Detecting PLC control corruption via on-device runtime verification

Proceedings - 2016 Resilience Week, RWS 2016

Volumn , Issue , 2016, Pages 67-72

  Garcia, Luis ^a   Zonouz, Saman ^a   Wei, Dong ^b   De Aguiar, Leandro Pfleger ^b  

^a RUTGERS UNIVERSITY   (United States)

^b SIEMENS CORPORATE RESEARCH   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

ACCIDENT PREVENTION; COMPUTATION THEORY; COMPUTER CIRCUITS; CONTROLLERS; EMBEDDED SYSTEMS; INTRUSION DETECTION; MERCURY (METAL); ONLINE SYSTEMS; PROGRAMMED CONTROL SYSTEMS; RECONFIGURABLE HARDWARE; SAFETY ENGINEERING;

COMMERCIAL OFF THE SHELVES; COUPLED ENVIRONMENT; CYBER-PHYSICAL SECURITIES; DEVELOPMENT ENVIRONMENT; INDUSTRIAL CONTROL SYSTEMS; INTRUSION DETECTION SYSTEMS; ON-LINE VERIFICATIONS; RUN-TIME VERIFICATION;

PROGRAMMABLE LOGIC CONTROLLERS;

EID: 84991780822     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/RWEEK.2016.7573309     Document Type: Conference Paper

References (18)

1. US ICS-CERT. (2015) ICS CERT Monitor, November/December 2015. https://ics-cert.us-cert.gov/monitors/ICS-MM201512.
2. D. Nardella. (2015) Snap7 Overview. http://snap7.sourceforge.net/.
3. J. Klick, S. Lau, D. Marzin, J.-O. Malchow, and V. Roth, "Internet-facing plcs-a new back orifice."
4. S. E. McLaughlin, S. A. Zonouz, D. J. Pohly, and P. D. McDaniel, "A trusted safety verifier for process controller code." in Proceedings of the Network and Distributed System Security (NDSS) Symposium, 2014.
5. S. Zonouz, J. Rrushi, and S. McLaughlin, "Detecting industrial control malware using automated plc code analytics, " Security & Privacy, IEEE, vol. 12, no. 6, pp. 40-47, 2014.
6. A. Kleinman and A. Wool, "Accurate modeling of the siemens s7 scada protocol for intrusion detection and digital forensics, " The Journal of Digital Forensics, Security and Law: JDFSL, vol. 9, no. 2, p. 37, 2014.
7. Siemens. (2009) SIMATIC Windows Automation Center RTX Open Development Kit (WinAC ODK). https://cache.industry.siemens.com/dl/ files/966/35948966/att 82094/v1/winac odk user manual en-US en-US.pdf.
8. N. Goldenberg and A. Wool, "Accurate modeling of modbus/tcp for intrusion detection in scada systems, " International Journal of Critical Infrastructure Protection, vol. 6, no. 2, pp. 63-75, 2013.
9. Wireshark. (2016) tshark. https://www.wireshark.org/docs/man-pages/ tshark.html.
10. National Energy Regulatory Commission, NERC CIP 002 1 - Critical Cyber Asset Identification, 2006.
11. K. Stouffer, J. Falco, and K. Scarfone, "Guide to industrial control systems (ics) security, " NIST special publication, vol. 800, no. 82, pp. 16-16, 2011.
12. R. Carlson, J. Dagle, S. Shamsuddin, and R. Evans, "A summary of control system security standards activities in the energy sector, " Department of Energy, p. 48, 2005.
13. J. Weiss, "Are the nerc cips making the grid less reliable, " Control Global, 2009.
14. L. Pietre-Cambacédes, M. Tritschler, and G. N. Ericsson, "Cybersecurity myths on power control systems: 21 misconceptions and false beliefs, " Power Delivery, IEEE Transactions on, vol. 26, no. 1, pp. 161-172, 2011.
15. S. Mohan, S. Bak, E. Betti, H. Yun, L. Sha, and M. Caccamo, "S3a: secure system simplex architecture for enhanced security of cyberphysical systems, " arXiv preprint arXiv:1202.5722, 2012.
16. S. Cheung, B. Dutertre, M. Fong, U. Lindqvist, K. Skinner, and A. Valdes, "Using model-based intrusion detection for scada networks, " in Proceedings of the SCADA security scientific symposium, vol. 46. Citeseer, 2007, pp. 1-12.
17. J. Zaddach, L. Bruno, A. Francillon, and D. Balzarotti, "Avatar: A framework to support dynamic security analysis of embedded systems' firmwares." in NDSS, 2014.
18. W. M. Goble, Control systems safety evaluation and reliability. ISA, 2010.