Modern Control Systems
Feedback Control of Dynamic Systems
Feedback Control of Dynamic Systems
Using Simplicity to Control Complexity
IEEE Software
Trusted Platform Module Basics: Using TPM in Embedded Systems (Embedded Technology)
Trusted Platform Module Basics: Using TPM in Embedded Systems (Embedded Technology)
Secure Control: Towards Survivable Cyber-Physical Systems
ICDCSW '08 Proceedings of the 2008 The 28th International Conference on Distributed Computing Systems Workshops
Security for Process Control Systems: An Overview
IEEE Security and Privacy
A Survey of Hardware Trojan Taxonomy and Detection
IEEE Design & Test
Automated Control System Security
IEEE Security and Privacy
Editor's note: stuxnet, the real start of cyber warfare?
IEEE Network: The Magazine of Global Internetworking
Attacks against process control systems: risk assessment, detection, and response
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
FPL '11 Proceedings of the 2011 21st International Conference on Field Programmable Logic and Applications
Proceedings of the 2014 ACM/SIGDA international symposium on Field-programmable gate arrays
Hi-index | 0.00 |
Embedded electronics are widely used in cyber-physical process control systems (PCSes), which tightly integrate and coordinate computational and physical elements. PCSes have safety-critical applications, such as the supervisory control and data acquisition (SCADA) systems used in industrial control infrastructure, or the flight control systems used in commercial aircraft. Perimeter security and air gap approaches to preventing malware infiltration of PCSes are challenged by the complexity of modern networked control systems incorporating numerous heterogeneous and updatable components such as standard personal computing platforms, operating systems, and embedded configurable controllers. Global supply chains and third-party hardware components, tools, and software limit the reach of design verification techniques. As a consequence, attacks such as Stuxnet have demonstrated that these systems can be surreptitiously compromised. We present a run-time method for process control violation prediction that can be leveraged to enhance system security against configuration attacks on embedded controllers. The prediction architecture provides a short-term projection of active controller actions by embedding an accelerated model of the controller and physical process interaction. To maintain convergence with the physical system, the predictor model state is periodically synchronized with the actual physical process state. The predictor is combined with run-time guards in a root-of-trust to detect when the predicted process state violates application specifications. Configurations can be screened before they are applied or monitored at run-time to detect subtle modifications or Trojans with complex activation triggers. Advanced notification of process control violations allows remedial actions leveraging well known, high-assurance techniques, such as temporarily switching control to a stability-preserving backup controller. Experimental simulation results are provided from a root-of-trust developed for an aircraft pitch control system.