An ethernet/IP security review with intrusion detection applications

Laughter, S A; Williams, R D

Title: An ethernet/IP security review with intrusion detection applications

Conference · Sat Jul 01 00:00:00 EDT 2006

OSTI ID:22030086

Laughter, S A; Williams, R D ^[1]

Dept. of Electrical and Computer Engineering, Univ. of Virginia, Box 400743, 351 McCormick Rd., Charlottesville, VA 22904-4743 (United States)

Supervisory Control and Data Acquisition (SCADA) and automation networks, used throughout utility and manufacturing applications, have their own specific set of operational and security requirements when compared to corporate networks. The modern climate of heightened national security and awareness of terrorist threats has made the security of these systems of prime concern. There is a need to understand the vulnerabilities of these systems and how to monitor and protect them. Ethernet/IP is a member of a family of protocols based on the Control and Information Protocol (CIP). Ethernet/IP allows automation systems to be utilized on and integrated with traditional TCP/IP networks, facilitating integration of these networks with corporate systems and even the Internet. A review of the CIP protocol and the additions Ethernet/IP makes to it has been done to reveal the kind of attacks made possible through the protocol. A set of rules for the SNORT Intrusion Detection software is developed based on the results of the security review. These can be used to monitor, and possibly actively protect, a SCADA or automation network that utilizes Ethernet/IP in its infrastructure. (authors)

OSTI does not have a digital full text copy available. For more information, please see document availability, search WorldCat, or search Google Scholar.

Cite

Export

Save

Research Organization:: American Nuclear Society, 555 North Kensington Avenue, La Grange Park, IL 60526 (United States)

OSTI ID:: 22030086

Resource Relation:: Conference: NPIC and HMIT 2006: 5. International Topical Meeting on Nuclear Plant Instrumentation Controls, and Human Machine Interface Technology, Albuquerque, NM (United States), 12-16 Nov 2006; Other Information: Country of input: France; 8 refs.; Related Information: In: Proceedings of the 5. International Topical Meeting on Nuclear Plant Instrumentation Controls, and Human Machine Interface Technology| 1430 p.

Country of Publication:: United States

Language:: English

Similar Records

Authentication Protocol for ICS without Encryption

Conference · Mon Jul 01 00:00:00 EDT 2019 · OSTI ID:22030086

Cruz, Ryan; Barnett, Rob

A Systems Engineering Analysis of National Ignition Facility Industrial Controls Systems and Safety Interlock Systems Remote Input/Output Networking Migration from ControlNet to EtherNet/IP

Technical Report · Thu Jun 23 00:00:00 EDT 2022 · OSTI ID:22030086

Cline, J. A.; Marticorena, J.

Cybersecurity Certification Recommendations for Interconnected Grid Edge Devices and Inverter Based Resources

Technical Report · Mon Nov 15 00:00:00 EST 2021 · OSTI ID:22030086

Hupp, William; Saleem, Danish; Peterson, Jordan T.; +1 more

Related Subjects

98 NUCLEAR DISARMAMENT
SAFEGUARDS AND PHYSICAL PROTECTION
42 ENGINEERING
AUTOMATION
COMPUTER CODES
CONTROL
CRIME DETECTION
DATA ACQUISITION
INFORMATION
INFORMATION SYSTEMS
INTERNET
MONITORS
NATIONAL SECURITY
REVIEWS
VULNERABILITY

Title: An ethernet/IP security review with intrusion detection applications

Citation Formats

Similar Records

Related Subjects