BIB-VERSION:: CS-TR-v2.0
ID:: ncstrl.dartmouthcs//TR2010-665
ENTRY:: June 01, 2010
ORGANIZATION:: Dartmouth College, Computer Science
REQUESTED-BY:: sws@cs.dartmouth.edu
REQUESTED-FOR:: rvs@cs
REQUESTED-DATE:: Tue Apr 6 19:42:40 EDT 2010
TITLE:: Predictive YASIR: High Security with Lower Latency in Legacy SCADA
TYPE:: Technical Report (paper)
REVISION:: 1
AUTHOR:: Solomakhin, Rouslan V.
DATE:: June 2010
RETRIEVAL:: For a paper copy, email <reports@cs.dartmouth.edu>
RETRIEVAL:: For a paper copy, write to
       Technical Report Librarian
       Department of Computer Science
       Dartmouth College
       6211 Sudikoff Laboratory
       Hanover, NH 03755-3510
       USA
RETRIEVAL:: PDF at http://www.cs.dartmouth.edu/reports/TR2010-665.pdf
ABSTRACT:: Message authentication with low latency is necessary to
ensure secure operations in legacy industrial control networks, such
as power grid networks. Previous authentication solutions by our lab
and others looked at single messages and incurred noticeable latency.
To reduce this latency, we develop Predictive YASIR, a
bump-in-the-wire device that looks at broader patterns of messages.
The device (1) predicts the incoming plaintext based on previous
observations; (2) compresses, encrypts, and authenticates data online;
and (3) pre-sends a part of ciphertext before receiving the whole
plaintext. I demonstrate the performance properties of this approach
by implementing it in the Scalable Simulation Framework and testing it
on Modbus/ASCII
protocol, which is widely used in the power grid, oil and gas,
manufacturing, and water treatment control networks. By looking at
broader message patterns and using predictive analysis, my results
demonstrate a 15.48 +/- 0.35% improvement in latency over the
previous most efficient solution. The simulation code is available
from http://www.cs.dartmouth.edu/~pyasir/.
NOTE:: M.S. Thesis. Advisor: Sean W. Smith.  Expanded version of a
paper submitted to the Fourth Annual IFIP Working Group 11.10
International Conference on Critical Infrastructure Protection.  The
paper is "High Security with Low Latency in Legacy SCADA Systems" by
Rouslan Solomakhin, Patrick Tsang, and Sean Smith.  The paper is to
appear in Critical Infrastructure Protection IV. T. Moore and S.
Shenoi (Eds.), Springer, Heidelberg, Germany, 2010.
END:: ncstrl.dartmouthcs//TR2010-665