DeepAI AI Chat
Log In Sign Up

ICSPatch: Automated Vulnerability Localization and Non-Intrusive Hotpatching in Industrial Control Systems using Data Dependence Graphs

The paradigm shift of enabling extensive intercommunication between the Operational Technology (OT) and Information Technology (IT) devices allows vulnerabilities typical to the IT world to propagate to the OT side. Therefore, the security layer offered in the past by air gapping is removed, making security patching for OT devices a hard requirement. Conventional patching involves a device reboot to load the patched code in the main memory, which does not apply to OT devices controlling critical processes due to downtime, necessitating in-memory vulnerability patching. Furthermore, these control binaries are often compiled by in-house proprietary compilers, further hindering the patching process and placing reliance on OT vendors for rapid vulnerability discovery and patch development. The current state-of-the-art hotpatching approaches only focus on firmware and/or RTOS. Therefore, in this work, we develop ICSPatch, a framework to automate control logic vulnerability localization using Data Dependence Graphs (DDGs). With the help of DDGs, ICSPatch pinpoints the vulnerability in the control application. As an independent second step, ICSPatch can non-intrusively hotpatch vulnerabilities in the control application directly in the main memory of Programmable Logic Controllers while maintaining reliable continuous operation. To evaluate our framework, we test ICSPatch on a synthetic dataset of 24 vulnerable control application binaries from diverse critical infrastructure sectors. Results show that ICSPatch could successfully localize all vulnerabilities and generate patches accordingly. Furthermore, the patch added negligible latency increase in the execution cycle while maintaining correctness and protection against the vulnerability.


page 3

page 5

page 8


Snakes and Ladder Logic: PLC-VBS, a PLC Control Logic Vulnerability Discovery Tool

Cyber security risk assessments provide a pivotal starting point towards...

A Novel Model for Vulnerability Analysis through Enhanced Directed Graphs and Quantitative Metrics

Industrial components are of high importance because they control critic...

Technical Report: Gone in 20 Seconds – Overview of a Password Vulnerability in Siemens HMIs

Siemens produce a range of industrial human machine interface (HMI) scre...

Cheesecloth: Zero-Knowledge Proofs of Real-World Vulnerabilities

Currently, when a security analyst discovers a vulnerability in critical...

Blockchain-assisted Undisclosed IIoT Vulnerabilities Trusted Sharing Protection with Dynamic Token

With the large-scale deployment of industrial internet of things (IIoT) ...