PAtt: Physics-based Attestation of Control Systems
conference contribution
posted on 2023-11-29, 18:10authored byHamid Reza Ghaeini, Matthew Chan, Raad Bahmani, Ferdinand Brasser, Luis Garcia, Jianying Zhou, Ahmad-Reza Sadeghi, Nils Ole TippenhauerNils Ole Tippenhauer, Saman Zonouz
Ensuring the integrity of embedded programmable logic controllers (PLCs) is critical for safe operation of industrial con-trol systems. In particular, a cyber-attack could manipulatecontrol logic running on the PLCs to bring the process ofsafety-critical application into unsafe states. Unfortunately,PLCs are typically not equipped with hardware support thatallows the use of techniques such as remote attestation to ver-ify the integrity of the logic code. In addition, so far remoteattestation is not able to verify the integrity of the physicalprocess controlled by the PLC.In this work, we present PAtt, a system that combines re-mote software attestation with control process validation. PAttleverages operation permutations—subtle changes in the op-eration sequences based on integrity measurements—whichdo not affect the physical process but yield unique traces ofsensor readings during execution. By encoding integrity mea-surements of the PLC’s memory state (software and data) intoits control operation, our system allows to remotely verifythe integrity of the control logic based on the resulting sensortraces. We implement the proposed system on a real PLCcontrolling a robot arm, and demonstrate its feasibility. Ourimplementation enables the detection of attackers that ma-nipulate the PLC logic to change process state and/or reportspoofed sensor readings (with an accuracy of 97% againsttested attacks).
History
Preferred Citation
Hamid Ghaeini, Matthew Chan, Raad Bahmani, Ferdinand Brasser, Luis Garcia, Jianying Zhou, Ahmad-Reza Sadeghi, Nils Tippenhauer and Saman Zonouz. PAtt: Physics-based Attestation of Control Systems. In: The International Symposium on Research in Attacks, Intrusions and Defenses (RAID). 2019.
Primary Research Area
Threat Detection and Defenses
Name of Conference
The International Symposium on Research in Attacks, Intrusions and Defenses (RAID)
Legacy Posted Date
2019-06-07
Open Access Type
Green
BibTeX
@inproceedings{cispa_all_2899,
title = "PAtt: Physics-based Attestation of Control Systems",
author = "Ghaeini, Hamid Reza and Chan, Matthew and Bahmani, Raad and Brasser, Ferdinand and Garcia, Luis and Zhou, Jianying and Sadeghi, Ahmad-Reza and Tippenhauer, Nils Ole and Zonouz, Saman",
booktitle="{The International Symposium on Research in Attacks, Intrusions and Defenses (RAID)}",
year="2019",
}