Theses and Dissertations

Issuing Body

Mississippi State University

Advisor

Morris, Thomas

Date of Degree

8-1-2010

Document Type

Graduate Thesis - Open Access

Major

Computer Engineering

Degree Name

Master of Science

Abstract

SCADA (Supervisory Control and Data Acquisition) control systems are widely used to control critical processes in various economically and safety critical commercial industries. SCADA control systems are often vulnerable to attacks due to previous industry reliance on security by obscurity to protect control systems. There is a need for an architecture which can log the communications traffic in the SCADA networks. In this work a forensic network traffic data logger retrofit solution for MODBUS and DNP3 network appliances is presented. The data logger uses a bump-in-wire configuration to capture the network transactions, timestamp, cryptographically sign, encrypt and store the network transactions. The data logger is developed to run on embedded and virtual machine platforms. Thus, a retrofit forensic network traffic data logger logs the network traffic in a SCADA control system efficiently without affecting the normal functionality of the control system and the logger data supports post incident forensics analysis.

URI

https://hdl.handle.net/11668/15398

Share

COinS