CYBER ATTACK DETECTION IN REMOTE TERMINAL UNIT OF SCADA SYSTEMS

Supervisory Control and Data Acquisition (SCADA) systems are widely used in critical infrastructures such as water distribution networks, electricity generation and distribution plants, oil refineries, nuclear plants, and public transportation systems. Every communication is done through encrypted messages to protect the pipeline from any intrusion from outside, it is almost impossible to interpret the observed payload. SCADA systems typically do require a high throughput but are much more tolerant of delays and outside intrusion. In addition, many SCADA systems may have much greater resource constraints than would be found in traditional IT systems to protect the industrial systems from any kind of intrusion or Cyber Attack. This lack of computing resources along with performance constraints can make it difficult or impossible to apply standard security technologies. The results from this proposed system were validated with a realistic text files with malicious data provided by the network operators online. Using SCADA systems, unauthorized access to network and switches could be more tightly controlled while keeping a human in the loop; that is, human supervision and interaction were, and still are, part of SCADA systems. However, technological advances and the maturation of SCADA systems has pushed more of the supervisory function onto the computer systems that make up modern SCADA systems. In the early development of SCADA systems attention was given to physical security, but virtually no attention was given to electronic or cyber security. The systems were obscure and the skills and technology needed to interact with the systems and update network security were simply not readily available; security of this type is often referred to as security through obscurity. This pattern has continued and today, most dedicated SCADA applications have not included built-in security.