TY - GEN
T1 - PAtt
T2 - 22nd International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2019
AU - Ghaeini, Hamid Reza
AU - Chan, Matthew
AU - Bahmani, Raad
AU - Brasser, Ferdinand
AU - Garcia, Luis
AU - Zhou, Jianying
AU - Sadeghi, Ahmad Reza
AU - Tippenhauer, Nils Ole
AU - Zonouz, Saman
N1 - Publisher Copyright:
© 2019 RAID 2019 Proceedings - 22nd International Symposium on Research in Attacks, Intrusions and Defenses. All rights reserved.
PY - 2019
Y1 - 2019
N2 - Ensuring the integrity of embedded programmable logic controllers (PLCs) is critical for the safe operation of industrial control systems. In particular, a cyber-attack could manipulate control logic running on the PLCs to bring the process of safety-critical application into unsafe states. Unfortunately, PLCs are typically not equipped with hardware support that allows the use of techniques such as remote attestation to verify the integrity of the logic code. In addition, so far remote attestation is not able to verify the integrity of the physical process controlled by the PLC. In this work, we present PAtt, a system that combines remote software attestation with control process validation. PAtt leverages operation permutations—subtle changes in the operation sequences based on integrity measurements—which do not affect the physical process but yield unique traces of sensor readings during execution. By encoding integrity measurements of the PLC’s memory state (software and data) into its control operation, our system allows us to remotely verify the integrity of the control logic based on the resulting sensor traces. We implement the proposed system on a real PLC, controlling a robot arm, and demonstrate its feasibility. Our implementation enables the detection of attackers that manipulate the PLC logic to change process state and/or report spoofed sensor readings (with an accuracy of 97% against tested attacks).
AB - Ensuring the integrity of embedded programmable logic controllers (PLCs) is critical for the safe operation of industrial control systems. In particular, a cyber-attack could manipulate control logic running on the PLCs to bring the process of safety-critical application into unsafe states. Unfortunately, PLCs are typically not equipped with hardware support that allows the use of techniques such as remote attestation to verify the integrity of the logic code. In addition, so far remote attestation is not able to verify the integrity of the physical process controlled by the PLC. In this work, we present PAtt, a system that combines remote software attestation with control process validation. PAtt leverages operation permutations—subtle changes in the operation sequences based on integrity measurements—which do not affect the physical process but yield unique traces of sensor readings during execution. By encoding integrity measurements of the PLC’s memory state (software and data) into its control operation, our system allows us to remotely verify the integrity of the control logic based on the resulting sensor traces. We implement the proposed system on a real PLC, controlling a robot arm, and demonstrate its feasibility. Our implementation enables the detection of attackers that manipulate the PLC logic to change process state and/or report spoofed sensor readings (with an accuracy of 97% against tested attacks).
UR - http://www.scopus.com/inward/record.url?scp=85077820510&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85077820510&partnerID=8YFLogxK
M3 - Conference contribution
AN - SCOPUS:85077820510
T3 - RAID 2019 Proceedings - 22nd International Symposium on Research in Attacks, Intrusions and Defenses
SP - 165
EP - 180
BT - RAID 2019 Proceedings - 22nd International Symposium on Research in Attacks, Intrusions and Defenses
PB - USENIX Association
Y2 - 23 September 2019 through 25 September 2019
ER -