Measuring the Overall Complexity of Graphical and Textual IEC 61131-3 Control Software

Software implements a significant proportion of functionality in factory automation. Thus, efficient development and the reuse of software parts, so-called units, enhance competitiveness. Thereby, complex control software units are more difficult to understand, leading to increased development, testing and maintenance costs. However, measuring complexity is challenging due to many different, subjective views on the topic. This paper compares different complexity definitions from literature and considers with a qualitative questionnaire study the complexity perception of domain experts, who confirm the importance of objective measures to compare complexity. The paper proposes a set of metrics that measure various classes of software complexity to identify the most complex software units as a prerequisite for refactoring. The metrics include complexity caused by size, data structure, control flow, information flow and lexical structure. Unlike most literature approaches, the metrics are compliant with graphical and textual languages from the IEC 61131-3 standard. Further, a concept for interpreting the metric results is presented. A comprehensive evaluation with industrial software from two German plant manufacturers validates the metrics' suitability to measure complexity.Comment: 8 pages, https://ieeexplore.ieee.org/abstract/document/9444196

Evaluating the Resiliency of Industrial Internet of Things Process Control Using Protocol Agnostic Attacks

Improving and defending our nation\u27s critical infrastructure has been a challenge for quite some time. A malfunctioning or stoppage of any one of these systems could result in hazardous conditions on its supporting populace leading to widespread damage, injury, and even death. The protection of such systems has been mandated by the Office of the President of the United States of America in Presidential Policy Directive Order 21. Current research now focuses on securing and improving the management and efficiency of Industrial Control Systems (ICS). IIoT promises a solution in enhancement of efficiency in ICS. However, the presence of IIoT can be a security concern, forcing ICS processes to rely on network based devices for process management. In this research, the attack surface of a testbed is evaluated using protocol-agnostic attacks and the SANS ICS Cyber Kill Chain. This highlights the widening of ICS attack surface due to reliance on IIoT, but also provides a solution which demonstrates one technique an ICS can use to securely rely on IIoT

Radio Frequency Based Programmable Logic Controller Anomaly Detection

The research goal involved developing improved methods for securing Programmable Logic Controller (PLC) devices against unauthorized entry and mitigating the risk of Supervisory Control and Data Acquisition (SCADA) attack by detecting malicious software and/or trojan hardware. A Correlation Based Anomaly Detection (CBAD) process was developed to enable 1) software anomaly detection discriminating between various operating conditions to detect malfunctioning or malicious software, firmware, etc., and 2) hardware component discrimination discriminating between various hardware components to detect malfunctioning or counterfeit, trojan, etc., components

RSA Power Analysis Obfuscation: A Dynamic FPGA Architecture

The modular exponentiation operation used in popular public key encryption schemes, such as RSA, has been the focus of many side channel analysis (SCA) attacks in recent years. Current SCA attack countermeasures are largely static. Given sufficient signal-to-noise ratio and a number of power traces, static countermeasures can be defeated, as they merely attempt to hide the power consumption of the system under attack. This research develops a dynamic countermeasure which constantly varies the timing and power consumption of each operation, making correlation between traces more difficult than for static countermeasures. By randomizing the radix of encoding for Booth multiplication and randomizing the window size in exponentiation, this research produces a SCA countermeasure capable of increasing RSA SCA attack protection

Switched Capacitor Voltage Converter

This project supports IoT development by reducing the power con- sumption and physical footprint of voltage converters. Our switched- capacitor IC design steps down an input of 1:0 - 1:4 V to 0:6 V for a decade of load current from 5 - 50A

Emulation of Industrial Control Field Device Protocols

It has been shown that thousands of industrial control devices are exposed to the Internet, however, the extent and nature of attacks on such devices remains unknown. The first step to understanding security problems that face modern supervisory control and data acquisition (SCADA) and industrial controls networks is to understand the various attacks launched on Internet-connected field devices. This thesis describes the design and implementation of an industrial control emulator on a Gumstix single-board computer as a solution. This emulator acts as a decoy field device, or honeypot, intended to be probed and attacked via an Internet connection. Evaluation techniques are developed to assess the accuracy of the emulation implemented on the Gumstix and are compared against the implementation on a standard PC and the emulation target, a Koyo DirectLogic 405 programmable logic controller. The results show that both the Gumstix and PC emulator platforms are very accurate to the workloads presented. This suggests that a honeypot implemented on a Gumstix emulator and a standard PC are both suitable for applications in SCADA attack-landscape research

Magnetic field measurement from 132 kv and 275 kv overhead transmission lines within residential area

Overhead transmission line (OTL) has been around for so many years as one of the most important elements of electric power systems. Conductors, as being a part of the medium to transfer electricity through the OTL, produces electromagnetic field to its surrounding that have been a public concern for ages. OTL were meant to be built as far away from a population. Though from time to time, the OTL rights-of-way (ROW) were violated due to lack of space and rapid urbanization. This paper addresses the challenges faced during magnetic field level measurement within a residential area that was still under construction. EMDEX II Meter, Linear Data Acquisition System (LINDA) Wheel and Gauss Meter were used during the magnetic field measurements. Maximum magnetic field level data collected from measurement were presented