An Efficient Key Management Scheme for Secure SCADA Communication

A SCADA (Supervisory Control And Data Acquisition) system is an industrial control and monitoring system for national infrastructures. The SCADA systems were used in a closed environment without considering about security functionality in the past. As communication technology develops, they try to connect the SCADA systems to an open network. Therefore, the security of the SCADA systems has been an issue. The study of key management for SCADA system also has been performed. However, existing key management schemes for SCADA system such as SKE(Key establishment for SCADA systems) and SKMA(Key management scheme for SCADA systems) cannot support broadcasting communication. To solve this problem, an Advanced Key Management Architecture for Secure SCADA Communication has been proposed by Choi et al.. Choi et al.-s scheme also has a problem that it requires lots of computational cost for multicasting communication. In this paper, we propose an enhanced scheme which improving computational cost for multicasting communication with considering the number of keys to be stored in a low power communication device (RTU).

Authors:

• Sungjin Lee
• Donghyun Choi
• Choonsik Park
• Seungjoo Kim

Keywords:

• SCADA system
• SCADA communication
• Key management
• Distributed networks.

References:

[1] Donghyun Choi, Hakman Kim, Dongho Won, and Seungjoo Kim,
"Advanced Key Management Architecture for Secure SCADA
Communication," To be published on IEEE Transactions on power
delivery
[2] Beaver, C., Gallup, D., Neumann, W. & Torgerson, M. (2002), "Key
management for SCADA," Technical report, Sandia.
http://www.sandia.gov/scada/documents/013252.pdf
[3] Robert Dawson, Colin Boyd, Ed Dawson, Juan Manuel Gonzalez Nieto,
"SKMA A Key Management Architecture for SCADA Systems," In Proc.
Fourth Australasian Information Security Workshop, Vol. 54, pp.
138-192, 2006.
[4] Balenson, D., McGrew, D, and A. Sherman, "Key management for large
dynamic groups: one-way function trees and amortized initialization,"
NAI Labs, Advanced Security Research Journal, pp 29-46. 1998
[5] Chung Kei Wong; Gouda, M.; Lam, S.S., "Secure group communications
using key graphs," IEEE/ACM Transactions on Networking, vol.8, no.1,
pp.16-30, Feb 2000
[6] McGrew, D.A.;Sherman, A.T., "Key Establishment in Large Dynamic
Groups: Using One-Way Function Trees", Technical Report 0755
[7] S. Mittra, "Iolus: A Framework for Scalable Secure Multicasting," in
Proc. ACM SIGCOMM-97, pp. 277-88, 1997