Run-time prediction and preemption of configuration attacks on embedded process controllers

Lerner, Lee W.; Farag, Mohammed M.; Patterson, Cameron

doi:10.1145/2490428.2490447

Cited by 5 publications

(2 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Erroneous behavior of the controller is identified by running a model of the plant in accelerated mode to forecast the future behavior [9]. TAIGA, which separates the trusted components and protects them against latent malware and network reconfiguration, is discussed in [10].…”

Section: Introductionmentioning

confidence: 99%

Design and implementation of a security framework for industrial control systems

Harshe

Chiluvuri

Patterson

et al. 2015

2015 International Conference on Industrial Instrumentation and Control (ICIC)

Self Cite

View full text Add to dashboard Cite

We address the problems of network and reconfiguration attacks on an industrial control system (ICS) by describing a trustworthy autonomic interface guardian architecture (TAIGA) that provides security against attacks originating from both supervisory and plant control nodes. In contrast to the existing security techniques which attempt to bolster perimeter security at supervisory levels, TAIGA physically isolates trusted defense mechanisms from untrusted components and monitors the physical process to detect an attack. Trusted components in TAIGA are implemented in programmable logic (PL). Our implementation of TAIGA integrates a trusted safety-preserving backup controller, and a mechanism for preemptive switching to a backup controller when an attack is detected. A hardware implementation of our approach on an inverted pendulum system illustrates how TAIGA improves resilience against software reconfiguration and network attacks.

show abstract

Section: Introductionmentioning

confidence: 99%

Design and implementation of a security framework for industrial control systems

Harshe

Chiluvuri

Patterson

et al. 2015

2015 International Conference on Industrial Instrumentation and Control (ICIC)

Self Cite

View full text Add to dashboard Cite

show abstract

“…TECEP (Trust Enhancement of Critical Embedded Processes) is our method of implementing application-specific critical system functions in a way that is beyond the reach of any local or remote software, regardless of the credentials [3]. This greatly reduces the attack surface.…”

Section: Introductionmentioning

confidence: 99%

Using high-level synthesis and formal analysis to predict and preempt attacks on industrial control systems

Lerner

Franklin

Baumann

et al. 2014

Proceedings of the 2014 ACM/SIGDA International Symposium on Field-Programmable Gate Arrays

Self Cite

View full text Add to dashboard Cite

Industrial control systems (ICSes) have the conflicting requirements of security and network access. In the event of large-scale hostilities, factories and infrastructure would more likely be targeted by computer viruses than the bomber squadrons used in WWII. ICS zero-day exploits are now a commodity sold on brokerages to interested parties including nations. We mitigate these threats not by bolstering perimeter security, but rather by assuming that potentially all layers of ICS software have already been compromised and are capable of launching a latent attack while reporting normal system status to human operators. In our approach, application-specific configurable hardware is the final authority for scrutinizing controller commands and process sensors, and can monitor and override operations at the lowest (I/O pin) level of a configurable system-on-chip platform. The process specifications, stability-preserving backup controller, and switchover logic are specified and formally verified as C code, and synthesized into hardware to resist software reconfiguration attacks. To provide greater assurance that the backup controller can be invoked before the physical process becomes unstable, copies of the production controller task and plant model are accelerated to preview the controller's behavior in the near future.

show abstract

A Bio-immunology Inspired Industrial Control System Security Model

Chitauro

Muyingi

John

et al. 2019

First International Conference on Sustainable Technologies for Computational Intelligence

View full text Add to dashboard Cite

Run-time prediction and preemption of configuration attacks on embedded process controllers

Cited by 5 publications

References 10 publications

Design and implementation of a security framework for industrial control systems

Design and implementation of a security framework for industrial control systems

Using high-level synthesis and formal analysis to predict and preempt attacks on industrial control systems

A Bio-immunology Inspired Industrial Control System Security Model

Contact Info

Product

Resources

About