Testing and Exploring Vulnerabilities of the Applications Implementing DNP3 Protocol

Abstract

Supervisory Control and Data Acquisition (SCADA) networks control critical infrastructures. They play vital roles for utility companies and the process industry including electricity, natural gas, oil, water, etc. This research tested and analyzed threats that might be faced by applications implementing DNP3 (Distributed Network Protocol version 3), which is a de facto industry standard protocol for implementing the parts of SCADA communications. The protocol enables the Master Station to request data from Substations using pre-defined commands and Substations to respond by transmitting the requested data. DNP3 was not designed with security mechanisms in mind. The protocol itself lacks any form of authentication or encryption. It is made worse when industrial stations have started to connect to the Internet as this will allow conventional TCP/IP-based attacks to be launched. The thesis presents the existing security mechanisms and risks related to applications implementing DNP3 protocol. Later different black box testing methods and test cases are considered to test the robustness of the protocol. Test cases are verified and analyzed for possible potential threats. Finally, several schemes are suggested to overcome the vulnerabilities based on the test results we found.This thesis report should only be read by people who have signed the Non Disclosure Agreement with ABB Corporate Research Centre, Oslo.