PAtt: Physics-based attestation of control systems

Hamid Reza Ghaeini, Matthew Chan, Raad Bahmani, Ferdinand Brasser, Luis Garcia, Jianying Zhou, Ahmad Reza Sadeghi, Nils Ole Tippenhauer, Saman Zonouz

Research output: Chapter in Book/Report/Conference proceedingConference contribution

32 Scopus citations

Abstract

Ensuring the integrity of embedded programmable logic controllers (PLCs) is critical for the safe operation of industrial control systems. In particular, a cyber-attack could manipulate control logic running on the PLCs to bring the process of safety-critical application into unsafe states. Unfortunately, PLCs are typically not equipped with hardware support that allows the use of techniques such as remote attestation to verify the integrity of the logic code. In addition, so far remote attestation is not able to verify the integrity of the physical process controlled by the PLC. In this work, we present PAtt, a system that combines remote software attestation with control process validation. PAtt leverages operation permutations—subtle changes in the operation sequences based on integrity measurements—which do not affect the physical process but yield unique traces of sensor readings during execution. By encoding integrity measurements of the PLC’s memory state (software and data) into its control operation, our system allows us to remotely verify the integrity of the control logic based on the resulting sensor traces. We implement the proposed system on a real PLC, controlling a robot arm, and demonstrate its feasibility. Our implementation enables the detection of attackers that manipulate the PLC logic to change process state and/or report spoofed sensor readings (with an accuracy of 97% against tested attacks).

Original languageEnglish (US)
Title of host publicationRAID 2019 Proceedings - 22nd International Symposium on Research in Attacks, Intrusions and Defenses
PublisherUSENIX Association
Pages165-180
Number of pages16
ISBN (Electronic)9781939133076
StatePublished - 2019
Event22nd International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2019 - Beijing, China
Duration: Sep 23 2019Sep 25 2019

Publication series

NameRAID 2019 Proceedings - 22nd International Symposium on Research in Attacks, Intrusions and Defenses

Conference

Conference22nd International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2019
Country/TerritoryChina
CityBeijing
Period9/23/199/25/19

All Science Journal Classification (ASJC) codes

  • General Computer Science
  • Safety, Risk, Reliability and Quality
  • Law
  • Safety Research

Fingerprint

Dive into the research topics of 'PAtt: Physics-based attestation of control systems'. Together they form a unique fingerprint.

Cite this