Protection against attacks in RTU mode of Modbus protocol based on cryptographic verification of master-slave nodes

This paper analyzes the features of the Modbus protocol, with an emphasis on its vulnerability in the context of security and protection of transmitted information. The main risks associated with the use of Modbus in automation and process control systems (APCS) are considered, including the lack of encryption and authentication mechanisms, which makes it vulnerable to various types of attacks, such as data interception or unauthorized access, as well as options for solving the problem of node verification. The Modbus protocol is one of the most common and popular industrial protocols, actively used in automation systems and control of various technological processes. The protocol is easy to implement and widespread, which makes it attractive for implementation in various industries. However, the RTU mode of the Modbus protocol has disadvantages, such as vulnerability to man-in-the-middle and substitution attacks, which carries potential risks for industrial enterprises using this protocol in production. The vulnerability is due to the lack of built-in authentication and verification mechanisms for nodes involved in data transmission. This creates risks associated with the possibility of unauthorized access and substitution of information during the exchange process. The article proposes a method for increasing confidentiality during interaction between nodes by implementing cryptographic operations that allow for verification of the authenticity of the source of transmitted data by implementing a lightweight cryptographic algorithm based on the XOR operation with a 16-bit secret. The advantage of the proposed method is its compatibility with the existing implementation of the Modbus protocol, minimal impact on system performance, and no need for deep modification of the architecture. It is also worth noting a slight increase in data transmission latency (less than 2 %) and processor time consumption.

1. Tomas Dzh. Vvedenie v protokol Modbus. Chast' 1. STA: Sovremennye tekhnologii avtomatizatsii. 2009;(2):52–57. (In Russ.).

2. Tomas Dzh. Vvedenie v protokol Modbus. Chast' 2. Modbus Serial i Modbus TCP. STA: Sovremennye tekhnologii avtomatizatsii. 2009;(3):22–26. (In Russ.).

3. Alakbarov R.G., Hashimov M.A. Application and Security Issues of Internet of Things in Oil-Gas Industry. International Journal of Education and Management Engineering. 2018;8(6):24–36. https://doi.org/10.5815/ijeme.2018.06.03

4. Arzumanyan E., Chumakov A. MITM Attack. Threat to Information Security in the Russian Federation. Znanstvena Misel. 2019;(8–1):37–40. (In Russ.).

5. Tanenbaum A.S., Bos H. Modern Operating Systems. Saint Petersburg: Piter; 2015. 1120 p. (In Russ.).

6. Prokopenko L.L., Ionan Yu.E. OSI Model for Organizing Computer Networks. Vestnik obrazovatel'nogo konsortsiuma srednerusskii universitet. Informatsionnye tekhnologii. 2021;(1):40–42. (In Russ.). https://doi.org/10.52374/52100412_2021_17_1_40

7. Gashkov S.B. Slozhenie odnobitnykh chisel. Treugol'nik Paskalya, salfetka Serpinskogo i teorema Kummera. Moscow: MTsNMO; 2014. 40 p. (In Russ.).

8. Borodulin V. Sravnitel'nye kharakteristiki algoritmov rascheta CRC16 posledovatel'nym i tablichnym sposobom na primere mikrokontrollera AVR. Sovremennaya elektronika. 2008;(2):74–77. (In Russ.).

9. Mansour A.M. Data Pre-Processing Algorithm for the Neural Network System for Determining Automatic Password Selection. Young Don Researcher. 2018;(6):34–38. (In Russ.).

10. Korshunov V.N. Uvelichenie skorosti peredachi informatsii po opticheskim kabelyam. Kabeli i provoda. 2017;(1):16–19. (In Russ.).