Securing DNP3 Broadcast Communications in SCADA Systems

The Distributed Network Protocol version 3 (DNP3) provides Secure Authentication (DNP3-SA) as the mechanism to authenticate unicast messages from a master station to its outstations in supervisory control and data acquisition systems. In large-scale systems, it may be necessary to broadcast a critical request from a master station to multiple outstations at once. The DNP3 protocol standard describes the use of broadcast communication; however, it does not specify its security. This paper is the first to present DNP3 Secure Authentication for Broadcast (DNP3-SAB), a new lightweight security scheme for broadcast mode communication. This scheme is based on hash chain and only makes use of the existing cryptographic primitives specified in DNP3-SA. The scheme integrates itself into the DNP3-SA key update process. The proposed scheme is modeled, validated, and verified using colored Petri Nets against the most common protocol attacks such as modification, injection, and replay. Performance analysis on our scheme and the existing DNP3-SA modes (NACR and AGM) shows that DNP3-SAB reduces the communication overhead significantly at the cost of an increase with a constant term in processing and storage overhead. This benefit is maintained even when DNP3-SAB is under attack.