SCOPE: Secure Compiling of PLCs in Cyber-Physical Systems

12/23/2020
by   Eyasu Getahun Chekole, et al.
0

Cyber-Physical Systems (CPS) are being widely adopted in critical infrastructures, such as smart grids, nuclear plants, water systems, transportation systems, manufacturing and healthcare services, among others. However, the increasing prevalence of cyberattacks targeting them raises a growing security concern in the domain. In particular, memory-safety attacks, that exploit memory-safety vulnerabilities, constitute a major attack vector against real-time control devices in CPS. Traditional IT countermeasures against such attacks have limitations when applied to the CPS context: they typically incur in high runtime overheads; which conflicts with real-time constraints in CPS and they often abort the program when an attack is detected, thus harming availability of the system, which in turn can potentially result in damage to the physical world. In this work, we propose to enforce a full-stack memory-safety (covering user-space and kernel-space attack surfaces) based on secure compiling of PLCs to detect memory-safety attacks in CPS. Furthermore, to ensure availability, we enforce a resilient mitigation technique that bypasses illegal memory access instructions at runtime by dynamically instrumenting low-level code. We empirically measure the computational overhead caused by our approach on two experimental settings based on real CPS. The experimental results show that our approaches effectively and efficiently detects and mitigates memory-safety attacks in realistic CPS.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
09/20/2018

Taming the War in Memory: A Resilient Mitigation Strategy Against Memory Safety Attacks in CPS

Memory-safety attacks have been one of the most critical threats against...
research
12/08/2018

A Multilevel Cybersecurity and Safety Monitor for Embedded Cyber-Physical Systems

Cyber-physical systems (CPS) are composed of various embedded subsystems...
research
08/15/2019

Shield Synthesis for Real: Enforcing Safety in Cyber-Physical Systems

Cyber-physical systems are often safety-critical in that violations of s...
research
04/30/2018

Checking is Believing: Event-Aware Program Anomaly Detection in Cyber-Physical Systems

Securing cyber-physical systems (CPS) against malicious attacks is of pa...
research
10/06/2018

Optimal Sabotage Attack on Composite Material Parts

Industry 4.0 envisions a fully automated manufacturing environment, in w...
research
12/12/2017

Toward `verifying' a Water Treatment System

Modeling and verifying real-world cyber-physical systems are challenging...
research
10/08/2020

Real-time anomaly detection with superexperts

The increasing connectivity of data and cyber-physical systems has resul...

Please sign up or login with your details

Forgot password? Click here to reset