Methods, systems and devices for securing supervisory control and data acquisition (SCADA) communications
First Claim
1. A secure supervisory control and data acquisition (SCADA) system, comprising:
- a SCADA control host system configured to process SCADA information;
at least one remote device configured to communicate with said control host system, said remote device having at least a first port and a second port, said first port being configured for communicating said SCADA information with said control host system;
at least one modem coupled between said at least one remote device and at least one communication line, wherein said modem is configured to allow for communication between said at least one remote device and said at least one communication line; and
a security module coupled between said modem and said second port of said at least one remote device, said security module being configured to control access to said at least one remote device by a user seeking access thereto from said at least one communication line through said modem.
5 Assignments
0 Petitions
Accused Products
Abstract
A secure supervisory control and data acquisition (SCADA) system is presented. The inventive system includes a SCADA control host configured to process SCADA information, and at least one remote device configured to communicate with the control host. The remote device includes at least a first port and a second port wherein the first port is configured for communicating the SCADA information with said control host. The system further includes at least one modem coupled between the remote device and at least one communication line, wherein the modem is configured to allow for communication between the remote device and the at least one communication line. The inventive system still further includes a security module coupled between the modem and the second port of the remote device. The security module is configured to control access to the remote device by a user seeking access thereto from the communication line through the modem.
143 Citations
39 Claims
-
1. A secure supervisory control and data acquisition (SCADA) system, comprising:
-
a SCADA control host system configured to process SCADA information;
at least one remote device configured to communicate with said control host system, said remote device having at least a first port and a second port, said first port being configured for communicating said SCADA information with said control host system;
at least one modem coupled between said at least one remote device and at least one communication line, wherein said modem is configured to allow for communication between said at least one remote device and said at least one communication line; and
a security module coupled between said modem and said second port of said at least one remote device, said security module being configured to control access to said at least one remote device by a user seeking access thereto from said at least one communication line through said modem. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A method of securing a supervisory control and data acquisition (SCADA) system, comprising the steps of:
-
providing a SCADA control host system;
providing at least one remote device configured to communicate with said control host system;
providing at least one modem coupled between said at least one remote device and at least one communication line, wherein said modem is configured to allow for communication between said at least one remote device and said at least one communication line;
providing a security module coupled between said modem and said at least one remote device to control access to said at least one remote device by a user seeking access thereto from said at least one communication line through said modem;
receiving, at said security module, user information provided by said user through said modem;
comparing said user information with authorized user information stored in a centralized user database located within said system; and
allowing access to said at least one remote device if said user information matches said authorized user information, otherwise denying access. - View Dependent Claims (18, 19, 20, 21, 22, 23)
-
-
24. A method of transferring data in a supervisory control and data acquisition (SCADA) system, comprising the steps of:
-
receiving SCADA information from a source at a clear interface;
compressing the SCADA information using an algorithm in which the compression statistics used in compressing said information are based on all of the packets communicated from said source to a particular destination taken as a whole;
transmitting the compressed data stream to said destination. - View Dependent Claims (25, 26, 27, 28)
-
-
29. A method of compressing data communicated in a supervisory control and data acquisition (SCADA) system, comprising the steps of:
-
receiving SCADA information from a source;
providing a first and a second compression engine;
providing a first master dictionary table associated with said first compression engine;
compressing said SCADA information with said first compression engine and transferring said compressed SCADA information to a predetermined destination;
providing a first model dictionary table associated with said second compression engine;
compressing said SCADA information with said second compression engine;
updating the compression statistics of said first model dictionary table with each successive compression;
comparing the length of the compressed SCADA information from said first and second compression engines to calculate the difference in length of said compressed SCADA information;
determining whether said difference meets a predetermined threshold;
replacing said first master dictionary table with said first model dictionary table if said threshold is met to create a second master dictionary table such that said second master dictionary table is used for the next compression; and
creating a second model dictionary table having initial compression statistics. - View Dependent Claims (30, 31, 32, 33, 34)
-
-
35. A secure supervisory control and data acquisition (SCADA) system comprising:
-
at least one remote terminal unit (RTU) system comprising an RTU transceiver, an RTU and a remote security device (RSD) coupling the RTU to the RTU transceiver; and
a SCADA control host system comprising a SCADA control host configured to exchange SCADA information with the at least one RTU in a SCADA format, and a host security device (HSD) coupling the SCADA control host to a host transceiver, wherein the host transceiver is configured to establish communications with the at least one RTU transceiver;
wherein the HSD is configured to communicate with the at least one RSD to compress and transparently encrypt the SCADA information using a cryptographic protocol that is independent of the SCADA protocol to thereby compress and secure the communications between the HSD and the at least one RSD, and to stream the SCADA information passing therethrough such that a portion of a first packet of SCADA information is encrypted as it is received by the HSD and transferred to at least one of the plurality of RSDs concurrent with the receipt of another portion of the first packet by the HSD. - View Dependent Claims (36, 37, 38, 39)
-
Specification