Methods, systems and devices for securing supervisory control and data acquisition (SCADA) communications
First Claim
1. A secure supervisory control and data acquisition (SCADA) system for communicating with a plurality of remote terminal units (RTUs), the secure SCADA system comprising:
- a SCADA control host configured to process SCADA information;
a transceiver configured to transfer the SCADA information between the SCADA control host and at least one of the plurality of remote terminal units; and
a host security device (HSD) operatively coupled between the SCADA control host and the transceiver, wherein the HSD is configured to transparently encrypt and decrypt the SCADA information passing through the HSD to thereby establish secure communications between the SCADA control host and the at least one of the plurality of remote terminal units.
6 Assignments
0 Petitions
Accused Products
Abstract
A secure supervisory control and data acquisition (SCADA) system includes a SCADA control host system and any number of remote terminal unit (RTU) systems. Each RTU system includes an RTU transceiver, an RTU and a remote security device (RSD) coupling the RTU to the RTU transceiver. The SCADA control host system includes a SCADA control host configured to exchange SCADA information with each of the RTUs in a SCADA format, and a host security device (HSD) coupling the SCADA control host to a host transceiver. The host transceiver is configured to establish communications with each of the plurality of RTU transceivers. The HSD communicates with the RSDs to transparently encrypt the SCADA information using a cryptographic protocol that is independent of the SCADA protocol to thereby secure the communications between the HSD and each of the RSDs.
203 Citations
56 Claims
-
1. A secure supervisory control and data acquisition (SCADA) system for communicating with a plurality of remote terminal units (RTUs), the secure SCADA system comprising:
-
a SCADA control host configured to process SCADA information;
a transceiver configured to transfer the SCADA information between the SCADA control host and at least one of the plurality of remote terminal units; and
a host security device (HSD) operatively coupled between the SCADA control host and the transceiver, wherein the HSD is configured to transparently encrypt and decrypt the SCADA information passing through the HSD to thereby establish secure communications between the SCADA control host and the at least one of the plurality of remote terminal units. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A secure supervisory control and data acquisition (SCADA) system comprising:
-
a plurality of remote terminal units (RTUs) systems, each RTU system comprising an RTU transceiver, an RTU and a remote security device (RSD) coupling the RTU to the RTU transceiver; and
a SCADA control host system comprising a SCADA control host configured to exchange SCADA information with each of the RTUs in a SCADA format, and a host security device (HSD) coupling the SCADA control host to a host transceiver, wherein the host transceiver is configured to establish communications with each of the plurality of RTU transceivers;
wherein the HSD is configured to communicate with the plurality of RSDs to transparently encrypt the SCADA information using a cryptographic protocol that is independent of the SCADA protocol to thereby secure the communications between the HSD and each of the plurality of RSDs. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
-
22. A host security device (HSD) for securing communications between a SCADA control host and a remote security device (RSD) via a transceiver, the host security device comprising:
-
a clear interface configured to communicate with the SCADA control host to thereby exchange clear data between the HSD and the SCADA control host;
a secure interface configured to communicate with the transceiver to thereby exchange encrypted data between the HSD and the RSD; and
a processing module configured to encrypt the clear data received at the clear interface to thereby create encrypted data for transmission via the secure interface, and to decrypt encrypted data received at the secure interface to thereby extract clear data for transmission via the clear interface. - View Dependent Claims (23)
-
-
24. A remote security device for securing communications between a host security device (HSD) and a remote terminal unit (RTU) via a transceiver, the remote security device (RSD) comprising:
-
a clear interface configured to communicate with the RTU to thereby exchange clear data between the RSD and the RTU;
a secure interface configured to communicate with the transceiver to thereby exchange encrypted data between the RSD and the HSD; and
a processing module configured to encrypt the clear data received at the clear interface to thereby create encrypted data for transmission via the secure interface, and to decrypt encrypted data received at the secure interface to thereby extract clear data for transmission via the clear interface. - View Dependent Claims (25, 26, 27, 28, 29)
-
-
30. A method of transferring SCADA information from a sender to a receiver, the method comprising the steps of:
-
receiving the SCADA information from a sender at a clear interface;
encrypting the SCADA information using a cryptographic protocol that is independent of the SCADA information to create an encrypted data stream; and
providing the encrypted data stream to a secure interface for transmission to the receiver. - View Dependent Claims (31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51)
-
-
52. A data structure for storing SCADA information, the data structure comprising:
-
a header field comprising metadata about the SCADA information and a destination address;
a payload field having a variable length for storing the SCADA information; and
a trailer field comprising a checksum for verifying the contents of the payload field. - View Dependent Claims (53, 54, 55)
-
-
56. Computerized means for transferring SCADA information from a sender to a receiver, the computerized means comprising:
-
means for receiving the SCADA information from the sender;
means for encrypting the SCADA information using a cryptographic protocol that is independent of the SCADA information to create an encrypted data stream; and
means for providing the encrypted data stream for transmission to the receiver.
-
Specification