Skip to main content
OSTI.GOVU.S. Department of Energy Office of Scientific and Technical Information
U.S. Department of Energy
Office of Scientific and Technical Information
 

Emerging Techniques for Field Device Security

Journal Article · · IEEE Security & Privacy
DOI:https://doi.org/10.1109/MSP.2014.114· OSTI ID:1183104
 [1];  [2];  [2];  [2]
  1. Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Bechtel Corp. (United States)
  2. Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)
+ Show Author Affiliations

Critical infrastructure, such as electrical power plants and oil refineries, rely on embedded devices to control essential processes. State of the art security is unable to detect attacks on these devices at the hardware or firmware level. We provide an overview of the hardware used in industrial control system field devices, look at how these devices have been attacked, and discuss techniques and new technologies that may be used to secure them. We follow three themes: (1) Inspectability, the capability for an external arbiter to monitor the internal state of a device. (2) Trustworthiness, the degree to which a system will continue to function correctly despite disruption, error, or attack. (3) Diversity, the use of adaptive systems and complexity to make attacks more difficult by reducing the feasible attack surface.

Research Organization:
Sandia National Laboratories (SNL-NM), Albuquerque, NM (United States); Sandia National Laboratories, Livermore, CA
Sponsoring Organization:
USDOE Office of Electricity Delivery and Energy Reliability (OE), Infrastructure Security and Energy Restoration (ISER) (OE-30)
Grant/Contract Number:
AC04-94AL85000
OSTI ID:
1183104
Report Number(s):
SAND--2014-17095J; 537058
Journal Information:
IEEE Security & Privacy, Journal Name: IEEE Security & Privacy Journal Issue: 6 Vol. 12; ISSN 1540-7993
Publisher:
IEEECopyright Statement
Country of Publication:
United States
Language:
English

Cited By (2)

Orpheus: Enforcing Cyber-Physical Execution Semantics to Defend Against Data-Oriented Attacks
  • Cheng, Long; Tian, Ke; Yao, Danfeng (Daphne)
  • ACSAC 2017: 2017 Annual Computer Security Applications Conference, Proceedings of the 33rd Annual Computer Security Applications Conference https://doi.org/10.1145/3134600.3134640
conference December 2017
Anomaly Detection as a Service: Challenges, Advances, and Opportunities journal October 2017

Similar Records

Secure Firmware Update and Device Authentication for Smart Inverters using Blockchain and Physically Uncloable Function (PUF)-Embedded Security Module
Conference · Tue Jan 04 23:00:00 EST 2022 · 2021 6th IEEE Workshop on the Electronic Grid (eGRID) · OSTI ID:2344968
WeaselBoard :
Technical Report · Tue Oct 01 00:00:00 EDT 2013 · OSTI ID:1104779
Cyber Protection of Grid-Connected Devices Through Embedded Online Security
Conference · Wed Jul 14 00:00:00 EDT 2021 · 2021 IEEE Design Methodologies Conference (DMC) · OSTI ID:2341869

Related Subjects

97 MATHEMATICS AND COMPUTING