Principal Investigator: Andrew Wright
Project Description: Devise and standardize a cryptographic protocol to protect the integrity of low-speed serial SCADA communications links used in gas, oil, power, water, waste water, and other utilities.
Project Impact: Significantly reduce the threat of cyber attack to critical infrastructures using SCADA systems.
Project Details: Supervisory Control and Data Acquisition (SCADA) systems are real-time process control systems that are widely deployed throughout critical infrastructure sectors including power, gas, oil, water, and waste water. However, SCADA networks generally have little protection from the rising danger of cyber attack. An adversary with access to the communications link can easily inject false commands into the system to actuate valves, trip breakers, etc. This project seeks to devise and standardize a cryptographic protocol to protect SCADA communications from cyber attack while minimizing negative impact on SCADA system operation.
Project Deliverables to date:
- AGA 12 Task Group, AGA 12 Part 1 - Cryptographic Protection of SCADA Communications, Background, Policies, and Test Plan.
www.gtiservices.org/security/AGA12Draft4r1.pdf 
(PDF - 1.0 MB)
- AGA 12 Task Group, AGA 12 Part 2 - Cryptographic Protection of SCADA Communications, Serial SCADA Protection Protocol.
www.gtiservices.org/security/aga-12p2-draft-1129.pdf (PDF - 151 KB)
- Wright, A. K., Kinast, J., and McCarty, J. Low-Latency Cryptographic Protection for SCADA Communications. In Proc. Applied Cryptography and Network Security, Springer Lecture Notes in Computer Science, June 2004.
- Wright, A. K. ScadaSafe open source implementation of AGA 12 Part 2.
scadasafe.sf.net
.
Status: In Progress
