Date on Master's Thesis/Doctoral Dissertation


Document Type

Master's Thesis

Degree Name

M. Eng.


Computer Engineering and Computer Science

Committee Chair

Desoky, Ahmed H.

Author's Keywords

Bloom filter; SCADA security; Role based access control; ICS security; Authentication; Modbus


Digital control systems; Computer security; Process control--Computer programs; Supervisory control systems--Security measures


Supervisory control and data acquisition (SCADA) systems are networked control systems used in many critical infrastructure areas such as power water and transportation. Many of these systems continue to use legacy field devices that lack cyber security features. The field device security preprocessor is a bump-in-the-wire security solution of legacy field devices. This thesis describes the design and analysis of a dual Bloom filter structure for use in a field device security preprocessor. A dual Bloom filter is a variant of the traditional Bloom filter, that performs role based access checks in O(1) time. It is shown this structure, which can produce false authentications is shown to be acceptable for this security use thought analysis and penetration testing. Analysis and testing shows that in spite of false positives this structure can provide the required level of security, while maintaining the required level of performance on low cost hardware.