A Low-Cost In-Line Encryption System for SCADA Applications

Encryption is an essential security mechanism to achieve data confidentiality. However, some organizations may choose not to encrypt their critical traffic due to the high cost or difficulties of setting up an encryption system between the various devices of their networks. This paper presents a system that provides a protected communication between devices with a reasonable cost and an easy-to-use interface. The system can be easily added in-line to communication links to minimize the disturbance to existing infrastructure. The system has a central management unit that is used to configure and update encryption devices that are placed at the endpoints of the communication links that must be secured. Each encryption device is a Linux-based mini-computer that encrypts the traffic sent by the end device and decrypts the incoming traffic. The proposed system had been successfully implemented and extensively tested to ensure that it works correctly.