research-article

Finding Dependencies between Cyber-Physical Domains for Security Testing of Industrial Control Systems

Authors:

John H. Castellanos,

Jianying ZhouAuthors Info & Claims

ACSAC '18: Proceedings of the 34th Annual Computer Security Applications Conference

Pages 582 - 594

https://doi.org/10.1145/3274694.3274745

Published: 03 December 2018 Publication History

Abstract

In modern societies, critical services such as transportation, power supply, water treatment and distribution are strongly dependent on Industrial Control Systems (ICS). As technology moves along, new features improve services provided by such ICS. On the other hand, this progress also introduces new risks of cyber attacks due to the multiple direct and indirect dependencies between cyber and physical components of such systems. Performing rigorous security tests and risk analysis in these critical systems is thus a challenging task, because of the non-trivial interactions between digital and physical assets and the domain-specific knowledge necessary to analyse a particular system. In this work, we propose a methodology to model and analyse a System Under Test (SUT) as a data flow graph that highlights interactions among internal entities throughout the SUT. This model is automatically extracted from production code available in Programmable Logic Controllers (PLCs). We also propose a reachability algorithm and an attack diagram that will emphasize the dependencies between cyber and physical domains, thus enabling a human analyst to gauge various attack vectors that arise from subtle dependencies in data and information propagation. We test our methodology in a functional water treatment testbed and demonstrate how an analyst could make use of our designed attack diagrams to reason on possible threats to various targets of the SUT.

References

[1]

The neo4j graph platform the #1 platform for connected data. https://neo4j.com/, accessed: 2018-04-27

[2]

Analysis of the Cyber Attack on the Ukrainian Power Grid Table of Contents. Tech. rep. (2016), https://ics.sans.org/media/E-ISAC{_}SANS{_}Ukraine{_}DUC{_}5.pdf

[3]

Bleikertz, S., Groß, T., Schunter, M., Eriksson, K.: Automated Information Flow Analysis of Virtualized Infrastructures. In: Atluri, V., Diaz, C. (eds.) ESORICS - European Symposium on Research in Computer Security. Lecture Notes in Computer Science, vol. 6879, pp. 392--415. Springer Berlin Heidelberg, Berlin, Heidelberg (2011)

Digital Library

[4]

Bodei, C., Degano, P., Nielson, F., Nielson, H.R.: Static analysis for secrecy and noninterference in networks of processes. In: International Conference on Parallel Computing Technologies. pp. 27--41. Springer (2001)

Digital Library

[5]

Bodei, C., Degano, P., Nielson, F., Nielson, H.R.: Static analysis of processes for no read-up and no write-down. In: International Conference on Foundations of Software Science and Computation Structure. pp. 120--134. Springer (1999)

Digital Library

[6]

Cárdenas, A.A., Amin, S., Sastry, S.: Research Challenges for the Security of Control Systems. In: USENIX - USENIX conference on Operating systems design and implementation (2008)

[7]

Chen, B., Schmittner, C., Ma, Z., Temple, W.G., Dong, X., Jones, D.L., Sanders, W.H.: Security Analysis of Urban Railway Systems: The Need for a Cyber-Physical Perspective. In: nternational Conference on Computer Safety, Reliability, and Security. pp. 277--290 (2014)

[8]

Cheng, L., Tian, K., Yao, D.: Orpheus: Enforcing Cyber-Physical Execution Semantics to Defend Against Data-Oriented Attacks. In: ACSAC - Annual Computer Security Applications Conference. pp. 315--326 (2017)

Digital Library

[9]

Clark, D., Hankin, C., Hunt, S.: Information flow for algol-like languages. Computer Languages, Systems & Structures 28(1), 3--28 (2002)

Digital Library

[10]

iTrust, Center for Research in Cyber Security: Secure water treatment testbed. http://itrust.sutd.edu.sg/research/testbeds/secure-water-treatment-swat/, accessed: 2018-04-20

[11]

John, K.H., Tiegelkamp, M.: IEC 61131-3: programming industrial automation systems: concepts and programming languages, requirements for programming systems, decision-making aids. Springer Science & Business Media (2010)

Digital Library

[12]

Kang, E., Adepu, S., Jackson, D., Mathur, A.P.: Model-based security analysis of a water treatment system. In: SEsCPS - International Workshop on Software Engineering for Smart Cyber-Physical Systems. pp. 22--28. ACM Press, New York, New York, USA (2016)

Digital Library

[13]

Krotofil, M., Gollmann, D.: Industrial control systems security: What is happening? In: INDIN - IEEE International Conference on Industrial Informatics. pp. 670--675 (2013)

[14]

Langner, R.: Stuxnet: Dissecting a cyberwarfare weapon. IEEE Security & Privacy 9(3), 49--51 (2011)

Digital Library

[15]

Lee, E.: CPS Foundations. DAC - Design Automation Conference pp. 737--742 (2010)

Digital Library

[16]

Lee, E.A., Seshia, S.A.: Introduction to Embedded Systems A Cyber-Physical Systems Approach. MIT Press, second edn. (2017), http://leeseshia.org/

Digital Library

[17]

Lee, R., Assante, M., Connway, T.: Ics cp/pe (cyber-to-physical or process effects) case study paper--german steel mill cyber attack. Sans ICS (2014)

[18]

Morris, E.R., Murguia, C.G., Ochoa, M.: Design-Time Quantification of Integrity in Cyber-Physical-Systems. In: PLAS - Workshop on Programming Languages and Analysis for Security (2017), http://arxiv.org/abs/1708.04798

Digital Library

[19]

Nielson, F., Nielson, H.R., Hansen, R.R., Jensen, J.G.: Validating firewalls in mobile ambients. In: International Conference on Concurrency Theory. pp. 463--477. Springer (1999)

Digital Library

[20]

Rocchetto, M., Tippenhauer, N.O.: On Attacker Models and Profiles for Cyber-Physical Systems. In: ESORICS - European Symposium on Research in Computer Security. vol. 8134, pp. 427--449 (2013)

[21]

Sabelfeld, A., Myers, A.: Language-based information-flow security. IEEE Journal on Selected Areas in Communications 21(1), 5--19 (2003)

Digital Library

[22]

Slay, J., Miller, M.: Lessons learned from the maroochy water breach. Critical infrastructure protection pp. 73--82 (2007)

[23]

Volpano, D., Irvine, C., Smith, G.: A sound type system for secure flow analysis. Journal of Computer Security 4(2/3), 167 (1996)

Digital Library

Cited By

Zahid MBucaioni AFlammini F(2024)Model-based Trustworthiness Evaluation of Autonomous Cyber-Physical Production Systems: A Systematic Mapping StudyACM Computing Surveys10.1145/364031456:6(1-28)Online publication date: 13-Jan-2024
https://dl.acm.org/doi/10.1145/3640314
Zhang FWu QXuan BChen YLin WPoskitt CSun JChen B(2023)Constructing Cyber-Physical System Testing Suites Using Active Sensor FuzzingIEEE Transactions on Software Engineering10.1109/TSE.2023.330933049:11(4829-4845)Online publication date: Nov-2023
https://doi.org/10.1109/TSE.2023.3309330
Castellanos JMaghenem MCárdenas ASanfelice RZhou J(2023)Provable Adversarial Safety in Cyber-Physical Systems2023 IEEE 8th European Symposium on Security and Privacy (EuroS&P)10.1109/EuroSP57164.2023.00062(979-1012)Online publication date: Jul-2023
https://doi.org/10.1109/EuroSP57164.2023.00062
Show More Cited By

Index Terms

Finding Dependencies between Cyber-Physical Domains for Security Testing of Industrial Control Systems
1. Security and privacy
  1. Formal methods and theory of security
    1. Formal security models
  2. Systems security
    1. Distributed systems security
    2. Information flow control

Recommendations

Dependency-based security risk assessment for cyber-physical systems
Abstract
A cyber-physical attack is a security breach in cyber space that impacts on the physical environment. The number and diversity of such attacks against Cyber-Physical Systems (CPSs) are increasing at impressive rates. In times of Industry 4.0 and ...
On synergies of cyber and physical security modelling in vulnerability assessment of railway systems

Display Omitted Cyber-physical systems need holistic methods to discover relationships between physical and cyber components.Security threats attempt to both physical and cyber elements.Model-driven techniques accounting for joint physical and cyber-...
Cyber In-security of Industrial Control Systems: A Societal Challenge
SAFECOMP 2015: Proceedings of the 34th International Conference on Computer Safety, Reliability, and Security - Volume 9337

Our society and its citizens increasingly depend on the undisturbed functioning of critical infrastructures CI, their products and services. Many of the CI services as well as other organizations use Industrial Control Systems ICS to monitor and control ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

ACSAC '18: Proceedings of the 34th Annual Computer Security Applications Conference

December 2018

766 pages

ISBN:9781450365697

DOI:10.1145/3274694

Copyright © 2018 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

In-Cooperation

ACSA: Applied Computing Security Assoc

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 03 December 2018

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Conference

ACSAC '18

ACSAC '18: 2018 Annual Computer Security Applications Conference

December 3 - 7, 2018

PR, San Juan, USA

Acceptance Rates

Overall Acceptance Rate 104 of 497 submissions, 21%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

17
Total Citations
View Citations
581
Total Downloads

Downloads (Last 12 months)70
Downloads (Last 6 weeks)3

Reflects downloads up to 04 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

Zahid MBucaioni AFlammini F(2024)Model-based Trustworthiness Evaluation of Autonomous Cyber-Physical Production Systems: A Systematic Mapping StudyACM Computing Surveys10.1145/364031456:6(1-28)Online publication date: 13-Jan-2024
https://dl.acm.org/doi/10.1145/3640314
Zhang FWu QXuan BChen YLin WPoskitt CSun JChen B(2023)Constructing Cyber-Physical System Testing Suites Using Active Sensor FuzzingIEEE Transactions on Software Engineering10.1109/TSE.2023.330933049:11(4829-4845)Online publication date: Nov-2023
https://doi.org/10.1109/TSE.2023.3309330
Castellanos JMaghenem MCárdenas ASanfelice RZhou J(2023)Provable Adversarial Safety in Cyber-Physical Systems2023 IEEE 8th European Symposium on Security and Privacy (EuroS&P)10.1109/EuroSP57164.2023.00062(979-1012)Online publication date: Jul-2023
https://doi.org/10.1109/EuroSP57164.2023.00062
Zahid MBucaioni AFlammini F(2023)Trustworthiness-Related Risks in Autonomous Cyber-Physical Production Systems - A Survey2023 IEEE International Conference on Cyber Security and Resilience (CSR)10.1109/CSR57506.2023.10224955(440-445)Online publication date: 31-Jul-2023
https://doi.org/10.1109/CSR57506.2023.10224955
Epiphaniou GHammoudeh MYuan HMaple CAni U(2023)Digital twins in cyber effects modelling of IoT/CPS points of low resilienceSimulation Modelling Practice and Theory10.1016/j.simpat.2023.102744125(102744)Online publication date: May-2023
https://doi.org/10.1016/j.simpat.2023.102744
Cao KCui YLiu ZTan WWeng J(2022)Edge Intelligent Joint Optimization for Lifetime and Latency in Large-Scale Cyber–Physical SystemsIEEE Internet of Things Journal10.1109/JIOT.2021.31024219:22(22267-22279)Online publication date: 15-Nov-2022
https://doi.org/10.1109/JIOT.2021.3102421
Tan HCheh CChen B(2022)CoToRu: Automatic Generation of Network Intrusion Detection Rules from CodeIEEE INFOCOM 2022 - IEEE Conference on Computer Communications10.1109/INFOCOM48880.2022.9796697(720-729)Online publication date: 2-May-2022
https://doi.org/10.1109/INFOCOM48880.2022.9796697
Coppolino LD’Antonio SGiuliano VMazzeo GRomano L(2022)A framework for Seveso-compliant cyber-physical security testing in sensitive industrial plantsComputers in Industry10.1016/j.compind.2021.103589136:COnline publication date: 1-Apr-2022
https://dl.acm.org/doi/10.1016/j.compind.2021.103589
Akbarzadeh AKatsikas S(2022)Dependency-based security risk assessment for cyber-physical systemsInternational Journal of Information Security10.1007/s10207-022-00608-422:3(563-578)Online publication date: 22-Aug-2022
https://doi.org/10.1007/s10207-022-00608-4
Castellanos JOchoa MCardenas AArden OZHOU JBilge LDumitras T(2021)AttkFinder: Discovering Attack Vectors in PLC Programs using Information Flow AnalysisProceedings of the 24th International Symposium on Research in Attacks, Intrusions and Defenses10.1145/3471621.3471864(235-250)Online publication date: 6-Oct-2021
https://dl.acm.org/doi/10.1145/3471621.3471864
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents