Architecture for Network Attack Resilient Intrusion Tolerant SCADA

Case ID:
C14087
Disclosure Date:
3/15/2016
Description:
Unmet Need:
Today?s SCADA (supervisory control and data acquisition)systems use fault-tolerance techniques to remain available even when parts of the system fail. The systems can be restored after a few hours of downtime during a non-critical time, a tolerance that is considered acceptable today.
However, as malicious attacks become more prevalent, SCADA systems need to be more resilient and responsive to both benign failures and malicious attacks. For example, a sophisticated attacker can take down a primary control center at a critical moment purposefully, causing system downtime at the worst possible time (such as during a snowstorm or during a coordinated large-scale attack in multiple domains). Thus, an architecture that is more robust and able to handle malicious and benign failures while guaranteeing safety and performance will be a much-needed improvement to current SCADA system architectures.
Technical Overview:
Researchers at Johns Hopkins University have developed a resilient architecture that includes protection at both the network and system levels. While previous SCADA systems are engineered to successfully withstand a benign failure within control centers and restore operations within a few hours of downtime, these assumptions may no longer hold against more malicious attacks. The architecture proposed by these researchers protects against both intrusions at the application service level and attacks on the network, which has not been considered before.
To ensure SCADA systems are available continuously in malicious environments means they must account for failures beyond previously considered. This architecture protects against compromises of system components, such as the SCADA master, and network attacks that potentially isolate and disconnect a targeted site from the network. Safety and performance is guaranteed as well, through proactive recovery and guaranteed bounded delay.
Stage of Development:
Prototype
Publication:
Unpublished
 
Patent Information:
Title App Type Country Serial No. Patent No. File Date Issued Date Expire Date Patent Status
Network Attack Resilient Intrusion Tolerant SCADA Architechture PCT: Patent Cooperation Treaty PCT PCT/US2017/038565   6/21/2017     Pending
Inventors:
Category(s):
For Information, Contact:
Seth Zonies
szonies1@jhmi.edu
410-614-0300
Save This Technology:
2017 © Johns Hopkins Technology Ventures. All Rights Reserved. Powered by Inteum