Team for Research in
Ubiquitous Secure Technology

Attacks against process control systems: risk assessment, detection, and response
Alvaro Cardenas, Saurabh Amin, Zong-Syun Lin, Chi-Yen Huang, Shankar Sastry

Citation
Alvaro Cardenas, Saurabh Amin, Zong-Syun Lin, Chi-Yen Huang, Shankar Sastry. "Attacks against process control systems: risk assessment, detection, and response". Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security (ASIACCS11), 2011.

Abstract
In the last years there has been an increasing interest in the security of process control and SCADA systems. Furthermore, recent computer attacks such as the Stuxnet worm, have shown there are parties with the motivation and resources to effectively attack control systems. While previous work has proposed new security mechanisms for control systems, few of them have explored new and fundamentally different research problems for securing control systems when compared to securing traditional information technology (IT) systems. In particular, the sophistication of new malware attacking control systems--malware including zero-days attacks, rootkits created for control systems, and software signed by trusted certificate authorities--has shown that it is very difficult to prevent and detect these attacks based solely on IT system information. In this paper we show how, by incorporating knowledge of the physical system under control, we are able to detect computer attacks that change the behavior of the targeted control system. By using knowledge of the physical system we are able to focus on the final objective of the attack, and not on the particular mechanisms of how vulnerabilities are exploited, and how the attack is hidden. We analyze the security and safety of our mechanisms by exploring the effects of stealthy attacks, and by ensuring that automatic attack-response mechanisms will not drive the system to an unsafe state. A secondary goal of this paper is to initiate the discussion between control and security practitioners--two areas that have had little interaction in the past. We believe that control engineers can leverage security engineering to design--based on a combination of their best practices--control algorithms that go beyond safety and fault tolerance, and include considerations to survive targeted attacks.

Electronic downloads

Citation formats  
  • HTML
    Alvaro Cardenas, Saurabh Amin, Zong-Syun Lin, Chi-Yen Huang,
    Shankar Sastry. <a
    href="http://www.truststc.org/pubs/859.html"
    >Attacks against process control systems: risk
    assessment, detection, and response</a>, Proceedings
    of the 6th ACM Symposium on Information, Computer and
    Communications Security  (ASIACCS11), 2011.
  • Plain text
    Alvaro Cardenas, Saurabh Amin, Zong-Syun Lin, Chi-Yen Huang,
    Shankar Sastry. "Attacks against process control
    systems: risk assessment, detection, and response".
    Proceedings of the 6th ACM Symposium on Information,
    Computer and Communications Security  (ASIACCS11), 2011.
  • BibTeX
    @inproceedings{CardenasAminLinHuangSastry11_AttacksAgainstProcessControlSystemsRiskAssessmentDetection,
        author = {Alvaro Cardenas and Saurabh Amin and Zong-Syun Lin
                  and Chi-Yen Huang and Shankar Sastry},
        title = {Attacks against process control systems: risk
                  assessment, detection, and response},
        booktitle = {Proceedings of the 6th ACM Symposium on
                  Information, Computer and Communications Security 
                  (ASIACCS11)},
        year = {2011},
        abstract = {In the last years there has been an increasing
                  interest in the security of process control and
                  SCADA systems. Furthermore, recent computer
                  attacks such as the Stuxnet worm, have shown there
                  are parties with the motivation and resources to
                  effectively attack control systems. While previous
                  work has proposed new security mechanisms for
                  control systems, few of them have explored new and
                  fundamentally different research problems for
                  securing control systems when compared to securing
                  traditional information technology (IT) systems.
                  In particular, the sophistication of new malware
                  attacking control systems--malware including
                  zero-days attacks, rootkits created for control
                  systems, and software signed by trusted
                  certificate authorities--has shown that it is very
                  difficult to prevent and detect these attacks
                  based solely on IT system information. In this
                  paper we show how, by incorporating knowledge of
                  the physical system under control, we are able to
                  detect computer attacks that change the behavior
                  of the targeted control system. By using knowledge
                  of the physical system we are able to focus on the
                  final objective of the attack, and not on the
                  particular mechanisms of how vulnerabilities are
                  exploited, and how the attack is hidden. We
                  analyze the security and safety of our mechanisms
                  by exploring the effects of stealthy attacks, and
                  by ensuring that automatic attack-response
                  mechanisms will not drive the system to an unsafe
                  state. A secondary goal of this paper is to
                  initiate the discussion between control and
                  security practitioners--two areas that have had
                  little interaction in the past. We believe that
                  control engineers can leverage security
                  engineering to design--based on a combination of
                  their best practices--control algorithms that go
                  beyond safety and fault tolerance, and include
                  considerations to survive targeted attacks.},
        URL = {http://www.truststc.org/pubs/859.html}
    }
    

Posted by Mary Stewart on 4 Apr 2012.
For additional information, see the Publications FAQ or contact webmaster at www truststc org.

Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.