Security Analysis and Implementation of DNP3 Multilayer Protocol for Secure and Safe Communication in SCADA Systems

Isaac Monroy, University of Texas at El Paso


When SCADA systems were first introduced into society, a lot of manpower was required for monitoring and controlling devices within critical infrastructures. With the increasing demand for services and growing systems, a need arose to automate the monitoring and controlling tasks. This led to introduction of networks into SCADA systems to enhance monitoring and control capabilities, that can scale with system size and requirements. But this introduction of network layer along with its advantages, also introduced a new threat surface which exposed multiple vulnerabilities within the system that can exploited to launch attacks, that led to the integration of security features in existing protocols or creation of new security-based protocols. When communication protocols such as IEC 60870, IEC 61850, Modbus, and DNP3 were initially designed for SCADA systems, these were developed without security features since their objective was to be an open standard that provided interoperability among all the devices that are available in the market. Eventually, when cyber-attacks began to emerge within SCADA systems, this pushed developers to release newer and secure versions of their protocols. The purpose of this thesis is to specifically analyze the security challenges and constraints within critical infrastructures in terms of implementation, and why Distributed Network Protocol Version 3 (DNP3) communication protocol for SCADA systems, and how its security features could be improved. The advantages of DNP3 over other SCADA protocols include its reliability, efficiency, and real-time transference of data, along with capabilities to support implementation of several standard data formats and data synchronization. It advanced through multiple versions since its launch, and currently in its sixth version provides devices with advanced capabilities to collect and acquire information during operation. Despite its advantages, security and cryptographic features were not integrated till fifth and sixth versions. With recent security additions, the protocol provides integrity, encryption options to protect the messages being transmitted and received within a communication link, and secure authentication to verify the authenticity of control messages sent to destination devices. Vulnerability and attack resistance analysis in DNP3 is in developmental stages. In this work, we conducted an extensive security analysis on the modes of operation of DNP3, its topologies, along with additional features that could be incorporated into its security to make SCADA communications more secure.

Subject Area

Computer Engineering|Information Technology|Computer science

Recommended Citation

Monroy, Isaac, "Security Analysis and Implementation of DNP3 Multilayer Protocol for Secure and Safe Communication in SCADA Systems" (2022). ETD Collection for University of Texas, El Paso. AAI30242428.