Proposal of a Secure Modbus RTU communication with Adi Shamir’s secret sharing method
Abstract
Drinking fresh water, turning the lights on, travelling by tram, calling our family or getting a medical treatment are usual activities, but the underlying SCADA (Supervisory Control and Data Acquisition) systems like CIS (Critical Infrastructure Systems), ICS (Industrial Control Systems) or DCS (Distributed Control Systems) were always the target of many types of attacks, endangered the above mentioned simple activities. During the last decades because of the fast spread of the internet based services and the continuous technical development these systems become more vulnerable than ever. Full reconstruction and innovative changes in older SCADA systems has high cost, and it is not always rewarding. Communication protocols as Modbus (1979) serve as a main basis for SCADA systems, so security of Modbus has a major impact of the security of SCADA systems. Our paper raises and answers questions about the security of the Modbus RTU protocol. We focus on the serial Modbus protocol, because in that method we found many unsolved problems, like lack of authentication of the participants, lack of secure channel and so on. The aim of this paper to propose a secure communication alternative for Modbus RTU @ RS485 wire. The main advantage of the proposed method is the coexistence with traditional slaves and bus systems and only software update is necessary.References
Shamir, Adi (1979). How to share a secret. Communications of the ACM, 22, 612-613.
Harn, Lien & Lin, Changlu (2010). Authenticated group key transfer
protocol based on secret sharing. IEEE transactions on computers, 59, 842-846.
Liu, Yining, Cheng, Chi, Gu, Tianlong, Jiang, Tao & Li, Xiangming (2016). A lightweight authenticated communication scheme for smart grid.
IEEE Sensors Journal, 16, 836-842. Narayana, V Lakshman & Bharathi, CR (2017).
IDENTITY BASED CRYPTOGRAPHY FOR MOBILE AD HOC NETWORKS. Journal of Theoretical and Applied Information
Technology, 95, 1173.
Chen, B., Pattanaik, N., Goulart, A., Butler-Purry, K. L., & Kundur, D.
(2015, May). Implementing attacks for modbus/TCP protocol in a real-time cyber physical system test bed. In Communications Quality and Reliability (CQR), 2015 IEEE International Workshop Technical Committee on (pp. 1-6). IEEE.
Ádámkó, Éva., Jakabóczki, Gábor. „Security analysis of Modbus
RTU.” Proceedings of the Conference on Problem-based Learning in Engineering Education. 2015. 5-11.
Byres, E. J., Franz, M., & Miller, D. (2004, December). The use of attack
trees in assessing vulnerabilities in SCADA systems. In Proceedings of the
international infrastructure survivability workshop.
Nardone, R., Rodríguez, R. J., & Marrone, S. (2016, December). Formal
security assessment of Modbus protocol. In Internet Technology and
Secured Transactions (ICITST), 2016 11th International Conference for (pp. 142-147). IEEE.
Huitsing, Peter, Chandia, Rodrigo,Papa, Mauricio & Shenoi, Sujeet
(2008). Attack taxonomies for the Modbus protocols. International
Journal of Critical Infrastructure Protection, 1, 37-44.
Goldenberg, Niv & Wool, Avishai (2013). Accurate modeling of
Modbus/TCP for intrusion detection in SCADA systems. International Journal of Critical Infrastructure Protection, 6, 63-75.
Urrea, Claudio, Morales, Claudio & Kern, John (2016). Implementation of
error detection and correction in the Modbus-RTU serial protocol.
International Journal of Critical Infrastructure Protection, 15, 27-37.
Erez, Noam & Wool, Avishai (2015). Control variable classification,
modeling and anomaly detection in Modbus/TCP SCADA systems.
International Journal of Critical Infrastructure Protection, 10, 59-70.
Urrea, Claudio, Morales, Claudio & Mu~noz, Rodrigo (2016). Design and
implementation of an error detection and correction method compatible with MODBUS-RTU by means of systematic codes. Measurement, 91, 266-275.
Shahzad, Aamir, Lee, Malrey, Lee, Young-Keun, Kim, Suntae, Xiong,
Naixue, Choi, Jae-Young & Cho, Younghwa (2015). Real time MODBUS
transmissions and cryptography security designs and enhancements of
protocol sensitive information. Symmetry, 7, 1176-1210.
] R. Solomakhin, Predictive YASIR: High Security with Lower Latency in
Legacy SCADA, Technical Report TR2010-665, Department of Computer Science, Dartmouth College, Hanover, New Hampshire, 2010.
Fovino, Igor Nai, Carcano, Andrea, Masera, Marcelo & Trombetta, Alberto
(2009). Design and Implementation of a Secure Modbus Protocol.. Critical
Infrastructure Protection, 3, 83-96.
Bruce, Schneier (1999). Attack trees.
Dr Dobb's Journal, 24, .
Menezes, Alfred J, Van Oorschot, P & Vanstone, S (). Handbook of Applied
Cryptography, C R CP ress, 1 996. Chapter, 5, 12.
Menezes, Alfred J, Van Oorschot, P & Vanstone, S (). Handbook of Applied
Cryptography, C R CP ress, 1 996. FIPS, PUB (2001). 197: Federal
Information Processing Standards Publication 197. Announcing the
ADVANCED ENCRYPTION STANDARD (AES).
Modicon, I (1996). Modicon modbus protocol reference guide. North
Andover, Massachusetts, , 28-29.
Raiou, Costen (2016). Kaspersky Security Bulletin. Securelist, , 68-
Communication network dependencies for ICS/SCADA Systems (2016).
,https://www.enisa.europa.eu/publications/ics-scada-dependencies
Schneider Electrics, SCADA systems white paper (2012)
Adrian Pauna, Konstantinos Moulinos, et.al. (2013). Can we learn from SCADA security incidents? https://www.enisa.europa.eu/publications/can-we-learn-from-scada-security-incidents.
Transceiver, Serial Encrypting. "SEL-3021 Serial Encrypting Transceiver
Yüksel, Ömer, Jerry den Hartog, and Sandro Etalle. "Reading between the
fields: practical, effective intrusion detection for industrial control
systems." Proceedings of the 31st Annual ACM Symposium on Applied
Computing. ACM, 2016.
Moore, Tyler, and Sujeet Shenoi, eds. Critical Infrastructure
Protection IV: Fourth Annual IFIP WG 11.10 International Conference on
Critical Infrastructure Protection, ICCIP 2010, Washington, DC, USA, March 15-17, 2010, Revised Selected Papers. Vol. 342. Springer Science & Business Media, 2010. Security Policy." (2005).
Karl Rauscher (2013). It’s Time to Write the Rules of Cyberwar.
http://spectrum.ieee.org/telecom/security/its-time-to-write-the-rules-of-
cyberwar.
Downloads
Published
Issue
Section
License
Copyright (c) 2018 International Journal of Electronics and Telecommunications
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
1. License
The non-commercial use of the article will be governed by the Creative Commons Attribution license as currently displayed on https://creativecommons.org/licenses/by/4.0/.
2. Author’s Warranties
The author warrants that the article is original, written by stated author/s, has not been published before, contains no unlawful statements, does not infringe the rights of others, is subject to copyright that is vested exclusively in the author and free of any third party rights, and that any necessary written permissions to quote from other sources have been obtained by the author/s. The undersigned also warrants that the manuscript (or its essential substance) has not been published other than as an abstract or doctorate thesis and has not been submitted for consideration elsewhere, for print, electronic or digital publication.
3. User Rights
Under the Creative Commons Attribution license, the author(s) and users are free to share (copy, distribute and transmit the contribution) under the following conditions: 1. they must attribute the contribution in the manner specified by the author or licensor, 2. they may alter, transform, or build upon this work, 3. they may use this contribution for commercial purposes.
4. Rights of Authors
Authors retain the following rights:
- copyright, and other proprietary rights relating to the article, such as patent rights,
- the right to use the substance of the article in own future works, including lectures and books,
- the right to reproduce the article for own purposes, provided the copies are not offered for sale,
- the right to self-archive the article
- the right to supervision over the integrity of the content of the work and its fair use.
5. Co-Authorship
If the article was prepared jointly with other authors, the signatory of this form warrants that he/she has been authorized by all co-authors to sign this agreement on their behalf, and agrees to inform his/her co-authors of the terms of this agreement.
6. Termination
This agreement can be terminated by the author or the Journal Owner upon two months’ notice where the other party has materially breached this agreement and failed to remedy such breach within a month of being given the terminating party’s notice requesting such breach to be remedied. No breach or violation of this agreement will cause this agreement or any license granted in it to terminate automatically or affect the definition of the Journal Owner. The author and the Journal Owner may agree to terminate this agreement at any time. This agreement or any license granted in it cannot be terminated otherwise than in accordance with this section 6. This License shall remain in effect throughout the term of copyright in the Work and may not be revoked without the express written consent of both parties.
7. Royalties
This agreement entitles the author to no royalties or other fees. To such extent as legally permissible, the author waives his or her right to collect royalties relative to the article in respect of any use of the article by the Journal Owner or its sublicensee.
8. Miscellaneous
The Journal Owner will publish the article (or have it published) in the Journal if the article’s editorial process is successfully completed and the Journal Owner or its sublicensee has become obligated to have the article published. Where such obligation depends on the payment of a fee, it shall not be deemed to exist until such time as that fee is paid. The Journal Owner may conform the article to a style of punctuation, spelling, capitalization and usage that it deems appropriate. The Journal Owner will be allowed to sublicense the rights that are licensed to it under this agreement. This agreement will be governed by the laws of Poland.
By signing this License, Author(s) warrant(s) that they have the full power to enter into this agreement. This License shall remain in effect throughout the term of copyright in the Work and may not be revoked without the express written consent of both parties.
