A Malware-Tolerant, Self-Healing Industrial Control System Framework

Abstract : Industrial Control Systems (ICSs) are computers managing many critical infrastructures like power plants, aeroplanes, production lines, etc. While ICS were specialised hardware circuits without internet connection in former times, they are nowadays commodity computers with network connection, TCP/IP stack, and a full operating system, making them vulnerable to common attacks. The defensive mechanisms, however, are still lacking behind due to the strong requirement for availability of ICSs which prohibits to deploy typical countermeasures like e.g. an anti-virus. New techniques are needed to defend these systems under their distinct prerequisites.We introduce the concept of a malware-tolerant ICS network architecture which can still operate securely even when some components are entirely compromised by an attacker. This was done by replacing all single point-of-failures with multiple components verifying each other. We provide ProVerif proofs to show the correctness of the network protocol one-by-one assuming each device compromised.Furthermore, we added a self-healing mechanism based on invariants to the architecture on network as well as system level which will reset failed or compromised systems. To demonstrate system level self-healing, we implemented it on top of FreeRTOS and ARM TrustZone. The network level self-healing was incorporated into the ProVerif proofs by formally verifying the absence of type 1 (falsely identified attacks) and type 2 errors (missed attacks).
Type de document :
Communication dans un congrès
Sabrina De Capitani di Vimercati; Fabio Martinelli. 32th IFIP International Conference on ICT Systems Security and Privacy Protection (SEC), May 2017, Rome, Italy. Springer International Publishing, IFIP Advances in Information and Communication Technology, AICT-502, pp.46-60, 2017, ICT Systems Security and Privacy Protection. 〈10.1007/978-3-319-58469-0_4〉
Liste complète des métadonnées

Littérature citée [30 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01649003
Contributeur : Hal Ifip <>
Soumis le : lundi 27 novembre 2017 - 10:31:36
Dernière modification le : lundi 27 novembre 2017 - 10:34:08

Fichier

 Accès restreint
Fichier visible le : 2020-01-01

Connectez-vous pour demander l'accès au fichier

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Michael Denzel, Mark Ryan, Eike Ritter. A Malware-Tolerant, Self-Healing Industrial Control System Framework. Sabrina De Capitani di Vimercati; Fabio Martinelli. 32th IFIP International Conference on ICT Systems Security and Privacy Protection (SEC), May 2017, Rome, Italy. Springer International Publishing, IFIP Advances in Information and Communication Technology, AICT-502, pp.46-60, 2017, ICT Systems Security and Privacy Protection. 〈10.1007/978-3-319-58469-0_4〉. 〈hal-01649003〉

Partager

Métriques

Consultations de la notice

140