Abstract

Industrial Control Systems (ICS) and Supervisory Control systems and Data Acquisition (SCADA) networks implement industrial communication protocols to enable their operations. Unfortunately, wide used protocols, such as Modbus and DNP3, lack basic security mechanisms that lead to multiple vulnerabilities. The exploitation of such flaws may greatly impact companies and the general population, especially for attacks targeting critical infrastructural assets such as power plants, water distribution, and railway transportation systems. Such problem gets worse in the context of photovoltaic Distributed Energy Resources (DER), where devices are commonly located in customers facilities, making difficult to enforce appropriate security policies. This paper addresses the security problems of the Modbus protocol, proposing a new secure version based on the Transport Layer Security protocol. Experimental results shows that the proposed solution achieves request/response times way below the 16.67 ms period of the power grid 60 Hz cycle, revealing a negligible impact in power grids applications.