DNP3 Secure Authentication CLEARSCADA AND KINGFISHER RTU

Transcription

1 DNP3 Secure Authentication CLEARSCADA AND KINGFISHER RTU

2 1. Introduction ClearSCADA and CP30 support DNP3 Secure Authentication version It is possible to optionally enable DNP3 Secure Authentication on a per outstation basis in ClearSCADA. When enabled: A DNP3 outstation can issue a challenge to determine whether it is genuinely communicating with a particular DNP3 master A DNP3 master can issue a challenge to determine whether it is genuinely communicating with a particular outstation. Due to factors such as the necessary increase in bandwidth and extra processing involved, challenges are only sent in relation to requests or responses that are deemed to be critical. The DNP3 standard dictates those function codes that are always deemed critical; other function codes can be set to critical if required. In ClearSCADA, you define the criticality of function codes on a per server basis. In CP30, there are default defined critical functions. When a DNP3 device receives a request or response that is deemed to be critical, that device replies with a challenge. The challenge requires the sending device (the Responder ) to send a reply within a defined time period. If an authentic reply is received within the required time period, the device that issued the challenge (the Challenger ) executes the critical function. If the challenger is an outstation, it performs the requested critical function and sends the appropriate response to the DNP3 master. If the challenger is a DNP3 master, it processes the stored response that triggered the challenge. If a challenge is unsuccessful, the challenger rejects the critical request or response. If the challenger is an outstation, it does not perform the rejected critical request. If the challenger is a DNP3 master, it throws out the data that it received in relation to the rejected critical response. The challenger might also send an error message to the responder, but the number of error messages is actively limited. In order to communicate using DNP3 Secure Authentication, both the DNP3 master and the DNP3 outstation must support DNP3 Secure Authentication version 2.00 and have that feature enabled. Both devices must also be provided with a pre-shared private Update Key. Update Key A pre-shared private Update Key is used, along with a Key Wrap algorithm, to encrypt the Session Keys during the Session Key Change process. ClearSCADA supports one Update Key per outstation (for the Default User ). You set the Update Key using the Set Update Key pick action or method. With DNP3 Secure Authentication, each DNP3 user requires their own Update Key. The outstation uses the Update Key to authenticate Session Key Change requests from its DNP3 master. 1

3 You might need to use a third-party random number generator application to generate a suitable Update Key. The key must comprise a sequence of hexadecimal digits. The key is case insensitive. The size of the Update Key is determined by the Key Wrap algorithm. The algorithm AES-128 requires a 128-bit key comprising 32 hexadecimal digits (for example, ABCDEF ABCDEF). Session Key Session Keys are used to authenticate any messages that are challenged. Two Session Keys are in use per outstation at any particular time one Session Key per communications direction. This means that if a Session Key is compromised in one direction, it does not compromise communications in the other direction. The DNP3 master initializes the Session Keys on communications start-up (for instance, when the DNP3 driver starts up, or when communications are first established with the outstation). The Session Keys are changed periodically thereafter, to maintain. On systems on which ClearSCADA is the DNP3 master, the size of the Session Keys is set using the ClearSCADA Server Configuration Tool. Session Key Change During the Session Key Change process, the DNP3 master generates a new pair of Session Keys and sends an encrypted copy of those Session Keys to the outstation. The DNP3 master encrypts the Session Keys using another key, the Update Key, and a Key Wrap algorithm. The Update Key permits the DNP3 master to change the Session Keys even after a Session Key is compromised. Session Keys are changed on a regular basis to maintain security. The DNP3 master also initiates a Session Key Change whenever it re-establishes communications with an outstation. Define the Session Key Length With DNP3 Secure Authentication, two Session Keys are required. One Session Key authenticates data transmitted in the monitoring direction (from a DNP3 outstation to its DNP3 master); the other Session Key authenticates data transmitted in the controlling direction (from the DNP3 master to a DNP3 outstation). Use the Session Key Length field in the DNP3 Master s Security section of the ClearSCADA Server Configuration Tool to specify the length of both Session Keys. Specify a Session Key length that is supported by all of the DNP3 outstations on your system. The minimum length that you can specify is 128 bits. For systems on which ClearSCADA is the DNP3 master, ClearSCADA generates Session Keys of the specified length using FIPS including Change Notice 1. Key Wrap The Key Wrap algorithm is the algorithm that is used to encrypt the Session Keys and Challenge Data during a Session Key Change. All devices that use DNP3 Secure Authentication must support the Advanced Encryption Standard (AES) AES-128 algorithm. AES-128 is the algorithm that ClearSCADA uses during each Session Key Change.A preshared private Update Key is used in the encryption process. 2

4 It is imperative that the security of the key is not compromised. Do not store a copy of the Update Key in a format or location that can be accessed by others, nor transmit the Update Key using any form of communications that can be eavesdropped. An error message is displayed if the key contains non-hexadecimal digits or is of the wrong length. 2. Test 2.1 Scope of work Secured DNP3 Authentication on Direct Operate function from Cleasr Scada to slave RTU; and from master RTU to slave RTU. Check results in wireshark while both right and wrong update keys are entered in ClearScada, and compare them. 2.2 Required settings in ClearScada Defined objects in Data base tree a. Channel: configured on network TCP b. Outstation set: connected to defined channel c. Outstation: configured with single network, related IP address, and port no

5 Security enables, HMAC : SHA-1 truncated to 10 octets(network). Key Wrap: AES-128. Disable aggressive mode. 4

6 Set update key: right click on outstation, on pop up menu; select Set update key, paste the update key copied from RTU d. Digital Output: DO, Normal digital out put with update point on successful action option, Define Which Function Codes are Critical With devices that use DNP3 Secure Authentication, any request to perform a function that is deemed to be critical is challenged. Such a request is only processed once the correct reply has been received to that challenge. Use the check boxes in the relevant DNP3 Security section of the ClearSCADA Server Configuration Tool to specify which function codes are deemed to be critical. In order to set that, go to Server configuration, global parameters, DNP3 Master. 5

7 With the remaining check boxes, select the boxes of those function codes that are critical. Ensure that the check boxes of any non-critical function codes are clear. Use the check boxes on the DNP3 Master section of the ClearSCADA Server Configuration Tool to determine the criticality of function codes for systems on which ClearSCADA is the DNP3 master. Set the function codes criticality so that it matches that of your outstations. For this test Direct Operate should be ticked. Use the check boxes on the DNP3 Slave section of the ClearSCADA Server Configuration Tool to determine the criticality of function codes for systems on which ClearSCADA is operating as a DNP3 slave. (here ClearScada is master) 2.3 Required settings in RTU Between Scada and RTU (Slave) Require authentication for critical functions: 1- Create a new project 2- Create a new RTU 3- Define DNP3 protocol 4- Edit DNP3 protocol: enable Authentication setting 6

8 5- When enabled, an Update key can be entered (consisting of 16 hexadecimal bytes). This Update key must then be provided by a DNP3 master device before it can request a critical function. (copy it to a file to paste in ClearScada),For a DNP Master RTU, authentication is configured for each route that is used to communicate with a Secure Between 2 RTUs 1- Create new project 2- Create two new RTUs as master and slave 3- Define DNP3 protocol for both 4- Edit DNP3 protocol: enable Authentication setting 5- When enabled, an Update key can be entered (consisting of 16 hexadecimal bytes). This Update key must then be provided by a DNP3 master device before it can request a critical function. (copy it to a file to paste in ClearScada),For a DNP Master RTU, authentication is configured for each route that is used to communicate with a Secure Critical functions requiring authentication The DNP3 Secure Authentication standard for Kingfisher RTUs are: 7

9 Write; Select; Operate; Direct Operate; Direct Operate No Acknowledgement; Cold restart; Warm Restart; Initialise Application; Start Application; Stop Application; Enable Unsolicited Messages; Disable Unsolicited Messages; Record Current Time; Authenticate; and Activate Configuration. 2.4 Test Result Make DO1 ON and OFF from ClearScada to slave RTU wireshark capture with right update key Request wireshark capture Respond wireshark capture 8

10 2.4.1wireshark capture with wrong update key ClearScasda can t initiate communication with RTU: 9