992 and 2000, respectively, from University of Malaga. He is currently Full Professor and during last 10 years has conducted research in USA, Japan and Australia. His activities are mainly focused on network security, critical information infrastructures protection and security services, leading a number of national and international research projects in those areas, including projects in FP5, FP6 and FP7 European Programmes. Prof Lopez is the Co-Editor in Chief of the International Journal of Information Security (IJIS) and Spanish representative in the IFIP Technical Committee 11.

    View full text