Title | Network-Attack-Resilient Intrusion-Tolerant SCADA for the Power Grid |
Publication Type | Conference Paper |
Year of Publication | 2018 |
Authors | Babay, Amy, Tantillo, Thomas, Aron, Trevor, Platania, Marco, Amir, Yair |
Conference Name | 2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) |
Keywords | composability, computer centres, computer network security, control centers, data acquisition systems, data centers, distributed processing, fault tolerant computing, intrusion tolerance, Monitoring, nation-state-level attackers, network attack, network attacks, network-attack-resilient intrusion-tolerant SCADA, power grid, power grid infrastructure, power grids, power system reliability, Protocols, pubcrawl, resilience, Resiliency, SCADA, SCADA system management, SCADA systems, security of data, simultaneous intrusions, sophisticated network-level attacks, Spire, Substations, supervisory control, System recovery |
Abstract | As key components of the power grid infrastructure, Supervisory Control and Data Acquisition (SCADA) systems are likely to be targeted by nation-state-level attackers willing to invest considerable resources to disrupt the power grid. We present Spire, the first intrusion-tolerant SCADA system that is resilient to both system-level compromises and sophisticated network-level attacks and compromises. We develop a novel architecture that distributes the SCADA system management across three or more active sites to ensure continuous availability in the presence of simultaneous intrusions and network attacks. A wide-area deployment of Spire, using two control centers and two data centers spanning 250 miles, delivered nearly 99.999% of all SCADA updates initiated over a 30-hour period within 100ms. This demonstrates that Spire can meet the latency requirements of SCADA for the power grid. |
DOI | 10.1109/DSN.2018.00036 |
Citation Key | babay_network-attack-resilient_2018 |