Methods and systems for detection of man-in-the-middle attacks for SCADA communication networks and applications of same

Inventors

Roy A. McCann, University of Arkansas, Fayetteville
Hamdi Mansour Albunashee

Document Type

Patent

Publication Date

11-16-2021

Abstract

A system for detecting MITM for SCADA communication networks includes secure substation-substation communication links for providing secure and reliable paths to exchange OT data between substations for OT data consistency check; a SIB in each substation for sampling CT and PT measurements to calculate voltage magnitude and phase angle thereof; a S&C server in each substation coupled to the SIB for receiving the voltage magnitude and phase angle from the SIB and obtaining a packet carrying active power flow in transmission lines between two substations and a time stamp; an IDS server placed in a SCADA center for collecting the packet of each substation sent by the S&C server; analyzing the received packet from every adjacent substation; inspecting the payload of the received packet; and triggering an intrusion alarm to a SCADA operator when the power flow is not the same as the payload of the packets.

Department

Electrical Engineering

Patent Number

US11178176

Application Number

US 20200314142 A1

Application Published

10-1-2020

Application Filed

3-24-2020

Assignee

Board of Trustees of the University of Arkansas (Little Rock, AR)

Comments

Roy A. McCann, Department of Electrical Engineering, University of Arkansas, Fayetteville, AR

Citation

McCann, R. A., & Albunashee, H. M. (2021). Methods and systems for detection of man-in-the-middle attacks for SCADA communication networks and applications of same. Patents Granted. Retrieved from https://scholarworks.uark.edu/pat/428