Print Print  
Award Information
Proposal Number: 04110895
Proposal Title: SCADA IDS
Topic Number: H-SB04.1-008
Phase: Phase I
Topic Title: Advanced Secure Supervisory Control and Data Acquisition (SCADA) and Related Distributed Control Systems
Organization: SNVC
Address: 12150 Monument Drive
Suite 510
Fairfax, VA 22033-4063  
Abstract: Legacy Supervisory Control and Data Acquisition (SCADA) has no cyber security - messages are in clear text; messages are unauthenticated; management commands are issued via dial up ports protected by weak passwords and administered by poor password administration practices. This results in either inadequate security or a potential for denial of service. Based on the type of utility infrastructure involved, an intelligent attacker, or threat agent, would focus his/her efforts on the appropriate vulnerability to cause the most damage possible. In the case of electricity, attacks through the backdoor maintenance ports may be more devastating than attacks through the front door SCADA network; by changing protective relay settings, the attacker can effectively disable all built-in protective circuitry within a portion of the electrical grid. In liquids utilities, i.e.; gas, oil and water pipelines, attacks through the front door SCADA network may be more devastating; by repeatedly issuing 'open valve' and 'close valve' messages, a "hammer effect" can be created which could rupture pipelines or damage valves and pumps.
Award/Contract Number: NBCHC040068
Period of Performance: 04/01/2004 - 07/31/2004
Award/Contract Value: $99,850.00
Award/Obligated Amount: $99,850.00