Controlling Access to SCADA Networked Systems
Project Number: 2010-0000066847
Project Manager: Prof. dr. Sandro Etalle
Faculty of Electrical Engineering, Mathematics and Computer Science
Project website: Castor
Intuitively speaking, in IT Access Control is the mechanism that guarantees that only the rightful user is allowed to access a given target system (e.g., by authenticating herself using a password). In distributed systems such as SCADA, it is also important to restrict access not only to the rightful user but also to the rightful host.Today, most SCADA systems rely on relatively primitive forms of authentication and access control. These mechanism are usually: MAC/IP addresses authentication (for determining the rightful host), and user credentials. Both mechanisms are weak: the first one because it can be easily bypassed by an attacker, and the second one because user credentials are too often shared among users to ease system management. Because of the lack of correlation between users, the operations they usually perform, and the hosts that are used to perform such operations, malicious activities perpetrated by an attacker who managed to get hold of some high-level user credentials may not be detected.
The aim of Castor is to enhance the security of SCADA networks by adding intelligent access control to them. The goal is to devise a system that (a) infers access control policies from system executions, (b) allows supervisors to revise these policies and (c) it seamlessly enforces the policies by flagging or stopping illegitimate accesses. The system will adapt itself to the context where it is deployed by correlating information such as MAC/IP addresses, OSes running on hosts and operations users usually perform.
Project duration: March 2010 - March 2014
Project budget: € 210.250
Number of person/years:
Project Coordinator: UT
Participants: UT, Security Matters, Fox-IT, Gasunie, Brabant Water, Aliander
Involved groups: Distributed and Embedded Security (DIES)