Visible to the public Network-Attack-Resilient Intrusion-Tolerant SCADA for the Power Grid

TitleNetwork-Attack-Resilient Intrusion-Tolerant SCADA for the Power Grid
Publication TypeConference Paper
Year of Publication2018
AuthorsBabay, Amy, Tantillo, Thomas, Aron, Trevor, Platania, Marco, Amir, Yair
Conference Name2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)
Keywordscomposability, computer centres, computer network security, control centers, data acquisition systems, data centers, distributed processing, fault tolerant computing, intrusion tolerance, Monitoring, nation-state-level attackers, network attack, network attacks, network-attack-resilient intrusion-tolerant SCADA, power grid, power grid infrastructure, power grids, power system reliability, Protocols, pubcrawl, resilience, Resiliency, SCADA, SCADA system management, SCADA systems, security of data, simultaneous intrusions, sophisticated network-level attacks, Spire, Substations, supervisory control, System recovery
AbstractAs key components of the power grid infrastructure, Supervisory Control and Data Acquisition (SCADA) systems are likely to be targeted by nation-state-level attackers willing to invest considerable resources to disrupt the power grid. We present Spire, the first intrusion-tolerant SCADA system that is resilient to both system-level compromises and sophisticated network-level attacks and compromises. We develop a novel architecture that distributes the SCADA system management across three or more active sites to ensure continuous availability in the presence of simultaneous intrusions and network attacks. A wide-area deployment of Spire, using two control centers and two data centers spanning 250 miles, delivered nearly 99.999% of all SCADA updates initiated over a 30-hour period within 100ms. This demonstrates that Spire can meet the latency requirements of SCADA for the power grid.
Citation Keybabay_network-attack-resilient_2018