Securing SCADA Systems from False Data Injection Attacks

Abstract

The Supervisory Control and Data Acquisition (SCADA) system controls and monitors industrial operations, such as electricity, gas, railway, traffic, water, and waste. With the increased advancement of technologies in the SCADA system, there have been an increasing number of attacks targeting the SCADA system. One of these attacks that has increased significantly and raised the risk for the SCADA system is False Data Injection Attack (FDIA). The attackers aim to compromise the system's integrity by modifying the measurement data in the SCADA system to launch FDIA. This research analyzes the SCADA system to identify its vulnerabilities in the system that could lead to FDIA. To mitigate the risks of FDIA, we propose a solution that leverages a digital signature scheme and integrates Trusted Execution Environments (TEE) and Firmware Trusted Platform Modules (fTPM). The proposed solution introduces two distinct environments: a secure environment and a normal environment. The secure environment provides a protected and isolated execution environment, ensuring the secure collection and signing of measurement data. On the other hand, the normal environment runs a web server responsible for retrieving the signed measurement data and providing appropriate responses to the control center. The proposed solution also offers a secure capability to hold a private key for the program that matches the fTPM's expectations to use it for signing the measurement data. Thus, this proposed solution aims to detect FDIA to enhance the security and integrity of the SCADA system.