Protecting Infrastructure Assets from Real-Time and Run-Time Threats

Abstract : Real-time availability with integrity is a crucial security requirement for critical infrastructure assets – delays in reporting device states or computations may result in equipment damage, perhaps even catastrophic failure. However, it is also necessary to address malicious software-based threats. Trusted computing (TC) is a security paradigm that enables application platforms to enforce the integrity of execution targets. A TC architecture can be combined with a real-time access control system to help protect against real-time availability and malware threats. However TC architectures offer only static (load-time) protection, so it is still necessary to address the possibility of run-time (execution) attacks. This paper focuses on the protection afforded by TC platforms to critical infrastructure assets. The paper defines a threat model, analyzes vulnerabilities, proposes services and tools that guarantee real-time availability with integrity, and demonstrates how they can be used to protect communications of an IEC61850-90-5-compliant substation automation system in an electricity grid. Also, it discusses the impact of run-time attacks on TC-compliant critical infrastructure assets.