Smart I/O Modules for Mitigating Cyber-Physical Attacks on Industrial Control Systems
Autor: | Matthew M. Y. Kuo, Hammond Pearce, Srinivas Pinisetty, Partha S. Roop, Abhisek Ukil |
---|---|
Rok vydání: | 2020 |
Předmět: |
Input/output
Hardware architecture Computer science 020208 electrical & electronic engineering Overhead (engineering) Cyber-physical system Programmable logic controller 02 engineering and technology Industrial control system Computer security computer.software_genre Computer Science Applications Control and Systems Engineering Control theory Control system 0202 electrical engineering electronic engineering information engineering Electrical and Electronic Engineering computer Information Systems |
Zdroj: | IEEE Transactions on Industrial Informatics. 16:4659-4669 |
ISSN: | 1941-0050 1551-3203 |
DOI: | 10.1109/tii.2019.2945520 |
Popis: | Cyber-physical systems (CPSs) are implemented in many industrial and embedded control applications. Where these systems are safety-critical, correct and safe behavior is of paramount importance. Malicious attacks on such CPSs can have far-reaching repercussions. For instance, if elements of a power grid behave erratically, physical damage and loss of life could occur. Currently, there is a trend toward increased complexity and connectivity of CPS. However, as this occurs, the potential attack vectors for these systems grow in number, increasing the risk that a given controller might become compromised. In this article, we examine how the dangers of compromised controllers can be mitigated. We propose a novel application of runtime enforcement that can secure the safety of real-world physical systems. Here, we synthesize enforcers to a new hardware architecture within programmable logic controller I/O modules to act as an effective line of defence between the cyber and the physical domains. Our enforcers prevent the physical damage that a compromised control system might be able to perform. To demonstrate the efficacy of our approach, we present several benchmarks, and show that the overhead for each system is extremely minimal. |
Databáze: | OpenAIRE |
Externí odkaz: |