Enhancing the Security and Forensic Capabilities of Programmable Logic Controllers - Advances in Digital Forensics XIV
Conference Papers Year : 2018

Enhancing the Security and Forensic Capabilities of Programmable Logic Controllers

Abstract

Industrial control systems are used to monitor and operate critical infrastructures. For decades, the security of industrial control systems was preserved by their use of proprietary hardware and software, and their physical separation from other networks. However, to reduce costs and enhance interconnectivity, modern industrial control systems increasingly use commodity hardware and software, and are connected to vendor and corporate networks, and even the Internet. These trends expose industrial control systems to risks that they were not designed to handle.This chapter describes a novel approach for enhancing industrial control system security and forensics by adding monitoring and logging mechanisms to programmable logic controllers, key components of industrial control systems. A proof-of-concept implementation is presented using a popular Siemens programmable logic controller. Experiments were conducted to compare the accuracy and performance impact of the proposed method versus the conventional programmable logic controller polling method. The experimental results demonstrate that the new method yields increased anomaly detection coverage and accuracy with only a small performance impact. Additionally, the new method increases the speed of anomaly detection and reduces network overhead, enabling forensic investigations of programmable logic controllers to be conducted more efficiently and effectively.
Fichier principal
Vignette du fichier
472401_1_En_19_Chapter.pdf (227.58 Ko) Télécharger le fichier
Origin Files produced by the author(s)
Loading...

Dates and versions

hal-01988832 , version 1 (22-01-2019)

Licence

Identifiers

Cite

Chun-Fai Chan, Kam-Pui Chow, Siu-Ming Yiu, Ken Yau. Enhancing the Security and Forensic Capabilities of Programmable Logic Controllers. 14th IFIP International Conference on Digital Forensics (DigitalForensics), Jan 2018, New Delhi, India. pp.351-367, ⟨10.1007/978-3-319-99277-8_19⟩. ⟨hal-01988832⟩
165 View
214 Download

Altmetric

Share

More