Quantifying Controller Resilience Using Behavior Characterization - Critical Infrastructure Protection VI
Conference Papers Year : 2012

Quantifying Controller Resilience Using Behavior Characterization

Abstract

Supervisory control and data acquisition (SCADA) systems monitor and control major components of the critical infrastructure. Targeted malware such as Stuxnet is an example of a covert cyber attack against a SCADA system that resulted in physical effects. Of particular significance is how Stuxnet exploited the trust relationship between the human machine interface (HMI) and programmable logic controllers (PLCs). Current methods for validating system operating parameters rely on message exchange and network communications protocols, which are generally observed at the HMI. Although sufficient at the macro level, this method does not support the detection of malware that causes physical effects via the covert manipulation of a PLC. This paper introduces an alternative method that leverages the direct analysis of PLC inputs and outputs to derive the true state of SCADA devices. The input-output behavior characteristics are modeled using Petri nets to derive metrics for quantifying the resilience of PLCs against malicious exploits. The method enables the detection of programming changes that affect input-output relationships, the identification of the degree of deviation from a baseline program and the minimization of performance losses due to disruptive events.
Fichier principal
Vignette du fichier
978-3-642-35764-0_6_Chapter.pdf (779.55 Ko) Télécharger le fichier
Origin Files produced by the author(s)
Loading...

Dates and versions

hal-01483821 , version 1 (06-03-2017)

Licence

Identifiers

Cite

Henry Bushey, Juan Lopez, Jonathan Butts. Quantifying Controller Resilience Using Behavior Characterization. 6th International Conference on Critical Infrastructure Protection (ICCIP), Mar 2012, Washington, DC, United States. pp.71-83, ⟨10.1007/978-3-642-35764-0_6⟩. ⟨hal-01483821⟩
101 View
109 Download

Altmetric

Share

More