Emerging Techniques for Field Device Security

Schwartz, Moses; Mulder, John; Chavez, Adrian R.; Allan, Benjamin A.

doi:10.1109/MSP.2014.114

Title: Emerging Techniques for Field Device Security

Abstract

Critical infrastructure, such as electrical power plants and oil refineries, rely on embedded devices to control essential processes. State of the art security is unable to detect attacks on these devices at the hardware or firmware level. We provide an overview of the hardware used in industrial control system field devices, look at how these devices have been attacked, and discuss techniques and new technologies that may be used to secure them. We follow three themes: (1) Inspectability, the capability for an external arbiter to monitor the internal state of a device. (2) Trustworthiness, the degree to which a system will continue to function correctly despite disruption, error, or attack. (3) Diversity, the use of adaptive systems and complexity to make attacks more difficult by reducing the feasible attack surface.

Authors:

Schwartz, Moses ^[1]; Mulder, John ^[2]; Chavez, Adrian R. ^[2]; Allan, Benjamin A. ^[2]

Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Bechtel Corp. (United States)
Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

Publication Date:: Sat Nov 01 00:00:00 EDT 2014

Research Org.:: Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Sandia National Lab. (SNL-CA), Livermore, CA (United States)

Sponsoring Org.:: USDOE Office of Cybersecurity, Energy Security, and Emergency Response (CESER), Infrastructure Security and Energy Restoration (ISER)

OSTI Identifier:: 1183104

Report Number(s):: SAND-2014-17095J
Journal ID: ISSN 1540-7993; 537058

Grant/Contract Number:: AC04-94AL85000

Resource Type:: Accepted Manuscript

Journal Name:: IEEE Security & Privacy

Additional Journal Information:: Journal Volume: 12; Journal Issue: 6; Journal ID: ISSN 1540-7993

Publisher:: IEEE

Country of Publication:: United States

Language:: English

Subject:: 97 MATHEMATICS AND COMPUTING

Citation Formats


                    Schwartz, Moses, Mulder, John, Chavez, Adrian R., and Allan, Benjamin A. Emerging Techniques for Field Device Security.  United States: N. p., 2014. 
Web.  doi:10.1109/MSP.2014.114.

Copy to clipboard


                    Schwartz, Moses, Mulder, John, Chavez, Adrian R., & Allan, Benjamin A. Emerging Techniques for Field Device Security.  United States.  https://doi.org/10.1109/MSP.2014.114

Copy to clipboard


                    Schwartz, Moses, Mulder, John, Chavez, Adrian R., and Allan, Benjamin A. Sat .  
"Emerging Techniques for Field Device Security".  United States.  https://doi.org/10.1109/MSP.2014.114.  https://www.osti.gov/servlets/purl/1183104.

Copy to clipboard


                    
@article{osti_1183104,

  title        = {Emerging Techniques for Field Device Security},

  author       = {Schwartz, Moses and Mulder, John and Chavez, Adrian R. and Allan, Benjamin A.},

  abstractNote = {Critical infrastructure, such as electrical power plants and oil refineries, rely on embedded devices to control essential processes. State of the art security is unable to detect attacks on these devices at the hardware or firmware level. We provide an overview of the hardware used in industrial control system field devices, look at how these devices have been attacked, and discuss techniques and new technologies that may be used to secure them. We follow three themes: (1) Inspectability, the capability for an external arbiter to monitor the internal state of a device. (2) Trustworthiness, the degree to which a system will continue to function correctly despite disruption, error, or attack. (3) Diversity, the use of adaptive systems and complexity to make attacks more difficult by reducing the feasible attack surface.},

  doi          = {10.1109/MSP.2014.114},

  journal      = {IEEE Security & Privacy},

  number       = 6,

  volume       = 12,

  place        = {United States},

  year         = {Sat Nov 01 00:00:00 EDT 2014},

  month        = {Sat Nov 01 00:00:00 EDT 2014}

}

Copy to clipboard

Journal Article:

Free Publicly Available Full Text

Accepted Manuscript (DOE)

Publisher's Version of Record

https://doi.org/10.1109/MSP.2014.114

Other availability

Search WorldCat to find libraries that may hold this journal

Citation Metrics:

Cited by: 6 works

Citation information provided by
Web of Science

Save / Share:

Export Metadata

Save to My Library

Works referencing / citing this record:

Orpheus: Enforcing Cyber-Physical Execution Semantics to Defend Against Data-Oriented Attacks
conference, December 2017

Cheng, Long; Tian, Ke; Yao, Danfeng (Daphne)
ACSAC 2017: 2017 Annual Computer Security Applications Conference, Proceedings of the 33rd Annual Computer Security Applications Conference
DOI: 10.1145/3134600.3134640

Anomaly Detection as a Service: Challenges, Advances, and Opportunities
journal, October 2017

Yao, Danfeng (Daphne); Shu, Xiaokui; Cheng, Long
Synthesis Lectures on Information Security, Privacy, and Trust, Vol. 9, Issue 3
DOI: 10.2200/s00800ed1v01y201709spt022

Similar Records in DOE PAGES and OSTI.GOV collections:

New initiatives in materials security

Conference Cynthia, G ; Jones, Ph D

NRC Mission: To license and regulate the Nation's civilian use of byproduct, source, and special nuclear materials to ensure adequate protection of public health and safety, promote the common defense and security, and protect the environment. Scope of Responsibility: NRC's regulatory mission covers three main areas: - Reactors: commercial reactors for generating electric power and non-power reactors used for research, testing, and training; - Materials: uses of nuclear materials in medical, industrial, and academic settings and facilities that produce nuclear fuel; - Waste: transportation, storage, and disposal of nuclear materials and waste, and decommissioning of nuclear facilities from service. Amore »« less
WeaselBoard :

Technical Report Mulder, John C. ; Schwartz, Moses Daniel ; Berg, Michael J. ; ...

Critical infrastructures, such as electrical power plants and oil refineries, rely on programmable logic controllers (PLCs) to control essential processes. State of the art security cannot detect attacks on PLCs at the hardware or firmware level. This renders critical infrastructure control systems vulnerable to costly and dangerous attacks. WeaselBoard is a PLC backplane analysis system that connects directly to the PLC backplane to capture backplane communications between modules. WeaselBoard forwards inter-module traffic to an external analysis system that detects changes to process control settings, sensor values, module configuration information, firmware updates, and process control program (logic) updates. WeaselBoard provides zero-daymore »« less
https://doi.org/10.2172/1104779

Full Text Available
Cyber Attack Resilient HVDC System (CARDS) (Final Scientific/Technical Report)

Technical Report Nuqui, Reynaldo

This report summarizes the activities conducted under the DOE-OE funded project DE-OE0000824, where ABB Inc. (ABB), in collaboration with University of Illinois at Urbana-Champaign (UIUC), Bonneville Power Administration (BPA), Argonne National Laboratories (ANL), and University of Idaho (UI) pursued the development of a system of defense for High Voltage Direct Current transmission systems against cyber-attacks (CARDS). An HVDC substation with CARDS features will be more capable of mitigating cyber-attacks especially those that seek to control or interrupt the power flow in the HVDC line. It empowers existing HVDC intelligent electronic devices to collaborate in identifying and blocking malicious intents tomore »« less
https://doi.org/10.2172/1810571

Full Text Available
Gridtrust: Electricity Grid Root-of-Trust Decentralized Supply Chain Cyber-Security (Final Scientific/Technical Report)

Technical Report Grijalva, Santiago ; Mooney, Vincent

GridTrust represents a departure from reliance on a single organization or a single person to multiple organizations and therefore multiple people across organizational structures. The motivating idea behind involving multiple organizations is the increase in security due to human factors. More specifically, the requirement that distinct people in different organizations sign off on a change or an update makes a cyberattack much less likely due to the inherent requirement that both organizations be penetrated and fooled. GridTrust focuses on the software update process as the primary exemplar for the research and development work. A novel hardware-based technology referred to asmore »« less
https://doi.org/10.2172/2228845

Full Text Available
Secure LoRa Firmware Update with Adaptive Data Rate Techniques

Journal Article Heeger, Derek ; Garigan, Maeve ; Eleni Tsiropoulou, Eirini ; ... - Sensors

Internet of Things (IoT) devices rely upon remote firmware updates to fix bugs, update embedded algorithms, and make security enhancements. Remote firmware updates are a significant burden to wireless IoT devices that operate using low-power wide-area network (LPWAN) technologies due to slow data rates. One LPWAN technology, Long Range (LoRa), has the ability to increase the data rate at the expense of range and noise immunity. The optimization of communications for maximum speed is known as adaptive data rate (ADR) techniques, which can be applied to accelerate the firmware update process for any LoRa-enabled IoT device. In this paper, wemore »« less
https://doi.org/10.3390/s21072384

Full Text Available

Similar Records

Title: Emerging Techniques for Field Device Security

Abstract

Citation Formats

Orpheus: Enforcing Cyber-Physical Execution Semantics to Defend Against Data-Oriented Attacks conference, December 2017

Anomaly Detection as a Service: Challenges, Advances, and Opportunities journal, October 2017

Orpheus: Enforcing Cyber-Physical Execution Semantics to Defend Against Data-Oriented Attacks
conference, December 2017

Anomaly Detection as a Service: Challenges, Advances, and Opportunities
journal, October 2017