New Algorithm Lets SCADA Devices Detect, Deflect Attacks

[InfoSec News <alerts () infosecnews org>]

http://www.darkreading.com/attacks-breaches/new-algorithm-lets-scada-devices-detect/240154875

By Kelly Jackson Higgins
Dark Reading
May 14, 2013

Researchers have built a prototype that lets SCADA devices police one 
another in order to catch and cut off a fellow power plant or factory 
floor device that has been compromised.

The so-called secure distributed control methodology outfits SCADA 
systems, such as robots or PLCs, with embedded software that uses a 
specially created algorithm to detect devices behaving badly. The 
software, which was developed by researchers at NC State University with 
funding from the National Science Foundation, detects and then isolates 
a neighboring device that has been compromised.

It uses a reputation manager for the devices, so that if one robot or 
PLC starts doing something it's not supposed to do -- or exceeds a 
certain threshold such as improperly accelerating or slowing its speed 
-- fellow robots or other devices detect the uncharacteristic behavior, 
sound an alarm, and cut it off from their operations to minimize or stop 
any damage.

This peer-level SCADA security would augment existing and emerging SCADA 
security products and features, the researchers say. The algorithm could 
be added into existing software in control systems, with some minor 
coding modifications, according to the researchers.

[...]


______________________________________________
Visit the InfoSec News Security Bookstore
Best Selling Security Books and More!
http://www.shopinfosecnews.org