Towards A Cyber Defense Framework For Scada Systems Based On Power Consumption Monitoring

Supervisory control and data acquisition (SCADA) systems are industrial automation systems that remotely monitor and control critical infrastructures. SCADA systems are major targets for espionage and sabotage attackers. Current commercial o.-the-shelf security solutions are insufficient in protecting SCADA systems against sophisticated cyber-attacks. Furthermore, these breaches are not detected in real-time or fast enough to prevent further damages. To address this challenge we present a feasibility study that proves monitoring power consumption of SCADA devices is an e.ective approach to detect cyber-attacks. We built a testbed containing a Programmable Logic Controller (PLC) that was instrumented to record its power usage. Three SCADA-specific cyber-attacks were simulated and we report the power consumption of the PLC under these normal and anomalous scenarios. We show that it is possible to distinguish the PLC power utilization between these scenarios. In route to this result we found and describe vulnerabilities in the DF-1 protocol.