Active fuzzing for testing and securing cyber-physical systems

Chen, Yuqi; Xuan, Bohan; Poskitt, Christopher M.; Sun, Jun; Zhang, Fan

doi:10.1145/3395363.3397376

Cited by 23 publications

(20 citation statements)

References 66 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Our study is based on the SWaT dataset [18] and WADI dataset [35], which are publicly available [53] and have been used in multiple projects [12,20,21,54,55,56,57]. The SWaT dataset records the system state of 26 sensor values and 25 actuators (in total 51 features) every second, and WADI records 70 sensors and 51 actuators (in total 121 features) every second.…”

Section: Preliminariesmentioning

confidence: 99%

“…The effectiveness of an anomaly detector can be assessed by subjecting it to a test suite of attacks, and observing whether it can correctly identify the anomalous behaviour. These tests can be derived from benchmarks [18], hackathons [19], or tools such as fuzzers [20,21], and typically involve manipulating or spoofing the network packets exchanged between CPS components. While studies have shown that neural network-based detectors are effective at detecting these conventional types of attacks [18,22,23,24,25,26,27], less consideration has been given to testing their effectiveness at detecting adversarial attacks, in which attackers have knowledge of the model itself and craft noise (or perturbations 1 ) that is specifically designed to cause data to be misclassified.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Adversarial Attacks and Mitigation for Anomaly Detectors of Cyber-Physical Systems

Jia,

Wang,

Poskitt

et al. 2021

Preprint

Self Cite

View full text Add to dashboard Cite

The threats faced by cyber-physical systems (CPSs) in critical infrastructure have motivated research into a multitude of attack detection mechanisms, including anomaly detectors based on neural network models. The effectiveness of anomaly detectors can be assessed by subjecting them to test suites of attacks, but less consideration has been given to adversarial attackers that craft noise specifically designed to deceive them. While successfully applied in domains such as images and audio, adversarial attacks are much harder to implement in CPSs due to the presence of other built-in defence mechanisms such as rule checkers (or invariant checkers). In this work, we present an adversarial attack that simultaneously evades the anomaly detectors and rule checkers of a CPS. Inspired by existing gradient-based approaches, our adversarial attack crafts noise over the sensor and actuator values, then uses a genetic algorithm to optimise the latter, ensuring that the neural network and the rule checking system are both deceived. We implemented our approach for two real-world critical infrastructure testbeds, successfully reducing the classification accuracy of their detectors by over 50% on average, while simultaneously avoiding detection by rule checkers. Finally, we explore whether these attacks can be mitigated by training the detectors on adversarial samples.

show abstract

Section: Preliminariesmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Adversarial Attacks and Mitigation for Anomaly Detectors of Cyber-Physical Systems

Jia,

Wang,

Poskitt

et al. 2021

Preprint

Self Cite

View full text Add to dashboard Cite

show abstract

“…This paper searches the actuator configuration in a bit vector under the assumption that the states of actuators are discrete. In that vein, their following research [20] used online active learning to guide a search for network packet payload, which encodes actuator commands to drive the CPS into an unsafe state. In our paper, there are a couple of differences to notice: none of this line of work exploited the program coverage information, which may provide useful information for optimization, while our approach is based on coverage guided fuzzing technique, which has many success stories in largescale software [21]- [23].…”

Section: A Related Workmentioning

confidence: 99%

“…If the position, velocity and acceleration of the pendulum enter a certain area, the control system fails. We try to falsify the property that the system never enter the following region of the state-space 20,20]. Sampled Polarity Integrator System [11].…”

Section: A Benchmarksmentioning

confidence: 99%

CPFuzz: Combining Fuzzing and Falsification of Cyber-Physical Systems

Shang

Wang

et al. 2020

IEEE Access

View full text Add to dashboard Cite

Coverage-guided grey-box fuzzing for computer systems has been explored for decades. However, existing techniques do not adequately explore the space of continuous behaviors in Cyber-Physical Systems (CPSs), which may miss safety-critical bugs. Optimization-guided falsification is promising to find violations of safety specifications, but not suitable for identifying traditional program bugs. This article presents a fuzzing process for finding safety violations at the development phase, which is guided by two quantities: a branch coverage metric to explore discrete program behaviors and a Linear Temporal Logic (LTL) robust satisfaction metric to identify undesirable continuous plant behaviors. We implement CPFuzz to demonstrate the utility of the idea and estimate its effectiveness on seven control system benchmarks. The results show up to a better performance in average time to find violations on all benchmarks than S-TaLiRo and six benchmarks than S3CAMX. Finally, we exploit CPFuzz to synthesize the sensor spoofing attack on a DC motor with fixed-point overflow vulnerability as a case study. INDEX TERMSCoverage guided fuzzing, cyber-physical systems, linear temporal logic, optimizationguided falsification VOLUME 4, 2016This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication.

show abstract

“…Compromising any one of these components or PLCs can potentially allow an attacker to manipulate the system into a damaging physical state. This has motivated a huge variety of research into defending and assessing CPSs, spanning techniques based on anomaly detection [7,12,17,22,28,32,39,40,44,45,47,49,51,54,57,60,65,66], fingerprinting [13,35,43,50,79], invariant-based monitoring [8,9,11,20,24,25,29,73,81], trusted execution environments [70], and fuzzing [26,27,78].…”

Section: Introductionmentioning

confidence: 99%

Code integrity attestation for PLCs using black box neural network predictions

Chen

Poskitt

Sun

2021

Proceedings of the 29th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Softw

Self Cite

View full text Add to dashboard Cite

Cyber-physical systems (CPSs) are widespread in critical domains, and significant damage can be caused if an attacker is able to modify the code of their programmable logic controllers (PLCs). Unfortunately, traditional techniques for attesting code integrity (i.e. verifying that it has not been modified) rely on firmware access or roots-of-trust, neither of which proprietary or legacy PLCs are likely to provide. In this paper, we propose a practical code integrity checking solution based on privacy-preserving black box models that instead attest the input/output behaviour of PLC programs. Using faithful offline copies of the PLC programs, we identify their most important inputs through an information flow analysis, execute them on multiple combinations to collect data, then train neural networks able to predict PLC outputs (i.e. actuator commands) from their inputs. By exploiting the black box nature of the model, our solution maintains the privacy of the original PLC code and does not assume that attackers are unaware of its presence. The trust instead comes from the fact that it is extremely hard to attack the PLC code and neural networks at the same time and with consistent outcomes. We evaluated our approach on a modern six-stage water treatment plant testbed, finding that it could predict actuator states from PLC inputs with near-100% accuracy, and thus could detect all 120 effective code mutations that we subjected the PLCs to. Finally, we found that it is not practically possible to simultaneously modify the PLC code and apply discreet adversarial noise to our attesters in a way that leads to consistent (mis-)predictions. CCS CONCEPTS• Software and its engineering → Embedded software; • Security and privacy → Embedded systems security; • Computing methodologies → Neural networks.

show abstract

Active fuzzing for testing and securing cyber-physical systems

Cited by 23 publications

References 66 publications

Adversarial Attacks and Mitigation for Anomaly Detectors of Cyber-Physical Systems

Adversarial Attacks and Mitigation for Anomaly Detectors of Cyber-Physical Systems

CPFuzz: Combining Fuzzing and Falsification of Cyber-Physical Systems

Code integrity attestation for PLCs using black box neural network predictions

Contact Info

Product

Resources

About