Threat identification and diagnosis of the deployed network for the presence of any malicious element is an important task but it has not been carefully addressed in industrial wireless sensor networks. Main reason for this is its unique characteristics and design. Although recent wireless systems for industrial automation such as ISA100.11a employ device management protocols, these protocols generate and report a large amount of control packets from individual sensor nodes. Also, these protocols do not capture influences on network performance from external sources such as malicious nodes or interference from other networks. I propose a latent network diagnosis system (LaNDS) that adopts smart yet simple techniques based on packet sniffing method to identify common security threats originating from any external or internal malicious node. In the proposed security framework, first part is to point out some common security vulnerabilities in ISA100.11a and the second part deals with the identification and isolation of the malicious source. Special sniffer device running LaNDS monitors the ISA100.11a network by employing passive ethical sniffing and notify based on the characteristics and traffic patterns of
an active security attacks. LaNDS also evaluate network performance efficiently and instantly identifying degradation causes of networking
performance. Unique part in this approach is that it does not incur additional traffic overhead for collecting desired information and in making any decision. I also proposed several implementations of sniffer devices to carry out successful and efficient security detection with packet parsing. For evaluation, I have tested LaNDS on an ISA100.11a based sensor network in a lab environment and have validated the efficiency of the system based on the possible erroneous cases of industrial sensor network.
