Security analysis of DNP3 using CPN model with state space report representation using LDA

Supervisory Control and Data Acquisition System (SCADA) communication forms major portion of substation automation in smart grid, as it monitors performances of substation components and their parameters. Till date keeping SCADA networks functional was prime focus, but now making it secure is biggest challenge because of their continuous connection to public networks. This paper presents security analysis of Distributed Network Protocol Version 3 (DNP3) using Coloured Petri Nets (CPN) model. DNP3 is extensively used in SCADA systems for distributed control of oil, gas and power grid infrastructure. CPN technique gives complete environment to understand communication link in DNP3 with actual packet formation and their transmission through the network. To perform security analysis, experiments are carried out with initial CPN model and a state space reports are generated for legitimate and malicious traffic flow. Then the generated state space report is used to train the Linear Discriminant Analysis (LDA) model which will discriminate the malicious flow from legitimate flow.