research-article

Securing system controllers in critical infrastructures

Authors:

Rattikorn Hewett,

Phongphun KijsanayothinAuthors Info & Claims

CSIIRW '13: Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop

Article No.: 29, Pages 1 - 4

https://doi.org/10.1145/2459976.2460009

Published: 08 January 2013 Publication History

Get Access

Abstract

Control systems are at the heart of many critical infrastructures. Malicious attacks on system controllers like SCADA (Supervisory Control And Data Acquisition) systems are serious threats to critical national infrastructures such as smart grids, nuclear power plants, or transportation systems. Analyzing and verifying the security of the control systems has increasingly become an important defense mechanism. This paper presents an approach that facilitates a semi-automated security system verification of control systems by a novel application of model checking, a technique traditionally used for automated software verification. The proposed approach is different from typical model-checking applications in that it has the ability to uncover missing safety and security properties that should be specified to prevent catastrophes caused by malicious acts. We describe the approach by illustrating its use in analyzing a cooling reactor system controller in a nuclear power plant system. The approach is general and applicable to SCADA and other control systems.

References

[1]

Andress, J. and Winterfield, S., 2011. Cyber Warfare, Elsevier, Waltham, MA.

Google Scholar

[2]

Amin, S., Cardenas, A. A., and Sastry, S. S., 2009. Safe and Secure Networked Control Systems under Denial-of-Service Attacks, in Hybrid Systems: Computation and Control. Lecture Notes in Computer Science. Springer Berlin/Heidelberg, pp. 31--45.

Digital Library

Google Scholar

[3]

Amin, S., Bayen, A. M., El Ghaoui, L., Sastry, S. S., 2007. Robust feasibility for control of water flow in a reservoir canal system. In Proceedings of the 46^th IEEE Conference on Decision and Control, pp. 1571--1577.

Crossref

Google Scholar

[4]

Cardenas, A. A., Amin, S. and Sastry, S., 2008. Secure control: Towards survivable cyber-physical systems. In Proceedings of the 28^th Conference on Distributed Computing Systems ICDCS '08 (June 2008), pp. 495--500.

Digital Library

Google Scholar

[5]

Cheung, S. C. and Kramer, J., 1999. Checking safety properties using compositional reachability analysis, ACM Trans. Software Engineering Methodology, 8(1): 49--78.

Digital Library

Google Scholar

[6]

Falkenhainer, B. and Forbus, K., 1988. Setting up Large-scale Qualitative Models. In Proceedings of the 7^th National Artificial Intelligence, Saint Paul, Minneapolis.

Google Scholar

[7]

Heckman, M., Schell, R., and Reed, E., 2011. Using a high assurance TCB for infrastructure security. In Proceedings of the 7^th Annual Workshop on Cyber Security and Information Intelligent Research (CSIIRW'11, October 12--14, Oak Ridge, Tennessee, USA). ACM, New York, DOI=http://10.1145/2179298.2179359.

Digital Library

Google Scholar

[8]

Giannakopoulou, D., 1995. The Tracta approach for behaviour analysis of concurrent systems, Technical Report DoC 95/16, Imperial College, Department of Computing, 12.

Google Scholar

[9]

Giannakopoulou, D., Pasareanu, C. S. and Barringer, H., 2002. Assumption generation for software component verification. In Proceedings of Automated Software Engineering, IEEE Computer Society, pp. 3--12.

Digital Library

Google Scholar

[10]

Lampson, B., Abadi, M., Burrows, M. and Wobber, E., 1992. Authentication in distributed systems: theory and practices, ACM Trans. Comput. Syst., 10: 265--310.

Digital Library

Google Scholar

[11]

Mills, E., 2010. Details of the first-ever control system malware. Cnet News. http://news.cnet.com/8301-27080_3-2011159-245.html.

Google Scholar

[12]

Mo, Y. and Sinopoli, B., 2010. False data injection attacks in control systems. In First Workshop on Secure Control Systems, Stockholm, Sweden.

Google Scholar

[13]

Velagapalli, A. and M. Ramkumar, 2011. Minimizing the TCB for Securing SCADA Systems. In Proceedings of the 7^th Annual Workshop on Cyber Security and Information Intelligent Research (CSIIRW'11, October 12--14, Oak Ridge, Tennessee, USA). ACM, New York, DOI=http://dx.acm.org/10.1145/2179298.2179320.

Digital Library

Google Scholar

Cited By

View all

Fan XFan KWang YZhou R(2015)Overview of cyber-security of industrial control system2015 International Conference on Cyber Security of Smart Cities, Industrial Control System and Communications (SSIC)10.1109/SSIC.2015.7245324(1-7)Online publication date: Aug-2015
https://doi.org/10.1109/SSIC.2015.7245324

Index Terms

Securing system controllers in critical infrastructures
1. Software and its engineering
  1. Software organization and properties
    1. Software functional properties
      1. Correctness
2. Theory of computation
  1. Logic
    1. Proof theory
  2. Semantics and reasoning
    1. Program reasoning
      1. Pre- and post-conditions

Recommendations

Critical Infrastructures: IT Security and Threats from Private Sector Ownership

The critical infrastructures of industrialized countries depend on an interconnected “system of systems” that physically spans the globe and exists virtually everywhere. Often, the governments and industries responsible for the critical infrastructures ...
Additional kernel observer: privilege escalation attack prevention mechanism focusing on system call privilege changes
Abstract
Cyberattacks, especially attacks that exploit operating system vulnerabilities, have been increasing in recent years. In particular, if administrator privileges are acquired by an attacker through a privilege escalation attack, the attacker can ...
Securing Critical Infrastructures and Critical Control Systems: Approaches for Threat Protection

Comments

Information & Contributors

Information

Published In

CSIIRW '13: Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop

January 2013

282 pages

ISBN:9781450316873

DOI:10.1145/2459976

Editors:
Frederick Sheldon
Oak Ridge National Laboratory
,
Annarita Giani
Los Alamos National Laboratory
,
Axel Krings
University of Idaho
,
Robert Abercrombie
Oak Ridge National Laboratory

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 08 January 2013

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CSIIRW '13

Sponsor:

Los Alamos National Labs
Sandia National Labs
DOE
Lawrence Livermore National Lab.
BERKELEYLAB
Argonne Natl Lab
Idaho National Lab.
Nevada National Security Site

CSIIRW '13: Cyber Security and Information Intelligence

January 8 - 10, 2013

Tennessee, Oak Ridge, USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1
Total Citations
View Citations
239
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 07 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Fan XFan KWang YZhou R(2015)Overview of cyber-security of industrial control system2015 International Conference on Cyber Security of Smart Cities, Industrial Control System and Communications (SSIC)10.1109/SSIC.2015.7245324(1-7)Online publication date: Aug-2015
https://doi.org/10.1109/SSIC.2015.7245324

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Abstract

References

Cited By

Index Terms

Recommendations

Critical Infrastructures: IT Security and Threats from Private Sector Ownership

Additional kernel observer: privilege escalation attack prevention mechanism focusing on system call privilege changes

Securing Critical Infrastructures and Critical Control Systems: Approaches for Threat Protection

Comments

Information

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Login options

Full Access

View options

PDF

eReader

Share

Share this Publication link

Share on social media

Affiliations