A log mining approach for process monitoring in SCADA

SCADA (Supervisory Control and Data Acquisition) systems are used for controlling and monitoring industrial processes. We propose a methodology to systematically identify potential process-related threats in SCADA. Process-related threats take place when an attacker gains user access rights and performs actions, which look legitimate, but which are intended to disrupt the SCADA process. To detect such threats, we propose a semi-automated approach of log processing. We conduct experiments on a real-life water treatment facility. A preliminary case study suggests that our approach is effective in detecting anomalous events that might alter the regular process workflow

Composable security proof for continuous-variable quantum key distribution with coherent states

We give the first composable security proof for continuous-variable quantum key distribution with coherent states against collective attacks. Crucially, in the limit of large blocks the secret key rate converges to the usual value computed from the Holevo bound. Combining our proof with either the de Finetti theorem or the Postselection technique then shows the security of the protocol against general attacks, thereby confirming the long-standing conjecture that Gaussian attacks are optimal asymptotically in the composable security framework. We expect that our parameter estimation procedure, which does not rely on any assumption, will find applications elsewhere, for instance for the reliable quantification of continuous-variable entanglement in finite-size settings.Comment: 27 pages, 1 figure. v2: added a version of the AEP valid for conditional state

MEMS sensors as physical unclonable functions

A fundamental requirement of any crypto system is that secret-key material remains securely stored so that it is robust in withstanding attacks including physical tampering. In this context, physical unclonable functions (PUFs) have been proposed to store cryptographic secrets in a particularly secure manner. In this thesis, the feasibility of using microelectromechanical systems (MEMS) sensors for secure key storage purposes is evaluated for the first time. To this end, we investigated an off-the-shelf 3-axis MEMS gyroscope design and used its properties to derive a unique fingerprint from each sensor. We thoroughly examined the robustness of the derived fingerprints against temperature variation and aging. We extracted stable keys with nearly full entropy from the fingerprints. The security level of the extracted keys lies in a range between 27 bits and 150 bits depending on the applied test conditions and the used entropy estimation method. Moreover, we provide experimental evidence that the extractable key length is higher in practice when multiple wafers are considered. In addition, it is shown that further improvements could be achieved by using more precise measurement techniques and by optimizing the MEMS design. The robustness of a MEMS PUF against tampering and malicious read-outs was tested by three different types of physical attacks. We could show that MEMS PUFs provide a high level of protection due to the sensitivity of their characteristics to disassembly.Eine grundlegende Anforderung jedes Kryptosystems ist, dass der verwendete geheime Schlüssel sicher und geschützt aufbewahrt wird. Vor diesem Hintergrund wurden physikalisch unklonbare Funktionen (PUFs) vorgeschlagen, um kryptographische Geheimnisse besonders sicher zu speichern. In dieser Arbeit wird erstmals die Verwendbarkeit von mikroelektromechanischen Systemen (MEMS) für die sichere Schlüsselspeicherung anhand eines 3-achsigen MEMS Drehratensensor gezeigt. Dabei werden die Eigenschaften der Sensoren zur Ableitung eines eindeutigen Fingerabdrucks verwendet. Die Temperatur- und Langzeitstabilität der abgeleiteten Fingerabdrücke wurde ausführlich untersucht. Aus den Fingerabdrücken wurden stabile Schlüssel mit einem Sicherheitsniveau zwischen 27 Bit und 150 Bit, abhängig von den Testbedingungen und der verwendeten Entropie-Schätzmethode, extrahiert. Außerdem konnte gezeigt werden, dass die Schlüssellänge ansteigt, je mehr Wafer betrachtet werden. Darüber hinaus wurde die Verwendung einer präziseren Messtechnik und eine Optimierung des MEMS-Designs als potentielle Verbesserungsmaßnahmen identifiziert. Die Robustheit einer MEMS PUF gegen Manipulationen und feindseliges Auslesen durch verschiedene Arten von physikalischen Angriffen wurde untersucht. Es konnte gezeigt werden, dass MEMS PUFs aufgrund der Empfindlichkeit ihrer Eigenschaften hinsichtlich einer Öffnung des Mold-Gehäuses eine hohe Widerstandsfähigkeit gegenüber invasiven Angriffen aufweisen