Affiliation:
1. Università degli Studi dell’Insubria, Italy
2. Università degli Studi di Verona, Verona, Italy
Abstract
With the advent of
Industry 4.0
, industrial facilities and critical infrastructures are transforming into an ecosystem of heterogeneous physical and cyber components, such as
programmable logic controllers
, increasingly interconnected and therefore exposed to
cyber-physical attacks
, i.e., security breaches in cyberspace that may adversely affect the physical processes underlying
industrial control systems
.
In this article, we propose a
formal approach
based on
runtime enforcement
to ensure specification compliance in networks of controllers, possibly compromised by
colluding malware
that may locally tamper with actuator commands, sensor readings, and inter-controller communications. Our approach relies on an ad-hoc sub-class of Ligatti et al.’s
edit automata
to enforce controllers represented in Hennessy and Regan’s
Timed Process Language
. We define a synthesis algorithm that, given an alphabet 𝒫 of observable actions and a timed correctness property
e
, returns a monitor that enforces the property
e
during the execution of any (potentially corrupted) controller with alphabet 𝒫, and complying with the property
e
. Our monitors do
mitigation
by correcting and suppressing incorrect actions of corrupted controllers and by generating actions in full autonomy when the controller under scrutiny is not able to do so in a correct manner. Besides classical requirements, such as
transparency
and
soundness
, the proposed enforcement enjoys
deadlock- and diverge-freedom
of monitored controllers, together with
scalability
when dealing with networks of controllers. Finally, we test the proposed enforcement mechanism on a non-trivial case study, taken from the context of industrial water treatment systems, in which the controllers are injected with different malware with different malicious goals.
Funder
Dipartimenti di Eccellenza 2018
Ministry of Universities and Research
Publisher
Association for Computing Machinery (ACM)
Subject
Safety, Risk, Reliability and Quality,General Computer Science
Reference70 articles.
1. Int’l Standard IEC 61131-3. 2003. Programmable Controllers - Part 3: Programming Languages. second ed., Int’l Electrotechnical Commission.
2. Int’l Standard IEC 61499-1. 2005. Function Blocks - Part 1: Architecture. first ed., Int’l Electrotechnical Commission.
3. A calculus for cryptographic protocols
4. A. Abbasi and M. Hashemi. 2016. Ghost in the PLC designing an undetectable programmable logic controller rootkit via pin control attack. In Proceedings of the Black Hat Europe. 1–35.
Cited by
5 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
1. Tiny Twins for detecting cyber-attacks at runtime using concise Rebeca time transition system;Journal of Parallel and Distributed Computing;2024-02
2. Towards Obfuscation of Programmable Logic Controllers;Proceedings of the 18th International Conference on Availability, Reliability and Security;2023-08-29
3. HoneyICS: A High-interaction Physics-aware Honeynet for Industrial Control Systems;Proceedings of the 18th International Conference on Availability, Reliability and Security;2023-08-29
4. Bidirectional Runtime Enforcement of First-Order Branching-Time Properties;Logical Methods in Computer Science;2023-02-28
5. Towards Reverse Engineering of Industrial Physical Processes;Computer Security. ESORICS 2022 International Workshops;2023