Quantifying Controller Resilience Using Behavior Characterization

Abstract : Supervisory control and data acquisition (SCADA) systems monitor and control major components of the critical infrastructure. Targeted malware such as Stuxnet is an example of a covert cyber attack against a SCADA system that resulted in physical effects. Of particular significance is how Stuxnet exploited the trust relationship between the human machine interface (HMI) and programmable logic controllers (PLCs). Current methods for validating system operating parameters rely on message exchange and network communications protocols, which are generally observed at the HMI. Although sufficient at the macro level, this method does not support the detection of malware that causes physical effects via the covert manipulation of a PLC. This paper introduces an alternative method that leverages the direct analysis of PLC inputs and outputs to derive the true state of SCADA devices. The input-output behavior characteristics are modeled using Petri nets to derive metrics for quantifying the resilience of PLCs against malicious exploits. The method enables the detection of programming changes that affect input-output relationships, the identification of the degree of deviation from a baseline program and the minimization of performance losses due to disruptive events.
Type de document :
Communication dans un congrès
Jonathan Butts; Sujeet Shenoi. 6th International Conference on Critical Infrastructure Protection (ICCIP), Mar 2012, Washington, DC, United States. Springer, IFIP Advances in Information and Communication Technology, AICT-390, pp.71-83, 2012, Critical Infrastructure Protection VI. 〈10.1007/978-3-642-35764-0_6〉
Liste complète des métadonnées

Littérature citée [7 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01483821
Contributeur : Hal Ifip <>
Soumis le : lundi 6 mars 2017 - 15:02:05
Dernière modification le : dimanche 29 avril 2018 - 13:48:02
Document(s) archivé(s) le : mercredi 7 juin 2017 - 14:29:22

Fichier

978-3-642-35764-0_6_Chapter.pd...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Henry Bushey, Juan Lopez, Jonathan Butts. Quantifying Controller Resilience Using Behavior Characterization. Jonathan Butts; Sujeet Shenoi. 6th International Conference on Critical Infrastructure Protection (ICCIP), Mar 2012, Washington, DC, United States. Springer, IFIP Advances in Information and Communication Technology, AICT-390, pp.71-83, 2012, Critical Infrastructure Protection VI. 〈10.1007/978-3-642-35764-0_6〉. 〈hal-01483821〉

Partager

Métriques

Consultations de la notice

85

Téléchargements de fichiers

17