Leveraging Data Provenance to Enhance Cyber Resilience

Moyer, Thomas; Chadha, Karishma; Cunningham, Robert K.; Schear, Nabíl; Smith, Warren; Bates, Adam; Butler, Kevin; Capobianco, Frank; Jaeger, Trent; Cable, Patrick T.

doi:10.1109/secdev.2016.034

Cited by 2 publications

(1 citation statement)

References 34 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Provenance was first introduced in databases and computational sciences for tracing and debugging. However, more recently it has been proposed as a primitive for building secure and resilient systems [14] that can "fight through" attacks. In order to provide such capabilities, novel collection, storage, and analysis mechanisms have been proposed to enable near-real-time analysis of provenance to support security and resilience decisions [15].…”

Section: B Data Provenancementioning

confidence: 99%

Detecting Safety and Security Faults in PLC Systems with Data Provenance

Farooq

Marquard

George

et al. 2019

2019 IEEE International Symposium on Technologies for Homeland Security (HST)

Self Cite

View full text Add to dashboard Cite

Programmable Logic Controllers are an integral component for managing many different industrial processes (e.g., smart building management, power generation, water and wastewater management, and traffic control systems), and manufacturing and control industries (e.g., oil and natural gas, chemical, pharmaceutical, pulp and paper, food and beverage, automotive, and aerospace). Despite being used widely in many critical infrastructures, PLCs use protocols which make these control systems vulnerable to many common attacks, including man-in-the-middle attacks, denial of service attacks, and memory corruption attacks (e.g., array, stack, and heap overflows, integer overflows, and pointer corruption). In this paper, we propose PLC-PROV, a system for tracking the inputs and outputs of the control system to detect violations in the safety and security policies of the system. We consider a smart building as an example of a PLC-based system and show how PLC-PROV can be applied to ensure that the inputs and outputs are consistent with the intended safety and security policies.

show abstract

Section: B Data Provenancementioning

confidence: 99%