A Study on Introducing Security Certification for Control Systems

Vol. 26, No. 3, pp. 725-734, Jun. 2016
10.13089/JKIISC.2016.26.3.725, Full Text:
Keywords: SCADA, DNP3, EDSA-CRT, certification, Robustness Testing, Load Stress Testing
Abstract

SCADA(Supervisory Control and Data Acquisition) system is widely used for remote monitoring and control throughout the domestic industry. Due to a recent breach of security on SCADA systems, such as Stuxnet, the need of correctly established secure certification of a control system is growing. Currently, EDSA-CRT (Embedded Device Security Assurance-Communication Robustness Test), which tests the ability to provide core services properly in a normal/abnormal network protocol, is only focused on the testing of IP-based protocols such as IP, ARP, TCP, etc. Thus, in this paper, we propose test requirements for DNP3 protocol based on EDSA-CRT. Our analysis show that the specific test cases provide plentiful evidences that DNP3 should follow based on its functional requirements. As a result, we propose 33 specific test case for DNP3 protocol.

Statistics
Show / Hide Statistics

Statistics (Cumulative Counts from December 1st, 2017)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article
[IEEE Style]
H. Choi, D. Kim, H. Shin, C. Hahn, J. Hur, "A Study on Introducing Security Certification for Control Systems," Journal of The Korea Institute of Information Security and Cryptology, vol. 26, no. 3, pp. 725-734, 2016. DOI: 10.13089/JKIISC.2016.26.3.725.

[ACM Style]
Hoyeol Choi, Daeyeong Kim, Hyungjune Shin, Changhee Hahn, and Junbeom Hur. 2016. A Study on Introducing Security Certification for Control Systems. Journal of The Korea Institute of Information Security and Cryptology, 26, 3, (2016), 725-734. DOI: 10.13089/JKIISC.2016.26.3.725.