research-article

Public Access

Integrated instruction set randomization and control reconfiguration for securing cyber-physical systems

Authors:

Bradley Potteiger,

Zhenkai Zhang, and

Xenofon KoutsoukosAuthors Info & Claims

HoTSoS '18: Proceedings of the 5th Annual Symposium and Bootcamp on Hot Topics in the Science of Security

April 2018

Article No.: 5, Pages 1 - 10

https://doi.org/10.1145/3190619.3190636

Published: 10 April 2018 Publication History

Abstract

Cyber-Physical Systems (CPS) have been increasingly subject to cyber-attacks including code injection attacks. Zero day attacks further exasperate the threat landscape by requiring a shift to defense in depth approaches. With the tightly coupled nature of cyber components with the physical domain, these attacks have the potential to cause significant damage if safety-critical applications such as automobiles are compromised. Moving target defense techniques such as instruction set randomization (ISR) have been commonly proposed to address these types of attacks. However, under current implementations an attack can result in system crashing which is unacceptable in CPS. As such, CPS necessitate proper control reconfiguration mechanisms to prevent a loss of availability in system operation. This paper addresses the problem of maintaining system and security properties of a CPS under attack by integrating ISR, detection, and recovery capabilities that ensure safe, reliable, and predictable system operation. Specifically, we consider the problem of detecting code injection attacks and reconfiguring the controller in real-time. The developed framework is demonstrated with an autonomous vehicle case study.

References

[1]

End-to-end deep learning for self-driving cars. https://devblogs.nvidia.com/parallelforall/deep-learning-self-driving-cars/. (Accessed on 06/04/2017).

[2]

Github - udacity/self-driving-car-sim: A self-driving car simulator built with unity. https://github.com/udacity/self-driving-car-sim. (Accessed on 06/03/2017).

[3]

Jetson tk1 - elinux.org. http://elinux.org/Jetson_TK1. (Accessed on 06/03/2017).

[4]

A. Avizienis. The n-version approach to fault-tolerant software. IEEE Transactions on software engineering, (12):1491--1501, 1985.

Digital Library

[5]

S. Bak, D. K. Chivukula, O. Adekunle, M. Sun, M. Caccamo, and L. Sha. The system-level simplex architecture for improved real-time embedded system safety. In Real-Time and Embedded Technology and Applications Symposium, 2009. RTAS 2009. 15th IEEE, pages 99--107. IEEE, 2009.

Digital Library

[6]

E. G. Barrantes, D. H. Ackley, S. Forrest, and D. Stefanović. Randomized instruction set emulation. ACM Transactions on Information and System Security (TISSEC), 8(1):3--40, 2005.

Digital Library

[7]

E. G. Barrantes, D. H. Ackley, T. S. Palmer, D. Stefanovic, and D. D. Zovi. Randomized instruction set emulation to disrupt binary code injection attacks. In Proceedings of the 10th ACM conference on Computer and communications security, pages 281--289. ACM, 2003.

Digital Library

[8]

R. N. Charette. This car runs on code. IEEE spectrum, 46(3):3, 2009.

[9]

S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, S. Savage, K. Koscher, A. Czeskis, F. Roesner, T. Kohno, et al. Comprehensive experimental analyses of automotive attack surfaces. In USENIX Security Symposium. San Francisco, 2011.

Digital Library

[10]

G. Coley. Beaglebone black system reference manual. Texas Instruments, Dallas, 2013.

[11]

C. Gorgovan, A. D'antras, and M. Luján. Mambo: a low-overhead dynamic binary modification tool for arm. ACM Transactions on Architecture and Code Optimization (TACO), 13(1):14, 2016.

Digital Library

[12]

K. Han, A. Weimerskirch, and K. G. Shin. Automotive cybersecurity for in-vehicle communication. In IQT QUARTERLY, volume 6, pages 22--25, 2014.

[13]

W. Hu, J. Hiser, D. Williams, A. Filipi, J. W. Davidson, D. Evans, J. C. Knight, A. Nguyen-Tuong, and J. Rowanhill. Secure and practical defense against code-injection attacks using software dynamic translation. In Proceedings of the 2nd international conference on Virtual execution environments, pages 2--12. ACM, 2006.

Digital Library

[14]

G. S. Kc, A. D. Keromytis, and V. Prevelakis. Countering code-injection attacks with instruction-set randomization. In Proceedings of the 10th ACM conference on Computer and communications security, pages 272--280. ACM, 2003.

Digital Library

[15]

P. Kleberger, T. Olovsson, and E. Jonsson. Security aspects of the in-vehicle network in the connected car. In Intelligent Vehicles Symposium (IV), 2011 IEEE, pages 528--533. IEEE, 2011.

[16]

C.-W. Lin and A. Sangiovanni-Vincentelli. Cyber-security for the controller area network (can) communication protocol. In Cyber Security (CyberSecurity), 2012 International Conference on, pages 1--7. IEEE, 2012.

Digital Library

[17]

C.-K. Luk, R. Cohn, R. Muth, H. Patil, A. Klauser, G. Lowney, S. Wallace, V. J. Reddi, and K. Hazelwood. Pin: building customized program analysis tools with dynamic instrumentation. In Acm sigplan notices, volume 40, pages 190--200. ACM, 2005.

Digital Library

[18]

M. R. Lyu. Software fault tolerance. John Wiley & Sons, Inc., 1995.

Digital Library

[19]

C. Miller and C. Valasek. Adventures in automotive networks and control units. DEF CON, 21:260--264, 2013.

[20]

C. Miller and C. Valasek. Remote exploitation of an unaltered passenger vehicle. Black Hat USA, 2015, 2015.

[21]

S. Mohan, S. Bak, E. Betti, H. Yun, L. Sha, and M. Caccamo. S3a: Secure system simplex architecture for enhanced security and robustness of cyber-physical systems. In Proceedings of the 2nd ACM international conference on High confidence networked systems, pages 65--74. ACM, 2013.

Digital Library

[22]

A. One. Smashing the stack for fun and profit (1996). See http://www.phrack.org/show. php, 2007.

[23]

G. Portokalidis and A. D. Keromytis. Fast and practical instruction-set randomization for commodity systems. In Proceedings of the 26th Annual Computer Security Applications Conference, pages 41--48. ACM, 2010.

Digital Library

[24]

L. L. Pullum. Software fault tolerance techniques and implementation. Artech House, 2001.

Digital Library

[25]

B. Randell. System structure for software fault tolerance. IEEE Transactions on Software Engineering, (2):220--232, 1975.

Digital Library

[26]

K. Scott and J. Davidson. Strata: A software dynamic translation infrastructure. In IEEE Workshop on Binary Translation, 2001.

[27]

D. Seto, E. Ferreira, and T. F. Marz. Case study: Development of a baseline controller for automatic landing of an f-16 aircraft using linear matrix inequalities (lmis). Technical report, CARNEGIE-MELLON UNIV PITTSBURGH PA SOFTWARE ENGINEERING INST, 2000.

[28]

L. Sha. Using simplicity to control complexity. IEEE Software, 18(4):20--28, 2001.

Digital Library

[29]

K. Sinha, V. Kemerlis, V. Pappas, S. Sethumadhavan, and A. D. Keromytis. Enhancing security by diversifying instruction sets. 2014.

[30]

I. Studnia, V. Nicomette, E. Alata, Y. Deswarte, M. Kaâniche, and Y. Laarouchi. Survey on security threats and protection mechanisms in embedded automotive networks. In Dependable Systems and Networks Workshop (DSN-W), 2013 43rd Annual IEEE/IFIP Conference on, pages 1--12. IEEE, 2013.

[31]

X. Wang, N. Hovakimyan, and L. Sha. L1simplex: fault-tolerant control of cyber-physical systems. In Proceedings of the ACM/IEEE 4th International Conference on Cyber-Physical Systems, pages 41--50. ACM, 2013.

Digital Library

[32]

J. Yao, X. Liu, G. Zhu, and L. Sha. Netsimplex: Controller fault tolerance architecture in networked control systems. IEEE Transactions on Industrial Informatics, 9(1):346--356, 2013.

[33]

M.-K. Yoon, B. Liu, N. Hovakimyan, and L. Sha. Virtualdrone: virtual sensing, actuation, and communication for attack-resilient unmanned aerial systems. In Proceedings of the 8th International Conference on Cyber-Physical Systems, pages 143--154. ACM, 2017.

Digital Library

Cited By

Neema HKoutsoukos XPotteiger BTang CStouffer KAlexander PDavidson DChoi B(2020)Simulation testbed for railway infrastructure security and resilience evaluationProceedings of the 7th Symposium on Hot Topics in the Science of Security10.1145/3384217.3385623(1-8)Online publication date: 21-Sep-2020
https://dl.acm.org/doi/10.1145/3384217.3385623
Potteiger BCai FDubey AKoutsoukos XZhang Z(2020)Security in Mixed Time and Event Triggered Cyber-Physical Systems using Moving Target Defense2020 IEEE 23rd International Symposium on Real-Time Distributed Computing (ISORC)10.1109/ISORC49007.2020.00022(89-97)Online publication date: May-2020
https://doi.org/10.1109/ISORC49007.2020.00022
Potteiger BZhang ZKoutsoukos XKoutsoukos XCardenas AAl-Shaer E(2019)Integrated data space randomization and control reconfiguration for securing cyber-physical systemsProceedings of the 6th Annual Symposium on Hot Topics in the Science of Security10.1145/3314058.3314064(1-10)Online publication date: 1-Apr-2019
https://dl.acm.org/doi/10.1145/3314058.3314064
Show More Cited By

Index Terms

Integrated instruction set randomization and control reconfiguration for securing cyber-physical systems
1. Computer systems organization
  1. Embedded and cyber-physical systems
2. Security and privacy

Recommendations

Integrated data space randomization and control reconfiguration for securing cyber-physical systems
HotSoS '19: Proceedings of the 6th Annual Symposium on Hot Topics in the Science of Security

Non-control data attacks have become widely popular for circumventing authentication mechanisms in websites, servers, and personal computers. Moreover, in the context of Cyber-Physical Systems (CPS) attacks can be executed against not only ...
Read More
Integrated moving target defense and control reconfiguration for securing Cyber-Physical systems
Abstract
With the increasingly connected nature of Cyber-Physical Systems (CPS), new attack vectors are emerging that were previously not considered in the design process. Specifically, autonomous vehicles are one of the most at risk CPS applications, ...
Read More
Data space randomization for securing cyber-physical systems
Abstract
Non-control data attacks have become widely popular for circumventing authentication mechanisms in websites, servers, and personal computers. These attacks can be executed against cyber-physical systems (CPSs) in which not only authentication is ...
Read More

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

HoTSoS '18: Proceedings of the 5th Annual Symposium and Bootcamp on Hot Topics in the Science of Security

April 2018

163 pages

ISBN:9781450364553

DOI:10.1145/3190619

General Chairs:
Munindar Singh
North Carolina State University
,
Laurie Williams
North Carolina State University
,
Program Chairs:
Rick Kuhn
National Institute of Standards and Technology
,
Tao Xie
University of Illinois Urbana-Champaign

Copyright © 2018 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

National Security Agency: National Security Agency

In-Cooperation

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 10 April 2018

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Air Force Research Laboratory

Conference

HoTSoS '18

Sponsor:

National Security Agency

HoTSoS '18: Symposium and Bootcamp

April 10 - 11, 2018

North Carolina, Raleigh

Acceptance Rates

Overall Acceptance Rate 34 of 60 submissions, 57%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
328
Total Downloads

Downloads (Last 12 months)51
Downloads (Last 6 weeks)9

Other Metrics

View Author Metrics

Citations

Cited By

Neema HKoutsoukos XPotteiger BTang CStouffer KAlexander PDavidson DChoi B(2020)Simulation testbed for railway infrastructure security and resilience evaluationProceedings of the 7th Symposium on Hot Topics in the Science of Security10.1145/3384217.3385623(1-8)Online publication date: 21-Sep-2020
https://dl.acm.org/doi/10.1145/3384217.3385623
Potteiger BCai FDubey AKoutsoukos XZhang Z(2020)Security in Mixed Time and Event Triggered Cyber-Physical Systems using Moving Target Defense2020 IEEE 23rd International Symposium on Real-Time Distributed Computing (ISORC)10.1109/ISORC49007.2020.00022(89-97)Online publication date: May-2020
https://doi.org/10.1109/ISORC49007.2020.00022
Potteiger BZhang ZKoutsoukos XKoutsoukos XCardenas AAl-Shaer E(2019)Integrated data space randomization and control reconfiguration for securing cyber-physical systemsProceedings of the 6th Annual Symposium on Hot Topics in the Science of Security10.1145/3314058.3314064(1-10)Online publication date: 1-Apr-2019
https://dl.acm.org/doi/10.1145/3314058.3314064
Neema HPotteiger BKoutsoukos XTang CStouffer K(2018)Metrics-Driven Evaluation of Cybersecurity for Critical Railway Infrastructure2018 Resilience Week (RWS)10.1109/RWEEK.2018.8473542(155-161)Online publication date: Aug-2018
https://doi.org/10.1109/RWEEK.2018.8473542

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents