Name
Title | ||
|---|---|---|
Using high-level synthesis and formal analysis to predict and preempt attacks on industrial control systems |
Abstract | ||
|---|---|---|
Industrial control systems (ICSes) have the conflicting requirements of security and network access. In the event of large-scale hostilities, factories and infrastructure would more likely be targeted by computer viruses than the bomber squadrons used in WWII. ICS zero-day exploits are now a commodity sold on brokerages to interested parties including nations. We mitigate these threats not by bolstering perimeter security, but rather by assuming that potentially all layers of ICS software have already been compromised and are capable of launching a latent attack while reporting normal system status to human operators. In our approach, application-specific configurable hardware is the final authority for scrutinizing controller commands and process sensors, and can monitor and override operations at the lowest (I/O pin) level of a configurable system-on-chip platform. The process specifications, stability-preserving backup controller, and switchover logic are specified and formally verified as C code, and synthesized into hardware to resist software reconfiguration attacks. To provide greater assurance that the backup controller can be invoked before the physical process becomes unstable, copies of the production controller task and plant model are accelerated to preview the controller's behavior in the near future. |
Year | DOI | Venue |
|---|---|---|
2014 | 10.1145/2554688.2554759 | FPGA |
Keywords | Field | DocType |
process sensor,production controller task,application-specific configurable hardware,ics software,ics zero-day exploit,backup controller,formal analysis,preempt attack,physical process,high-level synthesis,industrial control system,configurable system-on-chip platform,controller command,process specification,security,high level synthesis,industrial control systems | Computer science,Computer security,Computer virus,Industrial control system,Real-time computing,Software,Backup,Switchover,Control theory,High-level synthesis,Parallel computing,Exploit,Operating system | Conference |
Citations | PageRank | References |
4 | 0.50 | 1 |
Authors | ||
4 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Lee W. Lerner | 1 | 4 | 0.50 |
| Zane R. Franklin | 2 | 4 | 0.50 |
| William T Baumann | 3 | 26 | 4.87 |
| Cameron D. Patterson | 4 | 59 | 11.71 |