International Journal of Scientific & Technology Research

Home About Us Scope Editorial Board Blog/Latest News Contact Us
10th percentile
Powered by  Scopus
Scopus coverage:
Nov 2018 to May 2020


IJSTR >> Volume 9 - Issue 6, June 2020 Edition

International Journal of Scientific & Technology Research  
International Journal of Scientific & Technology Research

Website: http://www.ijstr.org

ISSN 2277-8616

Survey On Analysis Of Security Threats In DNP3 Protocol

[Full Text]



Bhagyashri Sangewar, Dr. A. R. Buchade



DNP3 protocol, IACS, SCADA, Secure authentication, SAV2, SAV5, Security.



Industrial Automation and Control Systems (IACS) required facilitating the safer means of information communication between smart devices such as various Intelligent Electronic Devices (IEDs) or between IEDs and host systems. Security in Industrial Automation and Control Systems (IACS) is critical task as many of these devices are present in remote location and controlling critical plant processes. These IEDs and hosts use various protocols such as Modbus, DNP3, IEC 60870, IEC 61850 etc. Distributed network protocol version 3(DNP3) is non-proprietary protocol used in Supervisory Control and Data Acquisition (SCADA) system. SCADA is the key foundation for many critical industries. DNP3 protocol is de facto standard for water, sewage, and oil and gas industry. DNP3 is used in industrial automation but initially DNP3 was not covering security aspects. Due to the need for secure communication later secure authentication is added to the protocol. DNP3-SA is the authentication mechanism which ensures the integrity and confidentiality between communicating devices. This paper presents the survey on DNP3 protocol and what are various attacks possible in basic DNP3 without secure authentication and with secure authentication mainly on SAV2 (Secure Authentication Version 2) and SAV5 (Secure Authentication Version 5).



[1] Rosborough, C., Gordon, C., Waldron, B. (2019). All About Eve: Comparing DNP3 Secure Authentication With Standard Security Technologies for SCADA Communications. Power and Energy Automation Conference. W.-K. Chen, Linear Networks and Systems (Book style). Belmont, CA: Wadsworth, 1993, pp. 123–135.
[2] Darwish, I., Igbe, O., Celebi, T. (2005). Smart Grid DNP3 Vulnerability Analysis and Experimentation. IEEE 2nd International Conference on
[3] Cyber Security and Cloud Computing
[4] Darwish, I., Saadawi, T. (2018). Attack Detection and Mitigation Techniques in Industrial Control System - Smart Grid DNP3. International Conference on Data Intelligence and Security.
[5] Amoah, R., Camtepe, S., Foo, E. (2016). Securing DNP3 Broadcast Communications in SCADA Systems. IEEE Transactions On Industrial Informatics. Vol. 12, No. 4
[6] Darwish, I., Igbe, O., Saadawi, T. (2015). Experimental and Theoretical Modeling of DNP3 Attacks in Smart Grids. IEEE sarnoff symposium.
[7] Nivethan, J., Papa, M. (2016. A Linux-based firewall for the DNP3 protocol. IEEE Symposium on Technologies for Homeland Security.
[8] Bai, J., Hariri, S., Al-Nashif Y. (2014). A Network Protection Framework for DNP3 Over TCP/IP Protocol. IEEE/ACS 11th International Conference on Computer Systems and Applications.
[9] Thibodeau, E., Gilchrist, G. (2012). Introducing Secure Authentication Version 5 for DNP3. 2012 CIGR´E Canada Conference Hilton Montr´eal Bonaventure, September 24-26, 2012.
[10] DNP Users Group. “Distributed Network Protocol (DNP3)” (DNP3- 2012, 2012, 839 pages).
[11] 10. IEEE Standard for Electric Power Systems Communications-Distributed Network Protocol(DNP3).2012.doi:10.1109/IEEESTD.2012.6327578 ISBN 978-0-7381-7292-7.
[12] 11. Xu ,Y., Yang ,Y., Li ,T., Ju ,J. (2017). Review on cyber vulnerabilities of communication protocols in industrial control systems . 2017 IEEE Conference on Energy Internet and Energy System Integration (EI2).
[13] 12. Li , H., Liu ,G., Jiang , W., Dai, Y. (2015). Designing Snort Rules to Detect Abnormal DNP3 Network Data. 2015 International Conference on Control, Automation and Information Sciences (ICCAIS).
[14] 13.Amoah , R., Suriadi , S., Camtepe ,S., Foo, E. (2014). Security analysis of the non-aggressive challenge response of the DNP3 protocol using a CPN model. 2014 IEEE International Conference on Communications (ICC).
[15] 14.Carcano , A., Fovino , I., Masera, M. (2010). Modbus/DNP3 State-based Filtering System. 2010 IEEE International Symposium on Industrial Electronics.