Code integrity attestation for PLCs using black box neural network predictions
@article{Chen2021CodeIA,
title={Code integrity attestation for PLCs using black box neural network predictions},
author={Yuqi Chen and Christopher M. Poskitt and Jun Sun},
journal={Proceedings of the 29th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering},
year={2021}
}Cyber-physical systems (CPSs) are widespread in critical domains, and significant damage can be caused if an attacker is able to modify the code of their programmable logic controllers (PLCs). Unfortunately, traditional techniques for attesting code integrity (i.e. verifying that it has not been modified) rely on firmware access or roots-of-trust, neither of which proprietary or legacy PLCs are likely to provide. In this paper, we propose a practical code integrity checking solution based on…
Figures and Tables from this paper
References
SHOWING 1-10 OF 84 REFERENCES
PLCDefender: Improving Remote Attestation Techniques for PLCs Using Physical Model
- Computer ScienceIEEE Internet of Things Journal
- 2021
PLCDefender is proposed, a mitigation method that combines hybrid remote attestation technique with a physics-based model to preserve the control behavior integrity of ICS and can model PLC physical behavior with accuracy as high as 98%.
Towards Automated Safety Vetting of PLC Code in Real-World Plants
- Computer Science2019 IEEE Symposium on Security and Privacy (SP)
- 2019
The experiments show that VetPLC outperforms state-of-the-art techniques and can generate event sequences that can be used to automatically detect hidden safety violations.
Learning from Mutants: Using Code Mutation to Learn and Monitor Invariants of a Cyber-Physical System
- Computer Science2018 IEEE Symposium on Security and Privacy (SP)
- 2018
This paper proposes a novel approach for constructing models of CPS automatically, by applying supervised machine learning to data traces obtained after systematically seeding their software components with faults ("mutants").
Active fuzzing for testing and securing cyber-physical systems
- Computer ScienceISSTA
- 2020
This work proposes active fuzzing, an automatic approach for finding test suites of packet-level CPS network attacks, targeting scenarios in which attackers can observe sensors and manipulate packets, but have no existing knowledge about the payload encodings.
C-FLAT: Control-Flow Attestation for Embedded Systems Software
- Computer ScienceCCS
- 2016
The design and implementation of Control-FLow ATtestation (C-FLAT) is presented that enables remote attestation of an application's control-flow path, without requiring the source code, and its performance is evaluated using a real-world embedded application and against control- flow hijacking attacks.
SoK: Attacks on Industrial Control Logic and Formal Verification-Based Defenses
- Computer Science2021 IEEE European Symposium on Security and Privacy (EuroS&P)
- 2021
Challenges in every aspect of formal verification are discovered, rising from the ever-expanding attack surface from evolved system design, the real-time constraint during the program execution, and the barrier in security evaluation given proprietary and vendor-specific dependencies on different techniques.
PLC-Sleuth: Detecting and Localizing PLC Intrusions Using Control Invariants
- Computer ScienceRAID
- 2020
PLC-Sleuth is a novel non-invasive intrusion detection/localization system for PLCs, grounding on a set of control invariants that exist pervasively in all control systems.
ECFI: Asynchronous Control Flow Integrity for Programmable Logic Controllers
- Computer ScienceACSAC
- 2017
A novel, PLC-compatible control-flow integrity (CFI) mechanism named ECFI is introduced to protect such devices from control- flow hijacking attacks and is demonstrated to be an efficient, non-intrusive CFI solution that does not impose notable performance overhead.
Scanning the Cycle: Timing-based Authentication on PLCs
- Computer ScienceAsiaCCS
- 2021
A novel technique to authenticate PLCs is proposed that aims at raising the bar against powerful attackers while being compatible with real-time systems.
Control Behavior Integrity for Distributed Cyber-Physical Systems
- Computer Science2020 ACM/IEEE 11th International Conference on Cyber-Physical Systems (ICCPS)
- 2020
Scadman is presented, a novel control-logic aware anomaly detection system for distributed cyber-physical systems that can detect a wide range of attacks–including attacks that have previously been undetectable by typical state estimation techniques–while causing no false-positive warning for nominal threshold values.