Title:
ModSec: A secure Modbus protocol

dc.contributor.advisor Beyah, Raheem A.
dc.contributor.advisor Copeland, John A.
dc.contributor.advisor Grijalva, Santiago
dc.contributor.author Wilson, Paul Lawrence
dc.contributor.department Electrical and Computer Engineering
dc.date.accessioned 2020-05-20T16:46:36Z
dc.date.available 2020-05-20T16:46:36Z
dc.date.created 2018-05
dc.date.issued 2018-07-31
dc.date.submitted May 2018
dc.date.updated 2020-05-20T16:46:36Z
dc.description.abstract Many of todays most critical infrastructures rely on the successful operation of Supervisory Control and Data Acquisition (SCADA) systems distributed all around the world. Infrastructures such as water treatment plants, gas stations, and transportation all rely on SCADA systems, and any form of disruption has the potential to cause grave harm to a society. As technology has continued to grow and evolve, networks have also been able to grow in both space and complexity while also allowing for system operators to more efficiently manage these systems. Despite this growth, many of the communication pro- tocols that these systems use have failed to change, and systems that were never meant to be brought to an insecure environment like the Internet are being exposed, bringing forth a wide range of security vulnerabilities to these infrastructures. Modbus, introduced in 1979, is one of the original communication protocols used in SCADA environments and, to this day, is still implemented in nearly all industrial and automation equipment. The protocol is popularly used by programmable logic controllers (PLCs) to control actuators and gates within a system through a master-slave architecture. Despite its popularity, the protocol lacks any form of security and exposes the ability for a nefarious actor to easily control devices in a network and cause chaos. This thesis presents ModSec, a protocol that brings practical security enhancements to the Modbus protocol. The contribution can be separated into two separate goals: to add security to each of the protocols messages through a means of authentication and integrity, as well as a permission-based scheme to limit the effects that an unintended message can pose. ModSec is shown to prevent against many of the attacks that have already been proven against the Modbus protocol, while also taking into consideration the end systems. Many of the systems that are implements in SCADA environments are either low or lack processing power that would be necessary to fully implement common security mechanisms, like encryption. ModSec takes a novel approach to this problem, resulting in little overhead to the systems or the messages, thus allowing for the protocol to continue to be used without being effected by a large amount of latency or stress on the system.
dc.description.degree M.S.
dc.format.mimetype application/pdf
dc.identifier.uri http://hdl.handle.net/1853/62615
dc.language.iso en_US
dc.publisher Georgia Institute of Technology
dc.subject Modbus
dc.subject Authentication
dc.subject Security
dc.subject ICS
dc.subject SCADA
dc.title ModSec: A secure Modbus protocol
dc.type Text
dc.type.genre Thesis
dspace.entity.type Publication
local.contributor.advisor Copeland, John A.
local.contributor.advisor Beyah, Raheem A.
local.contributor.advisor Grijalva, Santiago
local.contributor.corporatename School of Electrical and Computer Engineering
local.contributor.corporatename College of Engineering
relation.isAdvisorOfPublication 4c81b037-e70c-4830-8d8a-f6e16dbb2e25
relation.isAdvisorOfPublication 88360599-cf62-474a-81dd-961af8abbb9b
relation.isAdvisorOfPublication cc9a9ac1-2cc3-4c78-8427-5871088600ef
relation.isOrgUnitOfPublication 5b7adef2-447c-4270-b9fc-846bd76f80f2
relation.isOrgUnitOfPublication 7c022d60-21d5-497c-b552-95e489a06569
thesis.degree.level Masters
Files
Original bundle
Now showing 1 - 1 of 1
Thumbnail Image
Name:
WILSON-THESIS-2018.pdf
Size:
1.05 MB
Format:
Adobe Portable Document Format
Description:
License bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
LICENSE.txt
Size:
3.86 KB
Format:
Plain Text
Description: