In this work I recommend a new DNPSec framework to enable con­fidentiality, integrity, and authenticity (CIA) placed directly in the DNP3. Such a framework requires some modifications in the data structure of the DNP3 Data Link layer. My main goal is to address the threats related to CIA in the DNP3 as part of SCADA architecture, with a minimum performance impact on the communication link; and without requiring modification to the much more expensive Master and Substation devices and the applications supporting them. Also, and as part of this work, I develop a proof of concept for the DNPSec...