dissertation report 2_3

Faculty of Engineering, Science and the Built Environment

DISSERTATION REPORTDesign & Implementing SCADA System Wireless Sensor to Control Fire Effect in

Refinery

Abubakar H. NurStudent number: 3031355 Page 0

1. ACKNOWLEDGEMENTS

First and foremost, my thank to my supervisor Dr Perry Xiao, who stood up with shoulder to shoulder to simplify all the problems that I encountered, and also his incontrovertible guidance all the way to the end. Then I would like to thank my family, especially my wife for her moral support and understanding during this difficult but productive time, whilst I spent of my time to dedicate to the project. And my last thank goes to my friends, who were present for their assistance and correcting my English writing when I needed them in such difficult situations. To conclude my acknowledgement I would like to say I am grateful to all who ever contribute to this work in any way that is possible morally or physically. I would also like to apologize to all those people that I have unknowingly forgotten to mention her.

I consider myself very lucky to be get help all those people and those times to working with my master dissertation report and I would like to express our gratitude to all the people who helped realising this challenging project on a short time scale.

Our goal is to design interactive systems that are enjoyable to use, that do useful things and that will save the lives of the people who working in Refineries. We want our interactive systems to be accessible, usable and engaging. In order to achieve this we believe that the design of such systems should be human centred. That is, designers need to put people rather than technology at the centre of their design process.

My concept looks somehow like an development area which is came after sensor and wireless communications technologies, digital ecosystems are poised to connect and even fill existing and newly created applications connecting different environments thus giving rise to many promising solutions to pressing problems. Imagine energy and communication webs using software applications enabling users to better regulate

Designing such as this device take time and money. We will be analyses the time and the financial to do this project. The balance between production and consumption of resources is achieved and maintained as a result of competition between the market and designing for good and very active useful product.

Research aims to understand and advance the interweaving of Design & Implementing SCADA System Wireless Sensor to Control Fire Effect in Refinery.

Users are the primary users of the system. We have chosen to have better understanding of different needs and to be able to compare their usage of the system, since they use the system for different usage at different purposes. Identify the range of the wireless and use repeater or put several more Fire Control sensor.


Table of Contents1. Acknowledgements...........................................................................................................1

2. Abstract..............................................................................................................................4

3. Introduction.......................................................................................................................5

4. Project Requirements.......................................................................................................64.1Hardware................................................................................................................................... 6

Fire alarm Sensors............................................................................................................................ 6

4.2Software..................................................................................................................................... 6

5. Technical Issues.................................................................................................................7Price looking in internet.................................................................................................................... 8

6. Designing Topology...........................................................................................................86.1 Fire Alarm Sensor TGS-813 Explained...............................................................................9

WIRELESS ALARM...............................................................................................................10

7. Integrate Hardware and Software................................................................................127.1TESTING RESULTS................................................................................................................. 13

8. THE NEED FOR SECURITY IN PROCESS CONTROL.........................................148.1 THE NEED FOR SECURITY IN PROCESS CONTROL...................................................15

SYSTEMS.................................................................................................................................... 15

8.2 Critical infrastructure.........................................................................................................16

8.3 Develop / explore market potential / strategies if applicable..............................................16

Figure 2 ( google homepage images)...............................................................................................17

9. Security Analyses for ZigBee Wireless Sensor Networks................................................18

10. What's the difference between Wi-Fi and Zigbee.............................................................1810.1 Wi-Fi or ZigBee Wireless.....................................................................................................19

10.2 The comparison of Wi-Fi, Bluetooth and ZigBee....................................................................20

11. Solution.............................................................................................................................2911.1 SCADA Overview..............................................................................................................30

11.2 Security overview...............................................................................................................31

11.3 RTU Security.....................................................................................................................31

11.4 Server Security.................................................................................................................. 31

11.5 Network Security...............................................................................................................31

11.6 Network Access..................................................................................................................32

11.7 Network Segmentation.......................................................................................................32

11.8 External Access..................................................................................................................32

11.9 RF Security........................................................................................................................ 33

11.10 The MODBUS Protocol..................................................................................................33

11.11 Securing MODBUS........................................................................................................33

12. Wireless Networking.......................................................................................................3412.1 Security Protocols..............................................................................................................35


13. Conclusion........................................................................................................................3613.1 Future Work...................................................................................................................... 40

14. References and Bibliographies.........................................................................................41

15. Time Plan..........................................................................................................................43

Table of Figures


2. ABSTRACT

SCADA is a big topic in those days and SCADA System become more useful and very electronics end before and it used for many spectre and widely which the first is enabling technology of the ICT-driven and control. In this paper it would be discussed a design and simulation Design & Implementing SCADA System Wireless Sensor to Control Fire Effect in Refinery and it would be set a model for devices and at the same time enables their interoperability and configurability. It would be solution which is based on the combination of designing and feasibility of the market. It would demonstrate the possibility of getting useful product to achieve the need of the market.

There is an understandable and strong need for a design hardware and software development that lends itself to the design and construction of portable code systems. The current efforts to standardise software give evidence to this need. The both Hardware and software solution which could work together and get the best and possible solution it would be useful. Feasibility evaluation is an assessment of how to make the product which is useful for a stated target audience or intended customer.

It needed I comprehensive series of alarms that identify problems down to the card level. Her it would be used microcontroller and wireless detect.

The better Human Machine interface the more users will like to use it, increasing their satisfaction with the work that you have done. In a Design & Implementing SCADA System Wireless Sensor to Control Fire Effect in Refinery which has different hardware architectures and supporting software systems ranging from compilers to operating systems,

Wireless network fixed nodes must be there first, that is why it is the bases of any kind of communication. In this project, it is based on a medium size company, which has three branches in United Kingdom; this network uses both local area network and wide area network to make it possible the communication between the three cities. The main office is in London, and the other two branches are based on Birmingham and Glasgow, the routing protocols that is being used are Open short path first and Routing information protocol using OPNET Modeller, and the aim of this model is to find out which of the routing protocols are performing better, the parameters being used are End node-To-End node delay, throughput and traffic load, Link failure, traffic received, and traffic sent, the outcome of these parameters, will be shown latter in this project.

Research in this area is large a Design & Implementing SCADA System Wireless Sensor to Control Fire Effect in Refinery is going on and on to this topic, with recommendations for the proper design of Input/Output, menus, icons, forms, as well as data display on the screens in which possibility analysis is a advantageous tool.

There is future improvement both for Electronics industries and Refineries and it could improve refineries works live save.


3. INTRODUCTION

It would believe that the design of such systems should be human centred. It had seen several area before our goals to design interactive systems for example is there place would need and it is and it is the setup product in the market and it is. So it calculates at is useful things and that will save the lives of the people who working in the Refineries. It wanted our interactive systems to be accessible, usable and engaging. In order to achieve this it need to have the best and fast technology in the market.

Before it starts to have the new alarm system it would be looked any existing alarm collection and presentation equipment it already have. It have upgraded alarm system if the system is old system and it is not have any communication with internet and Remote Terminal Unit and look haw it could work to getter the existing alarm equipment and the new.

My concept looks somehow like an development area which is came after sensor and fire alarm communications technologies, digital ecosystems are poised to connect and even fill existing and newly created applications connecting different environments thus giving rise to many promising solutions to pressing problems. Area Imagine energy and communication webs using software applications enabling users to better regulate

We will be analyses the time and the financial to do this project. The balance between production and consumption of resources is achieved and maintained as a result of competition between the market and designing for good and very active useful product and good rate for Refineries.

Research aims to understand and advance the interweaving of Design & Implementing SCADA System Wireless Sensor to Control Fire Effect in Refinery remotely getting information.

Works are the primary users of the system. We have chosen to have better understanding of different needs and to be able to compare their usage of the system, since they use the system for different usage at different purposes. Identify the range of the wireless and use repeater or put several more Fire Control sensor.

The entrepreneur could help and develop this project without problem and help to setup and maintain next 5 years. – need to write a proposal report, and submit it before the deadline.

A SCADA system includes a user interface called a Human Machine Interface (HMI). The HMI of a SCADA system is where data is processed and presented to be viewed and monitored by a human operator. This interface usually includes controls where the individual can interface with the SCADA system.

HMIs are an easy way to standardise the facilitation of monitoring multiple RTUs or PLCs (programmable logic controllers).


http://www.tech-faq.com/scada.html

It would try to solve if that area employs working in remote areas that could not be reached by telephone lines/cables/optical fibres etc. It would be specify how to deal with issues such as bandwidth, scalability, and security.

4. PROJECT REQUIREMENTS

4.1 Hardware

Fire alarm with smoke detector, wireless transmitter circuit, RTU (Router or Switches), Server in save place in the Refineries, Human interface, embedded real time systems assembler for embedded real time systems.

Fire alarm Sensors - The most basic way to fire alarm sensor. This project will use 16F876A and smoke detector to detect smoke and sound a buzzer when smoke detected. Circuit schematic is using very similar to a smoke detector. When these presents are exceeded, you get a contact closure alarm, which translates to a basic high or low fire alarm.

More advanced fire alarm sensors output analogue values. Analogue monitoring allows you to monitor shifting sensor levels at your remote sites. With the right SCADA system, you can use your analogue readings to send alarms based on configurable wireless. Smoke detector wireless connection

with build in remote control encoder and RF transmitter and operate with 9V battery. Wireless Receiver would be Routers or Switches and I would need computer, which are connected to the internet so it can transfer to Human Computer Interface (HCI).

Remote Terminal Units, or RTU’s, is the local control system used to collect the information from the various sensors using fibre-optics, data cable or other hard wiring. In large regional systems, the information may be communicated through radio or wireless technology to the RTU, which is acting like a middle man in the transmission of information. It collects local information and sends it on to the central control station.

The author end it could be server and HMI which are showing the fire alarm are ON or OFF of the room. SCADA is similar, on a smaller scale, to home monitoring systems. Information is collected from the sensors located on each door, window, motion detectors and smoke alarm. Wiring connects these sensors to a home-based control system. This local control system sends the information on to a central control station where people are notified in the event of a Fire station.

4.2 Software

Levels: Applications, Device drivers, embedded real time systems Programming Languages: C, C++, Assembler, Visual Basic etc. Databases: MySQL and SQL Server, Microsoft Access Operating systems: Most Microsoft operating systems example 98/XP/windows 7 etc.

and Linux platforms.

SCADA system is a general term that encompasses several types of control systems, including supervisory control and data acquisition (SCADA) systems, and other control system configurations such as skid-mounted Programmable Logic Controllers (PLC) often


found in the industrial sectors and critical infrastructures. Critical infrastructures are often highly interconnected and mutually dependent systems. This system would save live for approximately 70 per cent end the old fire alarm system in the Refineries.

5. TECHNICAL ISSUES

Smoke detector is device where it uses a battery to operate and transfers the data via RF transmitter and a remote control encoder inside the smoke detector. The interface between Smoke detector and RF transmitter would involve a Microcontroller, which is very important to have this project. Analogue Digital Converter (ADC), which receive data from Smoke detector and converters to the Digital where microcontroller could send to the RF transmitter.

In pig Refineries remotely monitor the room fire alarm of Refineries and fire station staffs. It tries to detector fire for early time and before it could become big damage for the Refineries. It needed to demonstrate and get search and knowledge about the latest technologies in the market, and need to specify what fire alarm detector you are going to use, how data should be transmitted with wireless to the Router or Switch wireless receiver, which are connected to the internet and displayed. Please note that some of the

It needs Fire alarm sensors it can detector smoke in the area, which it monitored and the data could send through internet with help PLC, RTU and routers. Data should be stored a servers which located in different places. The data could display in WWW.

The Servers could install JDS , JAVA, MySQL, TOMECAT and Visual Studio which it help to design and build in the web page and connect to the MySQL database which it save the data for each patient.

Sensors within the process monitor the Remote Terminal Units, or RTU’s, is the local control system used to collect the information from the various sensors using fibre-optics, data cable or other hard wiring. In large regional systems, the information may be communicated through radio or wireless technology to the RTU, which is acting like a middle man in the transmission of information. It collects local information and sends it on to the central control station of input and output at each step of the way. Temperature, flow rate and valves are all monitored by sensors. From a simple process, such as milk pasteurization, to a complex distribution system covering an entire city, SCADA has the capability to monitor a few sensors or millions of sensors.

The monitoring can even be performed remotely from the operator’s home, resulting in fewer calls for alarm situations after hours. SCADA takes the complicated task of monitoring millions of point of information and uses computer technology to present it in centralized, easy to understand ways.

All the technology that is necessary for a device like this is already used in other gadgets, and in matter of software, there are many libraries with code for speech recognition and almost all the features mentioned above, but yet, to the extent of my knowledge, there is no program like this, designed for educational purposes.


My concept looks good understanding designing SCADA and sensors. In matter of software, the device should be able to:

Design a hardware device which is SCADA Fire alarm detector with RF transmitter Sensor.

Detector can detect the smoke if there is Fire alarm in the Refineries. RF transmitter can send data in the router or through PLC.

Price looking in internet

Synology Disk Station DS212 NAS server - Serial ATA-300 Gigabit EN

£214

GSM GPRS RTU -- £110

JDS , JAVA, MySQL, TOMECAT and Visual Studio freeFire alarm Sensors £20Use a Fire Station staffs No paidTotal £823.95

Figure 5.1 is not exactly price

6. DESIGNING TOPOLOGY

Smoke Detector Circuit - Schematic Diagram which the simple schematic diagram of a smoke detector presented here utilizes the gas sensor TGS 813 as the main detecting component. The circuit is pretty easy to build and performs useful fire detection once installed into a possible fire prone zone. They say there cannot be a smoke without a fire; the present concept of smoke alarms is based on this saying and exploits the fact that every fire


http://www.google.co.uk/products/catalog?q=cheap+server&hl=en&gbv=2&prmd=imvns&bav=on.2,or.r_gc.r_pw.r_qf.,cf.osb&biw=1280&bih=812&wrapid=tlif133734884277310&um=1&ie=UTF-8&tbm=shop&cid=1615857998531604633&sa=X&ei=8lK2T5CPC8ul8gO_84WwCg&ved=0CKUBEPMCMAM

http://www.google.co.uk/products/catalog?q=cheap+server&hl=en&gbv=2&prmd=imvns&bav=on.2,or.r_gc.r_pw.r_qf.,cf.osb&biw=1280&bih=812&wrapid=tlif133734884277310&um=1&ie=UTF-8&tbm=shop&cid=1615857998531604633&sa=X&ei=8lK2T5CPC8ul8gO_84WwCg&ved=0CKUBEPMCMAM

http://www.google.co.uk/products/catalog?q=cheap+server&hl=en&gbv=2&prmd=imvns&bav=on.2,or.r_gc.r_pw.r_qf.,cf.osb&biw=1280&bih=812&wrapid=tlif133734884277310&um=1&ie=UTF-8&tbm=shop&cid=1615857998531604633&sa=X&ei=8lK2T5CPC8ul8gO_84WwCg&ved=0CKcBEPICMAM

starts with smoke before taking a foothold. Here the proposed circuit is intended to be used as a warning device against a possible fire hazard by detecting the involved smoke, which fortunately tends to develop before the fire.

Smoke detector is one of the common devices in a house security system. This project will demonstrate how microcontroller will read the smoke detector and react when the smoke detector detects smoke.

6.1 Fire Alarm Sensor TGS-813 Explained

We all know that during combustion or burning of any substance smoke is involved. This smoke is generally a mixture of a number of gases like carbon dioxide, carbon monoxide, carbon hydroxide, methane, propane, butane, isobutene, etc., to name a few. These emanate due to the breaking of the chemical bonds of substances being consumed under the influence of heat or fire.

A gas sensor, as can be understood from the name itself, is a device which can detect or sense the presence of any gaseous element in the atmosphere surrounding it.

They find an important place in numerous applications, with the most common being in fire alarm systems where they are configured as sensors to detect the presence of any smoke content in the air due to a possible fire. Thus an alarm is raised before the fire is able spread to drastic levels.

In this article we will discuss the technical data of gas leakage sensor, and we will take the example of the well-known Japanese made Figaro TGS-813 gas sensor and study its specifications.

Basically TGS-813 is a sintered type of semiconductor primarily made up of tin dioxide (SnO2). When it comes in contact with any gaseous element, its internal resistance immediately drops.

As the concentration of the gas rises, its resistance drops proportionately and can become as low as 20 times to its normal value.


As shown in the diagram, it consists of six terminals, two of which are connected to a heater coil, while the other four contacts are wired across a gas sensing resistor.

To initiate the sensor, a preheating of the heater coil is necessary. It may take approximately three to five minutes before the actual sensing of the gases can take place.

Figure 6.1 Smoke detector

The electrical parameters of the sensor are as follows:

This causes the resistance of LDR to increase and the voltage at base of the transistor is pulled high due to which the COB (chip-on board) is completed. The sensitivity of the smoke detector depends on the distance between bulb and LDR as well as setting on presses VR1. Thus by placing the bulb and the LDR at appropriate distances, one may vary presses VR1 to get optimum sensitivity.

Figure 6.2 Smoke detector Circuit.


http://images.brighthub.com/a7/e/a7e8ac4fa04fac62d897d99f5782bc083b77f196_large.jpg

Interface PIC16F876A with Smoke detectorSmoke detector is a wireless device where it uses a 9V battery to operate and send the signal via RF transmitter and a remote control encoder inside the smoke detector. The interface between PIC16F876A and Smoke detector will involve a RF receiver to receive data from Smoke detector and a remote control decoder PT2272 to decode the received data.Smoke detector connected to RF transmitter:

Figure 6.2 Smoke Detector, RF transmitter with microcontroller and build in Siren.

In this process, the integration of the hardware was implemented with the system that was created before it can be tested to find the weaknesses. The system works. First is to check the hardware connection and make sure it is properly set-up. After that is to test the hardware. If the hardware is working, then it can be processed with the running of a Web based temperature Monitoring System. If there is a problem, the hardware setup must be checked because it may not have been configured correctly.


PIC16F876A

In this project it have been used Microcontroller PIC16F876A which t is easy to program and it is powerful (200 nanosecond instruction execution). CMOS FLASH-based 8-bit microcontroller packs Microchip's powerful PIC architecture into an 28-pin package and is upwards compatible with the PIC16C5X, PIC12CXXX and PIC16C7X devices.

Feature of the device:• 256 bytes of EEPROM data memory• Self programming• ICD (In Circuit Debugging function)• 2 Comparators• 5 channels of 10-bit Analogue-to-Digital (A/D) converter• 2 capture/compare/PWM functions• The synchronous serial port can be configuredas either 3-wire Serial Peripheral Interface(SPI™) or the 2-wire Inter-Integrated Circuit(I²C™) bus• Universal Asynchronous Receiver Transmitter(UART)

Figure 6.3 the pin diagram for PIC16F876A.

For more information about the PIC microcontroller, please refer to the datasheet.


7. THE NEED FOR SECURITY IN PROCESS CONTROL

PCS is pervasive in manufacturing and infrastructure processes. Often, enormous potential safety impacts to the general populace are possible if PCS malfunctions; moderate to severe economic damage is also feasible. At a minimum, PCS unreliability will encourage public discontent and unease.

Security for PCS should be paramount given the potential consequences, and will only grow in importance as newer PCS (with more acute vulnerabilities) are installed. Unfortunately, budgetary restrictions for utilities are often manifest in PCS administration, where funding for personnel and equipment are many times clearly inadequate. Another problem is natural attrition through aging of key personnel in PCS administration and also in utility operations. Finally, corporate social pressures between PCS administrators and IT departments often lead to counterproductive suspicion and inefficient communication between fiefdoms. Often, the arcane nature of PCS implementations is considered the primary defence mechanism through the “security through obscurity” argument. This chimerical theory unfortunately contributes to false confidence. Obscure systems are merely difficult to understand so that the malefactor must make a larger up-front investment to understand the system. Once the requisite knowledge is attained, attack paths are clear and consequences fated.

Another option involves the use of known encryption and authentication standards for TCP/IP, such as IPSec or SSL. These are well-defined and mature options that have numerous implementations. They have been analyzed extensively and have been shown to provide strong security. Linksys, Inc. provides an inexpensive Virtual Private Network (VPN) solution that encapsulates data and transmits it across an insecure TCP/IP network. There are many serial-to- Ethernet transceivers on the market that will convert an existing serial (EIA-232) data source into TCP/IP over Ethernet. The converted packets can then be secured with a VPN solution. The reverse operation at the other end of the data link will return the secure (encrypted and authenticated by the IPSec protocol) TCP/IP packets back to the original serial signal.

The remote monitoring generally focus on patients and their families, although some examine benefits to providers, communities and the health care system. This paper focuses on the patient/family unit and the responsible clinical providers.


Core parameters addressed and evaluated in these patient/family include one or more of the following: access, support, E-health outcomes, quality of care, social isolation and quality of life. These parameters tend to be studied in the context of overall cost, cost effectiveness, health services utilization, acceptability and satisfaction.

-------------------------------------------------------------------------------------------------------------

Industrial control system (ICS) is a general term that encompasses several types of control systems, including supervisory control and data acquisition (SCADA) systems, distributed control systems (DCS), and other control system configurations such as skid-mounted Programmable Logic Controllers (PLC) often found in the industrial sectors and critical infrastructures. ICS are typically used in industries such as electrical, water and wastewater, oil and natural gas, chemical, transportation, pharmaceutical, pulp and paper, food and beverage, and discrete manufacturing (e.g., automotive, aerospace, and durable goods.) These control systems are critical to the operation of the U.S. critical infrastructures that are often highly interconnected and mutually dependent systems. It is important to note that approximately 90 per cent of the nation's critical infrastructures are privately owned and operated. Federal agencies also operate many of the industrial processes mentioned above; other examples include air traffic control and materials handling (e.g., Postal Service mail handling.) This section provides an overview of SCADA, DCS, and PLC systems, including typical architectures and components.

7.1 THE NEED FOR SECURITY IN PROCESS CONTROLSYSTEMS

PCS is pervasive in manufacturing and infrastructure processes. Often, enormous potential safety impacts to the general populace are possible if PCS malfunctions; moderate to severe economic damage is also feasible. At a minimum, PCS unreliability will encourage public discontent and unease.

Security for PCS should be paramount given the potential consequences, and will only grow in importance as newer PCS (with more acute vulnerabilities) are installed. Unfortunately, budgetary restrictions for utilities are often manifest in PCS administration, where funding for personnel and equipment are many times clearly inadequate. Another problem is natural attrition through aging of key personnel in PCS administration and also in utility operations. Finally, corporate social pressures between PCS administrators and IT departments often lead to counterproductive suspicion and inefficient communication between fiefdoms. Often, the arcane nature of PCS implementations is considered the primary defence mechanism through the “security through obscurity” argument. This chimerical theory unfortunately contributes to false confidence. Obscure systems are merely difficult to understand so that the malefactor must make a larger up-front investment to understand the system. Once the requisite knowledge is attained, attack paths are clear and consequences fated.


7.2 Critical infrastructure

Electric power is often credited with being the first infrastructure sector to deploy PCS extensively. Originally known as SCADA, the system was designed to allow irregular operation of remote devices, and often used tone control as a protocol. Water sourcing, treatment, and distribution utilities later added remote sensing and control, as did fossil fuel refining and distribution networks. Eventually, the original primitive technology was replaced with modern digital/analog hybrid networks based on contemporary communication protocols and microprocessors.

Currently, infrastructure utilities rely very heavily on their PCS systems in real-time, and they have been in use for so long that it is unclear how successful or efficient manual operations would actually be. Furthermore, there are considerations concerning the uncertain results of intrusion, as these scenarios have not been adequately enumerated. Each utility should address their PCS as a hypercritical system by using very tight security safeguards. The PCS has enormous value by reducing costs and improving performance through automation, and this value must be reflected in the system’s security.

7.3 Develop / explore market potential / strategies if applicable

The Refinery Monitoring and Control System There are currently 35,000 sensors and actuators in use in the refinery to perform real-time monitoring of industrial operations such as leakage detection, measurement of pressure in the pipes, fluid levels and of the overall environment. The monitoring of the environment in a refinery provides essential information to ensure the good health of the refinery and its production processes. In the oil refinery three subsystems exist for the monitoring and control of the plant: the indicator system, the control system, and the emergency system, as shown in Figure 2.

Refineries are in need and around 60% - 70% have old system which is was very old and need to new system and very active in it was before.


Figure 2 ( google homepage images)

All the technology that is necessary for a device like this is already used in other gadgets, and in matter of software, there are many libraries with code for speech recognition and almost all the features mentioned above, but yet, to the extent of my knowledge, there is no program like this, designed for educational purposes.

My concept looks somehow like an big project which is give me good understanding designing SCADA and sensors.

In matter of software, the device should be able to: Design a hardware device which is control, SCADA WIRELESS SENSOR. Sensor can detect the fire with wirelessly. Sensor can give alarm and alarmed could heard.


8. SECURITY ANALYSIS FOR ZIGBEE WIRELESS SENSOR NETWORKS

Wireless sensor networking is a challenging and emerging technology that will soon become an inevitable part of our modern society. Today wireless sensor networks are broadly used in industrial and civilian application areas including environmental monitoring, surveillance tasks, healthcare applications, home automation, and traffic control.

The challenges for research in this area are due to the unique features of wireless sensor devices such as low processing power and associated low energy. On top of this, wireless sensor networks need secure communication as they operate in open fields or unprotected environments and communicate on broadcasting technology. As a result, such systems have to meet a multitude of quantitative constraints (e.g. timing, power consumption, memory usage, communication bandwidth) as well as security requirements (e.g. authenticity, confidentiality, integrity).

One of the main challenges arise in dealing with the security needs of such systems where it is less likely that absolute security guarantees can be sustained {because of the need to balance security against energy consumption in wireless sensor network standards like ZigBee.

This dissertation builds on existing methods and techniques in different areas and brings them together to create an efficient verification system. The overall ambition is to provide a wide range of powerful techniques for analyzing models with quantitative and qualitative security information.

We stated a new approach that first verifies low level security protocol s in a qualitative manner and guarantees absolute security, and then takes these very _ed protocols as actions of scenarios to be verified in a quantitative manner. Working on the emerging ZigBee wireless sensor networks, we used probabilistic verification that can return probabilistic results with respect to the trade off between security and performance.

In this sense, we have extended various existing ideas and also proposed new ideas to improve verification. Especially in the problem of key update, we believe we have contributed to the solution for not only wireless sensor networks but also many other types of systems that require key updates. Besides we produced automated tools that were intended to demonstrate what kind of tools can developed on different purposes and application domains.

9. WHAT'S THE DIFFERENCE BETWEEN WI-FI AND ZIGBEE

There are many different wireless protocols out there, but the ones that most people have heard of are Wi-Fi and Bluetooth because these are used in devices that lots of us have, mobile phones and computers. There is a third alternative called ZigBee that is designed for control and instrumentation. What are the differences?


Wi-Fi is a direct replacement for a wired Ethernet cable and is used in the same situations to avoid running wires everywhere. The benefit of Wi-Fi is that it can connect to an existing network hub or router, which means that a PC doesn’t have to be left on to access a device using Wi-Fi. Remote access products like IP cameras use Wi-Fi so they can be connected to a router and accessed across the Internet. Wi-Fi is useful but not simple to implement unless you just want to connect a new device to your existing network.

Bluetooth is generally used for point to point communication, although Bluetooth networks can be established quite easily. Typical applications we are all familiar with allow data transfer from mobile phones to PCs. Bluetooth wireless is the best solution for these point to point links, as it has high data transfer rates and, with the right antenna, very long ranges of up to 1KM in ideal circumstances.

The commonest application we deal with is replacement of serial cables by using a serial to Bluetooth converter on one end e.g. solar panel array, and a USB to Bluetooth adapter to connect to a laptop or PC on the other end. These types of link are very easy to setup, often by just pressing a pairing button on the units to create a permanent Bluetooth link.

Bluetooth can also be used to create small ad-hoc networks, often with one USB to Bluetooth convertor as the master and up to 4 serial to Bluetooth adapters as slaves. Have a look at our Bluetooth Wireless Guide for more information.

What about ZigBee wireless? This is a wireless protocol that also operates in the 2.4GHz band, like Wi-Fi and Bluetooth, but it operates at much lower data rates. The main advantages of ZigBee wireless are

Low power consumption Very robust network Up to 65,645 nodes Very easy to add or remove nodes from the network

This makes it ideal for control and monitoring applications, such as home automation or smart metering. A Guide to ZigBee Wireless Networks covers ZigBee in more depth. This guide also has a full comparison between Wi-Fi, Bluetooth and ZigBee wireless solutions.

1. Both are short-range wireless communications technology; 2. Are using 2.4GHz frequency band; 3. Are based on DSSS technology; Differences:

1. Transmission at different speeds. ZigBee transmission speed is not high (raw data rate250Kbps), but low power consumption, battery-powered general can use more than 3 months; Wi-Fi, is often


http://www.kanda.com/zigbee-wireless.html

http://www.kanda.com/serial-wireless.html

said that the wireless LAN, a large rate (11Mbps), power consumption is also large, the general external Power;

2. different applications.

ZigBee for low rate, low-power situations, such as wireless sensor networks for industrial control, environmental monitoring, smart home control and other fields. Wi-Fi, is generally used to cover a certain range (such as a building) wireless network technology (about 100 meters range). Zigbee generally needs an always-on coordinator node. Wi-Fi generally needs a wireless router. Wi-Fi is widely used for wireless Internet access.LinkSprite developed a mesh-network Wi-Fi street lighting control system that doesn't need a Wi-Fi router.

3. ZigBee market status as an emerging technology, from 2004 released the first version of the standard has been in the midst of rapid development and promotion of them; now because of cost, reliability reasons, no large-scale promotion; Wi-Fi, Technology very mature, the application has a lot. In general, the larger the difference between the two, positioning is different between those competitions is not great. But technically the two have most in common; mutual interference between the two is quite large, especially for the ZigBee Wi-Fi interference.

9.1 The comparison of Wi-Fi, Bluetooth and ZigBee

In this month, I’d like to introduce the comparison of Wi-Fi, Bluetooth and ZigBee.

Wi-Fi is a trademark of the Wi-Fi Alliance that may be used with certified products that belong to a class of wireless local area network (WLAN) devices based on the IEEE 802.11 standards.

Wi-Fi allows local area networks (LANs) to be deployed without wires for client devices, typically reducing the costs of network deployment and expansion. Spaces where cables cannot be run, such as outdoor areas and historical buildings, can host wireless LANs.


http://www.sena.com/blog/wp-content/uploads/2010/02/wifi_logo.jpg

Wireless network adapters are now built into most laptops. The price of chipsets for Wi-Fi continues to drop, making it an economical networking option included in even more devices. Wi-Fi has become widespread in corporate infrastructures.

Different competitive brands of access points and client network interfaces are inter-operable at a basic level of service. Products designated as “Wi-Fi Certified” by the Wi-Fi Alliance are backwards compatible. Wi-Fi is a global set of standards. Unlike mobile phones, any standard Wi-Fi device will work anywhere in the world.

A typical wireless router using 802.11b or 802.11g with a stock antenna might have a range of 32 m (120 ft) indoors and 95 m (300 ft) outdoors. Due to reach requirements for wireless LAN applications, power consumption is fairly high compared to some other standards.

Because of the very limited practical range of Wi-Fi, mobile use is essentially confined to such applications as inventory taking machines in warehouses or retail spaces, barcode reading devices at check-out stands or receiving / shipping stations.

ZigBee is a low-cost, low-power, wireless mesh networking proprietary standard. The low cost allows the technology to be widely deployed in wireless control and monitoring applications, the low power-usage allows longer life with smaller batteries, and the mesh networking provides high reliability and larger range.

ZigBee operates in the industrial, scientific and medical (ISM) radio bands; 868 MHz in Europe, 915 MHz in the USA and Australia, and 2.4 GHz in most jurisdictions worldwide. The technology is intended to be simpler and less expensive than other WPANs such as Bluetooth.

Because ZigBee can activate (go from sleep to active mode) in 15 msec or less, the latency can be very low and devices can be very responsive — particularly compared to Bluetooth wake-up delays, which are typically around three seconds. Because ZigBees can sleep most of the time, average power consumption can be very low, resulting in long battery life.

ZigBee protocols are intended for use in embedded applications requiring low data rates and low power consumption. ZigBee’s current focus is to define a general-purpose, inexpensive, self-organizing mesh network that can be used for industrial control, embedded sensing, medical data collection, smoke and intruder warning, building automation, home automation, etc. The resulting network will use very small amounts of power – individual devices must have a battery life of at least two years to pass ZigBee certification.

The ZigBee work in 2.4GHz band, this is free band and multi of networks have a high power, high data rate and high frequency work in this band. This networks have adversely effect on the ZigBee; interference problem. In this paper we studied the mutual interference effect between ZigBee and Wi-


http://www.sena.com/blog/wp-content/uploads/2010/02/zigbee_logo.jpg

Fi devices. In the future we can proposed scheme comes to reduce from one of the major problems facing the ZigBee; interference.

4. The key characteristics of Wi-Fi and Zigbee.

ZigBee Wi-FiRange 10-100 meters 50-100 metersNetworking Topology Ad-hoc, peer to peer, star, or

meshPoint to hub

Operating Frequency 868 MHz (Europe)900-928 MHz (NA), 2.4 GHz (worldwide)

2.4 and 5 GHz

Complexity (Device and application impact)

Low High

Power Consumption (Battery option and life)

Very low (low power is a design goal)

High

Security 128 AES plus application layer security

Typical Applications Industrial control and monitoring, sensor networks, building automation, home control and automation, toys, games

Wireless LAN connectivity, broadband Internet access

This entry was posted on Thursday, February 25th, 2010 at 5:06 am and is filed under Bluetooth. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response or trackback from your own site.

Security Issues with Wi-Fi and ZigBee

There is hardly a consumer product today that does not have one or more wireless interfaces. Cell phones typically add Wi-Fi radios. In home thermostats, “smart appliances,” and power meters using ZigBee® are starting to enable power monitoring and regulation via the Smart Grid, while ZigBee RF4CE-powered remote controls make life even easier for “couch potatoes.”

Each of these protocols has security issues that, if not recognized and addressed at the design stage, can have serious repercussions. This article will examine the security issues with these widely used wireless protocols. It will take a chip- and protocol-oriented approach and avoid issues like computer security or problems relating to different network topologies, each of


http://www.sena.com/blog/wp-trackback.php?p=359

http://www.sena.com/blog/?p=359#respond

http://www.sena.com/blog/?feed=rss2&p=359

http://www.sena.com/blog/?cat=4

which deserves a separate article, if not a book.

Wi-Fi

With over a billion Wi-Fi chipsets shipping each year, the Wi-Fi Alliance’s claim that “Wi-Fi is everywhere” is hardly an exaggeration. While Wi-Fi is by far the most widely used wireless networking protocol, it has gone through numerous iterations in an attempt to resolve its security problems, which are now arguably behind it – with one caveat.

WEP When the original IEEE 802.11 standard was ratified in September 1997, it relied on the wireless equivalency protocol (WEP) for security. In the shared-key authentication version of WEP, the client sends an authentication request to the access point, which replies with a plain text challenge; the client then encrypts the challenge using a WEP key and sends it back. If the returned key matches, access is granted.

WEP uses the RC4 stream cipher, the same one used in secure socket layers (SSL) to protect Internet traffic. Initially 64-bit WEP used a 40-bit key (later 104 bits) that was concatenated with the 24-bit initialization vector (IV) to form the RC4 key. Unfortunately the IV key was transmitted as plain text and used repeatedly, making it fairly straightforward for an eavesdropper to recover the key. When the FBI was able to crack WEP encryption within three minutes, the search for a better mousetrap began.

WPAWhile the IEEE was working on IEEE 802.11i, in April 2003 the Wi-Fi Alliance rolled out Wi-Fi Protected Access (WPA) based on a subset of that pending standard. For encryption, WPA used the Temporal Key Integrity Protocol (TKIP), which generated a new 128-bit key for each packet, thereby plugging the major security hole in WEP.

To verify the integrity of packets, WPA uses much stronger message authentication codes than the cyclical redundancy checks (CRC) used by WEP. WPA relies on IEEE 802.1X, which defines an authentication mechanism for 802.11 networks. For enterprise users, WPA uses the Extensible Authentication Protocol (EAP) – specifically EAP-TLS, which provides transport layer security; for residential and consumer users, WPA uses a pre-shared key (PSK) system. While WPA is far more secure than WEP from passive attacks, its PSK implementation can be fairly easily cracked by a brute force attack if you have a weak password.

WPA was always intended as an interim solution until IEEE 802.11i was ratified. WPA is far more robust than WEP but not nearly as strong as WPA2, which replaced it.

WPA2The Wi-Fi Alliance rolled out WPA2 based on IEEE 802.11i after it was ratified in June 2004. IEEE 802.11i added two new handshake protocols to the original 802.11 specification in order to enable robust security network associations (RSNAs).

For encryption, WPA2 utilizes the Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP), which does AES encryption using a 128-bit key and a 128-bit block size. CCMP replaced TKIP, which had proved vulnerable to a variety of attacks. Without getting into the details of AES encryption, suffice it to say it has been the Mount


Everest of code crackers since the National Institute of Standards and Technology (NIST) first introduced it in 2001. It took ten years before the first successful key recovery attack on AES-128, which required 2126.1 operations. Bottom line: Wi-Fi with WPA2 is quite secure.

Table 1 summarizes the major differences between WEP, WPA, and WPA2. Texas Instruments’ “Introduction to Wi-Fi Technology” product training module (PTM) provides a good overview of the technology, including security protocols.

WEP WPA WPA2Encryption Manual key assignment

shared keys using Rivest cipher 4 (RC4) stream) cipher

TKIP based on RC4 stream cipher

Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) with 128 bit AES block cipher

Data Integrity Linear hash function Cryptographic hash function

Key Management No YesReplay detection No Yes

Table 1: Her is Comparison table of WEP, WPA, and WPA2 (Courtesy Wi-Fi Alliance).

There is still one weak spot in Wi-Fi security: Wi-Fi Protected Setup. For the average non-geek user, setting up a Wi-Fi network can be a daunting task. In 2007, the Wi-Fi Alliance introduced Wi-Fi Protected Setup, which greatly simplifies the procedure. Now instead of having to manually enter PSKs and SSIDs, users can simply enter a PIN code or even push a button on the router while the access point is nearby, quickly pairing the two devices. But the usual trade-off for increased simplicity is decreased complexity, which in this case resulted in reduced security. Wi-Fi Protected Setup has some well-documented design flaws that leave it open to equally well-documented brute force attacks. The bottom line is if your router features Wi-Fi Protected Setup and you're a geek – turn it off. SSIDs just aren’t that intimidating. If you’re designing an embedded device that uses Wi-Fi, don’t enable this feature.


Figure 1: Three generations of Wi-Fi share the air.

In 2004, the Wi-Fi Alliance officially deprecated WEP, and since 2006, WPA2 has been mandatory in order to receive official certification. So it was with considerable surprise when I turned on my 2.4 GHz packet sniffer and discovered that some of my neighbors were still using the older technology (see Figure 1). While three of us are using WPA2 (RSNA-CCMP), 2WIRE464 is using WPA (WPA-TKIP) and two others are relying on WEP. If you’re concerned about Wi-Fi security, start by checking out your existing equipment. New embedded designs will certainly use the newer protocols.

Wi-Fi SolutionsThe simplest way to resolve problems is to avoid them in the first place; when adding Wi-Fi to your embedded design, choosing to go with a module ensures that security issues are covered. Digi-Key stocks quite a number of Wi-Fi modules, including the RabbitCore RCM5400W from Digi International, a C-programmable Wi-Fi core module; a Wi-Fi adaptor board from Future Designs; plus an assortment of modules from Multi-Tech Systems, RFM, and Sagrad.

If you choose to develop your own Wi-Fi designs, several manufacturers make evaluation and/or development kits to assist in that effort. CSR PLC makes the Radio Pro™ reference design kit for developing Wi-Fi-based Internet applications. RFM’s WSN802GDK-A development kit includes a router and a board based on its WSN802G transceiver module designed for 802.11g sensor networks. Texas Instruments’ CC3000FRAMEMK is a full turnkey Wi-Fi evaluation and demonstration tool for MSP430™ FRAM MCUs and TI's Simplelink™ Wi-Fi. Freescale Semiconductor’s TWR-WI-FI-G1011MI kit enables you to design 802.11b-based applications using their Kinetis® Tower development system. Finally, Digi International’s Wi-ME S integration kit lets you evaluate their Digi Connect Wi-ME modules for your intended design.

ZigBee

Some of the spikes on the panoramic display in Figure 1 are from nearby ZigBee devices. ZigBee – like Bluetooth, 6LoWPAN, WirelessHART, and a number of others – is based on IEEE 802.15.4, which defines the PHY and MAC layers for low cost, low power, low data rate wireless personal area networks (LR-WPANs). ZigBee typically operates in low-power mesh or star sensor networks, providing a maximum data rate of 250 kbps.

The IEEE 802.15.4-2003 specification defines not one, but several different PHYs depending on the modulation type and operating frequency. Three of the PHYs support DSSS in the 868/915 MHz bands using either OBPSK or QPSK, the latter being used in the 2.4 GHz ISM band. ZigBee uses the two PHY layers that operate in the 868/915 MHz and 2.4 GHz bands. ZigBee occupies 16 non-overlapping channels in the 2.4 GHz band (worldwide) and ten channels on the 915 MHz band in the U.S.

The IEEE 802.15.4-2003 MAC sub-layer controls access to the radio channel using a CSMA-CA mechanism. Its responsibilities may also include transmitting beacon frames, synchronization, and providing a reliable transmission mechanism.

ZigBee implements most security procedures (see Figure 4) at the network (NWK) and


application support sub-layer (APS). These services include methods for key establishment, key transport, frame protection, and device management. The security suite is AES-CCM, a 128-bit symmetric key block cipher algorithm, making ZigBee basically as secure as Wi-Fi – if you set it up correctly. There are several suites of ZigBee security services with ascending security levels:

No security Confidentiality: AES-CTR Authentication: AES-CBC-MAC with 32-, 64-, or 128-bit MAC Confidentiality and Authentication: AES-CCM with 32-, 64-, or 128-bit MAC

Figure 4: Security in the ZigBee Stack (Courtesy ZigBee Alliance).

The available security services depend on the security suite. There are also some recommended implementation options:

Use a key sequence counter Use the “Protected-ACK” frame type Use a Trust Reference Value (TRV) Use Flash memory to store nonce states

ZigBee RF4CEZigBee RF4CE is an even lower power, simplified version of the ZigBee architecture (see


Figure 5) designed to replace IR-based remote controls in consumer electronics. Operating in the 2.4 GHz band, RF4CE only hops over three channels instead of ZigBee’s 16; and it simplifies the pairing mechanisms while still utilizing an AES-128 CCM security scheme. While it is possible, it is unlikely that anyone will be able to hack into your RF4CE-connected embedded device. However, if you are considering using RF4CE for a mission critical application, think twice before using such a simple protocol.

Figure 5: ZigBee RF4CE architecture (Courtesy ZigBee Alliance).

ZigBee SolutionsThe increasing popularity of ZigBee in embedded applications is apparent from the large number of evaluation and/or development boards available from Ember, Digi

International/MaxStream, LS Research, CEL, NXP Semiconductors, and STMicroelectronics.

If you’re looking for a ZigBee RF front-end – integrating a PA and LNA – Skyworks, RFMD, Texas

Instruments, and CEL have it covered. If you would rather design from scratch, as of this writing Digi-Key stocks 211 ZigBee transceivers from which to choose.

If you’re still not convinced that ZigBee makes sense for your application, check out the RFM

ZigBee product training module, which addresses the question “Why ZigBee?” in some detail.

Summing Up

Embedded designs are increasingly wireless, often sporting several different RF interfaces. While this makes them more capable it also opens up potential security holes that must be understood during the planning phase and addressed at the design stage. By understanding the potential risks and designing around them, security drops out of the equation and the choice between Wi-Fi, Bluetooth, and ZigBee comes back to features, functions, and price—which is as it should be.


10. SOLUTION

Modern public infrastructure systems use Supervisory Control and Data Acquisition (SCADA) systems for daily operation. This includes water treatment systems; electric power transmission, distribution, and generation; petroleum storage and refineries; and other public infrastructure systems. The SCADA system provides monitoring, data analysis, and control of the equipment used to manage most public infrastructure systems. The SCADA network is comprised of various communication devices. Routers, switches, wireless equipment, serial connections, proprietary hardware monitors, and various computers are used. This project will examine common SCADA control network implementations to determine possible weaknesses and solutions.

SCADA Systems

SCADA systems are used to control dispersed assets where centralized data acquisition is as important as control [3] [4]. These systems are used in distribution systems such as water distribution and wastewater collection systems, oil and natural gas pipelines, electrical utility transmission and distribution systems, and rail and other public transportation systems. SCADA systems integrate data acquisition systems with data transmission systems and HMI software to provide a centralized monitoring and control system for numerous process inputs and outputs. SCADA systems are designed to collect field information, transfer it to a central computer facility, and display the information to the operator graphically or textually, thereby allowing the operator to monitor or control an entire system from a central location in real time. Based on the sophistication and setup of the individual system, control of any individual system, operation, or task can be automatic, or it can be performed by operator commands.

SCADA systems consist of both hardware and software. Typical hardware includes an MTU placed at a control centre, communications equipment (e.g., radio, telephone line, cable, or satellite), and one or more geographically distributed field sites consisting of either an RTU or a PLC, which controls actuators and/or monitors sensors. The MTU stores and processes the information from RTU inputs and outputs, while the RTU or PLC controls the local process. The communications hardware allows the transfer of information and data back and forth between the MTU and the RTUs or PLCs. The software is programmed to tell the system what and when to monitor, what parameter ranges are acceptable, and what response to initiate when parameters change outside acceptable values. An IED, such as a protective relay, may communicate directly to the SCADA Server, or a local RTU may poll the IEDs to collect the data and pass it to the SCADA Server. IEDs provide a direct interface to control and monitor equipment and sensors. IEDs may be directly polled and controlled by the SCADA Server and in most cases have local programming that allows for the IED to act without direct instructions from the SCADA control centre. SCADA systems are usually designed to be fault-tolerant systems with significant redundancy built into the system architecture.

Figure 13.1 shows the components and general configuration of a SCADA system. The control centre houses a SCADA Server (MTU) and the communications routers. Other control centre components include the HMI, engineering workstations, and the data historian, which are all connected by a LAN. The control centre collects and logs information gathered by the field sites, displays information to the


HMI, and may generate actions based upon detected events. The control centre is also responsible for centralized alarming, trend analyses, and reporting. The field site performs local control of actuators and monitors sensors. Field sites are often equipped with a remote access capability to allow field operators to perform remote diagnostics and repairs usually over a separate dial up modem or WAN connection. Standard and proprietary communication protocols running over serial communications are used to transport information between the control centre and field sites using telemetry techniques such as telephone line, cable, fibre, and radio frequency such as broadcast, microwave and satellite.

MTU-RTU communication architectures vary among implementations. The various architectures used, including point-to-point, series, series-star, and multi-drop [5], are shown in Figure 2-3. Point-to-point is functionally the simplest type; however, it is expensive because of the individual channels needed for each connection. In a series configuration, the number of channels used is reduced; however, channel sharing has an impact on the efficiency and complexity of SCADA operations. Similarly, the series-star and multi-drop configurations’ use of one channel per device results in decreased efficiency and increased system complexity.

Figure 10.1 General Layout for SCADA System

10.1 SCADA Overview

SCADA systems are used in industrial and civil engineering applications to control and monitor distributed systems from a central location. SCADA solutions are implementedin a wide variety of industries including Electric power generation, transmission, and distribution, Environmental Control Systems, Traffic Signals, Water management systems,and Manufacturing systems. Hardware solutions utilize switches, pumps, and other devices that are controlled by Remote Telemetry Units (RTU). Sever units then monitor the hardware and collect values, as well as provide control features that allow the operator remotely manage the physical equipment. The server unit runs a management package that typicallyruns on top of a Unix variant, although many vendors are beginning to provide Microsoft Windows support. A Human-machine interface allows the operator to view the state of the plant equipment. Dumb terminals or PC’s usually host this interface. Alarms are used to alert the operator that intervention is required to keep things running smoothly. A wide variety of networking equipment is then used to connect all of these components together. Wireless technology is popular for its ability to span long distances with minimal equipment. Fiber


gives greater reliability but incurs far more expense. Serial technologies utilize dedicated copper wiring or Telco POTS lines. Common protocols include Modbus and DNP3. Although originally designed to run on low-bandwidth proprietary networks, many protocols have included extensions to operate over TCP/IP. Figure 1 shows a simple SCADA network implementation. The system involves a Server unit that controls a serial based traffic signal system, as well as a water treatment plant and several stream flow monitors connected using wireless technology in the 2.4 GHz range. Two monitoring stations provide user control of the system.

10.2 Security overview

Due to the nature of what they control, SCADA networks are part of our nation’s critical infrastructure and require protection from a variety of threats. When initially designed, SCADA equipment was designed for maximal functionality. As a result many security risks were exposed to maximize the communication efficiency. This makes many SCADA networks potentially vulnerable to attack. These attacks could result in disruption of service,manipulation of data, or unauthorized control of the connected equipment. The United States Department of Energy states that: “Action is required by all organizations, government or commercial, to secure their SCADA networks as part of the effort to adequately protect the nation’s critical infrastructure.” (U.S. Dept. Of Energy, 2002) This paper will address several potential vulnerabilities of SCADA systems and possible solutions. The report will be broken down into 5 parts: RTU’s, Server security, Protocol Analysis, Network infrastructuresecurity, as well as miscellaneous topics.

Figure 10.2 Single Firewall using in SCADA


Because of the stringent requirements of SCADA systems with regard to timing, availability, and data processing, firewall rules have to be tailored for the various protocols and network services. The Industrial Automation Open Networking Association (IAONA) developed protocol guidelines for network services that accommodate the unique SCADA system characteristics. These guidelines for communications with SCADA systems are summarized in Table 3-6. The services provided by the protocols are summarized in Tables 3-3 and 3-5.Protocols supporting real-time data acquisition and control in manufacturing and process control applications began as proprietary solutions offered by control equipment manufacturers. These protocols and associated communication buses met the needs of users and were widely applied. The next steps in the evolution of SCADA protocols were the development of open-standard protocols and the adoption of Ethernet and Internet technologies. With these changes, particularly the use of the Internet architectural elements and connections to transmit and receive data involving SCADA systems, security issues are now of concern. Proper use of the SCADA protocols coupled with network security devices such as firewalls can provide SCADA users with secure, efficient, and cost-effective communication means.

10.3 RTU Security

The RTU, or Remote Telemetry Unit is a device which interfaces objects in the physical world to a SCADA system. An example of this is attaching an RTU to a water pump toallow monitoring and control of the pump. Serial and Ethernet interfaces are common on these units, as well as null-modem management interfaces. Physical security must first be evaluated. Secure facilities must be acquired which limits access to authorized personnel only. Secondly, the RTU configuration must be analyzed. Management interfaces should be disabled or utilize the strongest authentication. Firmware should be upgraded to the latest stable release. All unused features should be disabled.

10.4 Server Security

The Server unit is vulnerable to several types of attack. Unauthorized access may be obtained using a network or modem based attack, or by visiting the physical location. Another risk is an attack that damages the server and makes it inoperable. Security must first be obtained through restricting access to authorized users only. Physically locate the server in a safe location that restricts access to authorized users only. Proper access controls should be implemented to verify the identity of the user. If passwords are used they should be changed frequently. Biometric devices are also helpful. The operating system must also be hardened. Any unnecessary software and services should be removed. Apply all stable patches to the system. Communication protocols must be configured for maximal security. Protocol security is covered in greater depth in the section labeled “Protocol Security.”

10.5 Network Security

The network infrastructure is the most visible piece of the SCADA system, which makes it an obvious location for attack. As security provider Riptech points out, there is a common misconception that SCADA networks use strong access controls. In reality most SCADA systems utilize hardware from many different manufactures which require the integration of


different communication standards. (Riptech Inc, 2001) The result is often usually a very functional system, but due to the increased complexity security concerns are often ignored. A second misconception is the belief that the SCADA system resides on a separate standalone network. Most SCADA systems were originally built on separate standalone networks, but were eventually bridged as a result ofchanges in information management practices. The need for real-time data became desirable on the corporate network. Corporate decision makers wanted the critical data from their operations systems. Many of these connections are implemented without a full understanding of the security risks. In addition to these misconceptions certain network mediums present their own set of security risks. Sniffing, Denial of Service (DOS) and spoofing attacks are all serious threats. There are several steps that can be taken to minimize the threat and impact of such vulnerabilities and attacks.

10.6 Network Access

All network connection points must be identified. This includes Ethernet ports, Wireless Links, and Serial connections. All unused and unnecessary ports need to be disabled. The network architecture should be segmented in such a way to provide access control between different segments. Data warehousing and server network segments should be especially well secured.

10.7 Network Segmentation

In spite of the best security practices there still exists a possibility that an attacker may gain unauthorized access. Network IDS systems provide an additional layer of monitoring to alert you to the presence of unauthorized access. An IDS system is basically a network vacuum that contains advanced data analysis tools to examine network traffic and identify likely attacks. Network IDS systems should be established on both the internal network, as wellas the connecting external networks to monitor for incidents.

10.8 External Access

In certain instances external access to the SCADA network may be necessary. Vendors may need access, or connections to the corporate network may be necessary. Every one of these connections presents a serious threat. It is extremely important that all external access points be identified. Determine what specific access is needed. Identify the methods used to connect. All access points should implement proper security measures. Firewalls and IDS monitors should be used. Firewall rules should be as specific as possible, allowing only the bare minimum access to the SCADA network. Make sure to implement outbound filtering as well to prevent internal SCADA hosts from accessing hosts on the external networks. Any communication that is happening between the SCADA network and other networks should utilize secure protocols. Plaintext protocols present the greatest threat and should be secured.

One technique of securing plaintext communication is to wrap the communication inside a VPN tunnel. A VPN creates a virtual route between two networks where all data that is transmitted is encrypted. Desirable VPN products utilize IPSEC and SSL encryption. Avoid products using PPTP as it has been shown defective. Access controls should also be implemented to restrict access to specific IP address ranges to minimize the likelihood that a potential attacker would even discover the service as is shown in


10.9 RF Security

Wireless communications devices are popular for SCADA networks due to the long distances between monitoring stations. A typical architecture involves point-to-point links operating at either 900 MHz or 2.4 GHz. Newer systems are adopting the 802.11 standards while legacyutilize proprietary data link level protocols. The security of 802.11 is an entire subject to itself and this paper will not attempt to cover it. The focus of this section is to identify the common wireless threats to the RF transmission. Wireless communication presents a huge security and stability problem. The broadcast nature of the data allows it to be recorded and analyzed at a later date. At this point 128 bit encryption provides adequate protection fromthis attack. The control features of SCADA networks require that adequate bandwidth be available to transmit data to the RTU. This is hard to guarantee when using wireless technologies. Each frequency has a limited amount of bandwidth so competing devices may take bandwidth. A hostile attack is also possible using an RF generation device. By transmitting random RF noise it is possible to flood the available frequency space and block the SCADA control traffic. This attack is easily tracked with the proper directional antennas, but the temporary loss of control could prevent corrective action at the RTU and cause an accident. Several actions can be taken to reduce the risk of this attack, but it is physically impossible to prevent it when using the public airspace for transmission. Highly directional antennas will reduce the amount of interfering RF signal. Acquiring licenses for limited use commercial frequencies will reduce interference, but the potential for signal jamming still exists. Wireless does not provide the service guarantee needed for mission critical control systems. It is however a good method for monitoring and control of non-essential RTU’s where the loss of communication is unlikely to cause an incident.

10.10 The MODBUS Protocol

The MODBUS protocol is currently one of the most popular protocols for use with SCADA systems. It is an application layer messaging protocol that provides client/server communication between devices connected through different types of busses or networks. It has been an industry standard for device automation using serial communication since 1979. Today the protocol has been adapted to function over TCP/IP, where it uses TCP port 502. Figure 3 shows the basic protocol structure for both serial and TCP/IP communication. MODBUS is a request/reply protocol. The packet is broken down into an application data unit (ADU) which contains a simple protocol data unit (PDU). The PDU contains a one byte function code and the data field. The data field contains additional information that the serveruses to take the defined action.

10.11 Securing MODBUS

When MODBUS was developed in the 70’s it provided adequate security for the current threats being faced. Most communication was taking place on isolated serial networks using private lines. Attacks required a very specific knowledge of which lines were being use, and generally required physical access. With the TCP implementation the security rules have changed. Interconnected networks span the globe allowing creative attackers to potentially


exploit the system from anywhere around the globe. The clear-text nature of the protocol makes it especially vulnerable. Monitoring data can be gathered with ease, and passwords may be gleaned from the transmission. In order to protect this protocol we must wrap it inside an encryption medium. An IPSEC VPN connection should be used to encapsulate the traffic whenever it is traveling across a vulnerable medium. Some examples of vulnerable mediums include non-SCADA and wireless networks.

11. WIRELESS NETWORKING

The ZigBee work in 2.4GHz band, this is free band and multi of networks have a high power, high data rate and high frequency work in this band. This networks have adversely effect on the ZigBee; interference problem. In this paper we studied the mutual interference effect between ZigBee and Wi-Fi devices. In the future we can proposed scheme comes to reduce from one of the major problems facing the ZigBee; interference.

Wireless networking refers to a broad topic that in essence associated with communication networks that use electromagnetic waves such as radio waves as carrier and thus provides greater flexibility and convenience compared to wired networks.

A common classification of the wireless networks is done by the range or the area that is covered by the wireless network. Instead of going through details, we will locate the position of ZigBee in wireless networking area using a top-down approach.

Wireless Wide Area Networks provide communication links across metropolitan, regional, or national boundaries by using technologies such as Universal Mobile Telecommunications System, General Packet Radio Service, and 3G to carry voice and data traffic.

Wireless Metropolitan Area Networks are a type of wireless network that connects several Wireless Local Area Networks. A good example for such networks is speci_ed by the iMAX standard which is built on the IEEE 802.16 standard and preserves connection in a whole city.

Wireless Local Area Networks enable users to establish connection in a local area setting (e.g. inside a building) and provide connection to wider networks such as internet. These type of networks are widely used on a worldwide scale, and Wi-Fi is a well-known technology certification that belongs to WLANs which is based on IEEE 802.11 standard.

Finally, Wireless Personal Area Networks (WPAN) connect network devices within personal area, which is a low cost and short range type of connection. Bluetooth and ZigBee are both examples of WPANs, based on the same Medium Access Control (MAC) layer family i.e. IEEE 802.15 standard.

ZigBee is at the same time a wireless sensor network (WSN) standard, in terms of a classification based on the type of the devices that form the network. A WSN is a network that is formed by a large number of sensor devices. A sensor device is equipped with at least one sensor that detects physical occurrences such as light, heat, motion, or sound.


WSNs are used in many different application areas including automation, monitoring, security, entertainment, and asset tracking. Many of these applications require large number of sensor devices hence to limit the costs WSN devices have severe resource constraints. These constraints are mainly in terms of computation, memory, and energy. Therefore, security is difficult to achieve, and many well-known methods and approaches become infeasible.

At this point we would like to mention the relation between WSN and CPS. A CPS is generally composed by a set of networked agents, including sensors, actuators, control processing units, and communication devices [CAS08]. In Fig. 1.2 a sample CPS is sketched where corresponds to an actuator corresponds to a sensor, as corresponds to a device with both actuator and sensor, and c being a controller.

While some forms of CPS are already in use, the widespread growth of wireless embedded sensors and actuators is stimulating several new applications in areas such as medical devices, autonomous vehicles, and smart structures and increasing the role of existing ones such as Supervisory Control and Data Acquisition (SCADA) systems.

WSN is one of the key technologies that enable the concept of CPS. Besides, common applications of CPS typically fall under WSNs and autonomous systems.

11.1 Security Protocols

A security protocol is a protocol that is used for performing security functions and generally incorporates cryptographic algorithms. The security protocols are widely used for securing the data communication in application level. Those protocols are commonly used for data confidentiality, data integrity, security key establishment, security key exchange, entity authentication, message authentication, non-repudiation, etc.

Security protocols generally make use of cryptography, so that a virtual secure channel can be established to provide secure communication over insecure media. Cryptography requires cryptographic keys to be established and distributed among the sides of the communication, and such a sequence of message exchanges for key establishment and distribution is a good example of a security protocol.

As we mentioned, security protocols are usually executed in insecure media where malicious users or software can be present. The adversaries are capable of performing many different types of attacks, making it complex to design sound security protocols. Even cryptography cannot save the protocol in most of the situations, which is one of the reasons of security protocols being so error prone. Security protocols are desired to maintain certain security properties. If these security properties cannot be preserved, certain flaws are likely to take place. Those flaws will cause serious attacks in the real implementations. Therefore, both design and verification of the protocols are very important.


12. WORLD WIDE WEB ARE USEFUL

At Web based Temperature Monitoring System, all the data are saved into the database. The user must ensure that the temperatures are saving in the database before proceeding to the next step. If everything runs smoothly, run the TomCat Web Server, and access the current temperature using the web page. The system is considered successful if there is no error detected during the testing. Because the hardware device was not built with expensive materials, so it can only be used in a limited geographical area. It can only be used for indoor temperature monitoring and limited only for one room because there is only one sensor attached to the sensor board. Other limitation is if the electricity is cut off it will shut down the entire operating system. It can have one with working with betters and wirelessly could connect to the mobile or satellite.

Figure 12.1 Flow chart for WWW.


12.1 TESTING RESULTS

Testing phase is used to evaluate the system’s function whether it meets the intended functionality. The system was successfully implemented and developed. However, to ensure that the system will perform correctly, the temperature sensor device and monitoring system need to be tested. Two method of testing was carried out to make sure the hardware and software is functioning according to the objectives.

Figure 3.

Figure 12.2.


13. CONCLUSION

The quality of the proposed Refineries process is one of the few ways a client can judge the quality of the end result while still in the design stage. A proposal with save a lives.

Improve Project is good and useful. Cost Justifying if it orders more. Reliability for system in the internet. Increase live save for patients. Increase Project in all UK.

Finally, it is important that a user interface be visually pleasing. It is possible for a user interface to be intuitive, easy to monitor, and efficient and still not be terribly nice to look at. While aesthetics do not directly impact the effectiveness of a user interface, families for the patient’s will be happier

SCADA networks are diverse systems. The integration of legacy hardware with new technologies leads to a vast array of technologies and protocols being used. The integration of the technologies is typically oriented towards functionality with little thought for security. On the other hand SCADA networks are used to monitor and control many mission-critical systems used for power generation, water management, transportation system control, and other industrial applications. A security breach of these mission-critical services could have devastating effects. In some instances lives could be lost and financial losses could be immense. The security of these systems is critical for the operation of our society. Security of these services should have high priority. The security of the system is dependent on the individual security of each component. Breaches can happen on all levels. RTU units most be properly configured to limit exposure and physical plant security must be implemented to limit access. Server security consists of hardening the underlying operating system and eliminating all unnecessary services. Network security is a diverse topic. Disconnect all unnecessary connections. Segment the network into logical groupings and use Access Controls to restrict unwanted traffic. Monitor your network and be aware of what is enter and leaving. Intrusion Detection packages should be used to automate this monitoring. Eliminate all plain-text communication traversing the corporate network but wrapping it inside an encryption layer with VPN technology. To summarize, implement proper physically security,properly configure all devices to permit only necessary communication, and use monitoring tools to verify security policy is being followed and warn of attacks. 2.4 Glossary of Terms

IDS: An intrusion detection system (IDS) inspects all inbound and outbound network activity and identifies suspicious patterns that may indicate a network or system attack from someone attempting to break into or compromise a system. IPSEC: Short for IP Security, a set of


protocols developed by the IETF to support secure exchange of packets at the IP layer. IPsec has been deployed widely to implement Virtual Private Networks (VPN). SSL: Short for secure Sockets Layer, a protocol developed by Netscape for transmitting private documents via the Internet. SSL works by using a private key to encrypt data that's transferred over the SSL connection. PPTP: Short for Point-to-Point Tunnelling Protocol, a new technology for creating Virtual Private Networks (VPN) , developed jointly by Microsoft Corporation, U.S. Robotics, and several remote access vendor companies, known collectively as the PPTP Forum. VPN: Short for Virtual Private Network, a network that is constructed by using public wires to connect nodes. DOS: Short for Denial-Of-Service attack, a type of attackon a network that is designed to bring the network to its knees by flooding it with useless traffic.

Modbus: An open, serial communications protocol based on the master/slave architecture. Modbus is a protocol that provides the internal standard that Modicon controllers use for parsing messages. Commonly used for SCADA communication.

DNP3: A protocol for transmission of data from point A to point B using serial communications.

SCADA: Acronym for Supervisory Control and Data Acquisition, a computer system for gathering and analysing real time data.

RTU: Short for remote Telemetry Unit. In SCADA systems, an RTU is a device installed at a remote location that collects data, codes the data into a format that is transmittable and transmits the data back to a central station, or master.

POTS: Short for Plain Old Telephone Service, which refers to the standard telephone service that most homes use.

In this paper we presented the simulations students performed in the framework of a design project. Getting acquainted with OPNET Modeller required a good deal of time and effort from the students. A lot of creative problem solving was needed, but the results are quite satisfactory. Students gained a lot of insights into networking by using OPNET Modeller.

We believe that simulation has an important role here, since it allows students to examine problems with much less work and of much larger scope than are possible with experiments on real hardware. Simulation can give more understanding in real world reproduce all the details of the real world and they can be easily instrumented. In addition, simulation of dozens or hundreds of nodes are easy on limited hardware, many more than is affordable if physical hardware was required.

We have been very happy with our use of the OPNET simulator. Our experiences show that students benefit from the OPENT simulation laboratory in many ways. The open design of the labs encourages active learning. In addition, students gain the knowledge of modelling and simulation technique for performance evaluation of networking systems.To get better performance when designing a network, the Frame Relay is useful. The distribution of the services between multiple servers versus services handled by one server


impacts the CPU utilization depending on the kind of services supported. If there is a balance between frequently used services and less frequently used services, it does not make sense to deploy more than one server to support different services.

An ever increasing number of highly reliable and high availability systems are being deployed that need 100% up time; that is, the user must never experience a situation where data cannot be accessed. While no system component can ever be guaranteed to work 100% of the time, the goal of a System Management solution is to mitigate and control failures at system level. The ideal situation is that enough data has been logged to allow the system controller to determine that a fault is about to happen. Detection before a failure occurs allows the controller to take action and prevent the failure from causing any downtimeTo achieve these design goals, a typical System Management solution has three interactive parts: a microcontroller or similar device for communicating with remote systems, a programmable logic device that offers flexibility and live-at-power-up attributes, and some discrete analogue components for monitoring temperature, voltage and current. Microsemi’s SmartFusion devices integrate a microprocessor subsystem, a non-volatile FPGA fabric and programmable analogue components into one monolithic device. SmartFusion cSoCs meet all of the requirements for a System Management solution, from power sequencing to temperature monitoring to in-system reprogramming. The available System Management reference design and GUI help you put your own System Management design together.

As data centres and web hosting sites proliferate, the need for physical security at the facility is every bit as great as the need for cyber security of networks. Intruders who falsify their identity or intentions can cause enormous damage, from physically disabling critical equipment to launching a software attack at an unsecured keyboard. Even the ordinary mistakes of well-intentioned staff pose a significant daily threat to operations, and can be minimized by restricting access to only the most essential personnel.

Technologies are in place, and getting less expensive, to implement broad range solutions based on the identification principles you have, what you know and who you are.

By combining an assessment of risk tolerance with an analysis of access requirements and available technologies, an effective security system can be designed to provide a realistic balance of protection and cost.

In summation, it is easy to observe that SCADA technology holds a lot of promise for the future. The economic and performance advantages of this type of system are definitely attractive. However, since the vulnerabilities of current implementations are in proportion to the advantages, it is essential that measures be taken to mitigate the risk to current systems and to ensure that future systems are designed with sound policies and design. We in India stand a lot to gain from such systems, and having the foreknowledge of the possible risks can take adequate measures to ensure our continued safety and prosperity. In the words of Master Sun Tzu from “The Art of War”:Those who are first on the battlefield, and await the opponents are at ease; those who are last, and head into battle are worn out.In this report we have presented a design and simulation environment for Design & Implementing SCADA System Wireless Sensor to Control Fire Effect in Refinery. Other intelligent functions possibly can be easily added. The developed architecture simplifies adding intelligence to logical nodes as an extra layer extending the capabilities of substation


automation devices and not interfering with their safety-critical functions. Future work will be dedicated to the implementation of Design & Implementing SCADA System Wireless Sensor to Control Fire Effect in Refinery.

The quality of the proposed feasibility process is one of the few ways a client can judge the quality of the end result while still in the proposal stage. A proposal without feasibility engineering milestones (or with poorly defined or misguided methodology) will result in a poor site most of the time.

Improve Product Sales Cost Justifying feasibility Readable manuals with different Languages. Reduce Development Costs and Time Increase Productivity Increase Project and Product Success

Finally, it is important that a user interface be aesthetically pleasing. It is possible for a user interface to be intuitive, easy to monitor, and efficient and still not be terribly nice to look at. While aesthetics do not directly impact the effectiveness of a user interface, users will be happier and therefore more productive if they are presented with an attractive user interface.

As power system evolves, more and more real time informaition is needed to support the advanced services and functions in order to make the power system more stable and reliable. The new challenges bring the new requirements to the power system communication infrastructure. This thesis has addressed the proposal of an IP based SCADA system for monitoring and control the Iraqi power generation stations plant. It also adressed the configuratio of most elements of the proposed system and simulates the proposed network using the network simulator program (Boson Network simulator). During the building and achievements of some system elements, a number of conclusions have been considered based on the practical and simulation results obtained, the most important ones:

1. The implemented system was cost save solution coppered with other approaches to build such a system. The central MTU machine needs relatively very low resources to achieve its task. The use of the standard available low cost resources to build up a WEB server with window server environment is a very simple and cost save solution and high functional and reliable solution.

2. The use of RTU560 systems a very compatible and reliable solution since the RTU accepts the interfacing with the SCADA network by either the Ethernet or serial data interface module which increase the system compatibility. The RTU560 system works as a WEB server so it can be accessed using the internet explorer as an automation software which integrates the overall system operation since the proposed automation software for the overall system is the internet explorer which is the standard WEB software.

3. The use of the internet protocol enables the interfacing of the system to the internet and increase the system operability and compatibility with internet based systems and remote operation techniques using the VPN technology.

4. The particular characteristics of the fibre optic network such as low attenuation, high bandwidth, small physical cross section, electromagnetic interface immunity, and security, makes it the most suitable transmission medium for the Iraqi power generation stations automation, control, protection and monitoring functions.


Moreover already installed optical fibre infrastructure in Iraq saves the cost behind installing other communication media. Further it supports new services an functions that drive increased bandwidth and time latency requirements.

5. The value added services proposed to be added to the default system services increases the system operability and performance analysis.

6. The system (MTU, RTU, HMI and the communication network( is easy to e use and setup. The knowledge base needed by the system administrators and operators is very common in the IT field. There are many large companies that provide courses and certifications which cover most of knowledge required to setup and use the implemented system.

7. The configured system elements had been tested and they worked successfully.8. The simulated network had been tested and it work successfully according to the

planed operation.

13.1 Future Work

A feedback control system that provides an optimum performance without any necessary adjustments is rare indeed. Usually one finds it necessary to compromise among the many conflicting and demanding specifications and to adjust the system parameters to provide a suitable and acceptable performance when it is not possible to obtain all the desired optimum specifications.

It is often possible to adjust the system parameters in order to provide the desired system response. However, it is often not possible to simply adjust a system parameter and thus obtain the desired performance. Rather, the scheme or plan of the system must be re-examined, and a new design or plan must be obtained which results in a suitable system. Thus, the design of a control system is concerned with the arrangement, or the plan, of the system structure and the selection of suitable components and parameters. For example, if one desires a set of performance measures to be less than some specified values, one often encounters a conflicting set of requirements. If these two performance requirements cannot be relaxed, the system must be altered in some way. The alteration or adjustment of a control system, in order to make up for deficiencies and inadequacies and provide a suitable performance, is called compensation.

To develop the proposed system and to achieve a higher level of usability and effectiveness, the following suggestions are given:

1. The proposed system for Iraqi power generation stations can be implemented using the installed optical fibre infrastructure by placing a WEB server at three far distance regions; one at the centre and the others at the north and south regions respectively.

2. Increase the system security by assigning privilege levels to the operators (i.e. to give the ordinary operator read rights, while giving the professional skilled operators full privilege for monitoring and control operations).


http://www.answers.com/topic/optimum

14. REFERENCES AND BIBLIOGRAPHIES

Office of Energy Assurance, U.S. Department of Energy. (2002). 21 Steps to Improve

Cyber Security of SCADA Networks. Retrieved March 1, 2005 from the World

Wide Web: http://www.ea.doe.gov/pdfs/21stepsbooklet.pdf

Riptech Inc. (Jan, 2001). Understanding SCADA System Security Vulnerabilities.

Retrieved March 1, 2005 from the World Wide Web:http://www.iwar.org.uk/cip/resources/utilities/SCADAWhitepaperfinal1.pdf

John Donovan, Low-Power Design for Convergence Promotions LLC 2012

The State of Wi-Fi Security, Wi-Fi Alliance.

ZigBee Specifications, ZigBee Alliance.

ZigBee Security, ZigBee Alliance Presentation.

IEEE 802.11i-2004, IEEE.

Recommendation for Block Cipher Modes of Operation: The CCM Mode for Authentication and Confidentiality

Lee Chao, “Networking Systems design and development”, CRC press, 2010.

James F. Kurose and Keith W. Ross, “Computer Networking, A top-down approach: International version”, 5th edition, Pearson Higher Education, 2010.

K D Stewart III, A Adams, “Designing and Supporting Computer Networks”, Cisco Press, 2008.

Ph.D. Lewis, Wayne “Lan Switching and Wireless” second edition 2009.

Forouzan, Behrouz A. “Data Communicaions and Networking” Fourth Edition Corringan, Partick H. And Guy Aisling “Building Local Area Networking 1989

“Citect Used on FDA Validated Process to Monitor Reactor ProfilesRanbaxy Labs”K. Subramaniam, Managing Director, Masibus Process Instruments Pvt. Ltd.

“VSCADA” © - Voltas Supervisory Control and Data Acquisition,http://www.voltasacnr.com/default.html

Implementation details based on:“An Architectural Framework for Describing Supervisory Control and Data


Acquisition (SCADA) Systems”Michael P. Ward, US Naval Postgraduate School, September 2004

“Cyber-Attacks by Al Qaeda Feared”Barton Gellman, Washington Post, June 27, 2002; Page A01

Vulnerability analysis based on: “Common Vulnerabilities in Critical Infrastructure Control Systems” Stamp, Dillinger, Young, DePoy, Sandia National Laboratories, May 2003.

“SCADA vs. the hackers” Alan S. Brown, American Society of Mechanical Engineers,http://www.memagazine.org/backissues/dec02/features/SCADAvs/

Security recommendations based on: “SCADA Systems Security” Michael A. Young, SANS Institute, February 2004

http://www.answers.com/topic/control-system#ixzz1jKnfHq3o

Anderson, J. R., Matessa, M., & Lebiere, C. (1997). ACT-R: A theory of higher level cognition and its relation to visual attention. Human Computer Interaction, 12(4), 439-462.

Behaviour & Information Technology, vol. 13, nos. 1-2, January-April 1994. [Special issue devoted to usability laboratories]

Card, S.K., Moran, T.P., and Newell, A. 1983. The psychology of human-computer interaction. Hillsdale,NJ: Erlbaum Associates.

Karat, C. (1990). Cost-benefit analysis of usability engineering techniques. Proceedings of the Human Factors Society. Orlando. Fl.

Nielsen, J. (3 April, 2010) Alertbox. “F-Shaped Pattern for Reading Web Content.” <http://www.useit.com/alertbox/reading_pattern.html>.[31 Dec, 2011]

Nayak L, Priest L, Stuart-Hamilton I, et al. Web site design attributes for retrieving health information by older adults: an application of architectural criteria. Universal Access in the Information Society 2006;5:

Nielsen, J. (2001). Did Poor Usability Kill E-Commerce? Alertbox 19th August http://www.useit.com/ alertbox/20010819.html 170–9.

Penzo, M. (3 April, 2010) UXMatters. “Introduction to Eye-tracking: Seeing Through Your Users’ Eyes.” <http://www.uxmatters.com/MT/archives/000040.php>.[31March, 2010]

Zaphiris, P., Kurniawan, S.: Usability and Accessibility of Aging/Health-Related Web sites. HCI International, New Orleands, LA, USA, 2001.


http://www.useit.com/alertbox/reading_pattern.html

http://www.answers.com/topic/control-system#ixzz1jKnfHq3o

15. TIME PLAN

Hours 1 – 10 per week 11 – 20 per week 21 – 30 per week Over 30 per week

February

March

April

August

September

October


dissertation report 2_3

Documents