18 research outputs found
Simulaciones software para el estudio de amenazas contra sistemas SCADA
El objetivo de las tecnologĂas SCADA (acrĂłnimo de Supervisory Control And Data Acquisition), es proporcionar control remoto para la supervisiĂłn de infraestructuras crĂticas. Ataques contra tales sistemas suponen un riesgo importante. Nuestro interĂ©s en la temática es poder investigar mejoras en la seguridad de los sistemas SCADA, usando abstracciones a nivel de software, herramientas de simulaciĂłn, dispositivos fĂsicos y trazas de datos a partir de sistemas reales. Este artĂculo presenta, de manera general, algunas construcciones básicas de lo que son las tecnologĂas SCADA y sus componentes. Introduce, tambiĂ©n, caracterĂsticas generales de algunos simuladores open source disponibles. Por Ăşltimo, detalla limitaciones y mejoras potenciales, orientadas a completar el estudio de tĂ©cnicas de detecciĂłn de anomalĂas a nivel de señales fĂsicas entre los componentes de sistemas SCADA
Science Hackathons for Cyberphysical System Security Research: Putting CPS testbed platforms to good use
A challenge is to develop cyber-physical system scenarios that reflect the
diversity and complexity of real-life cyber-physical systems in the research
questions that they address. Time-bounded collaborative events, such as
hackathons, jams and sprints, are increasingly used as a means of bringing
groups of individuals together, in order to explore challenges and develop
solutions. This paper describes our experiences, using a science hackathon to
bring individual researchers together, in order to develop a common use-case
implemented on a shared CPS testbed platform that embodies the diversity in
their own security research questions. A qualitative study of the event was
conducted, in order to evaluate the success of the process, with a view to
improving future similar events
Cyber-physical architecture assisted by programmable networking
Cyber-physical technologies are prone to attacks, in addition to faults and
failures. The issue of protecting cyber-physical systems should be tackled by
jointly addressing security at both cyber and physical domains, in order to
promptly detect and mitigate cyber-physical threats. Towards this end, this
letter proposes a new architecture combining control-theoretic solutions
together with programmable networking techniques to jointly handle crucial
threats to cyber-physical systems. The architecture paves the way for new
interesting techniques, research directions, and challenges which we discuss in
our work.Comment: 8 pages, 3 figures, pre-prin
Détection des attaques contre les systèmes cyber-physiques industriels
We address security issues in cyber-physical industrial systems. Attacks against these systems shall be handled both in terms of safety and security. Control technologies imposed by industrial standards already cover the safety dimension. From a security standpoint, the literature has shown that using only cyber information to handle the security of cyber-physical systems is not enough, since physical malicious actions are ignored. For this reason, cyber-physical systems have to be protected from threats to their cyber and physical layers. Some authors handle the attacks by using physical attestations of the underlying processes, f.i., physical watermarking to ensure the truthfulness of the process. However, these detectors work properly only if the adversaries do not have enough knowledge to mislead crosslayer data. This thesis focuses on the aforementioned limitations. It starts by testing the effectiveness of a stationary watermark-based fault detector, to detect, as well, malicious actions produced by adversaries. We show that the stationary watermark-based detector is unable to identify cyber-physical adversaries. We show that the approach only detects adversaries that do not attempt to get any knowledge about the system dynamics. We analyze the detection performance of the original design under the presence of adversaries that infer the system dynamics to evade detection. We revisit the original design, using a non-stationary watermark-based design, to handle those adversaries. We also propose a novel approach that combines control and communication strategies. We validate our solutions using numeric simulations and training cyber-physical testbedsNous abordons des problèmes de sécurité dans des systèmes cyber-physiques industriels. Les attaques contre ces systèmes doivent être traitées à la fois en matière de sûreté et de sécurité. Les technologies de contrôles imposés par les normes industrielles, couvrent déjà la sûreté. Cependant, du point de vue de la sécurité, la littérature a prouvé que l’utilisation de techniques cyber pour traiter la sécurité de ces systèmes n’est pas suffisante, car les actions physiques malveillantes seront ignorées. Pour cette raison, on a besoin de mécanismes pour protéger les deux couches à la fois. Certains auteurs ont traité des attaques de rejeu et d’intégrité en utilisant une attestation physique, p. ex., le tatouage des paramètres physiques du système. Néanmoins, ces détecteurs fonctionnent correctement uniquement si les adversaires n’ont pas assez de connaissances pour tromper les deux couches. Cette thèse porte sur les limites mentionnées ci-dessus. Nous commençons en testant l’efficacité d’un détecteur qui utilise une signature stationnaire afin de détecter des actions malveillantes. Nous montrons que ce détecteur est incapable d’identifier les adversaires cyber-physiques qui tentent de connaître la dynamique du système. Nous analysons son ratio de détection sous la présence de nouveaux adversaires capables de déduire la dynamique du système. Nous revisitons le design original, en utilisant une signature non stationnaire, afin de gérer les adversaires visant à échapper à la détection. Nous proposons également une nouvelle approche qui combine des stratégies de contrôle et de communication. Toutes les solutions son validées à l’aide de simulations et maquettes d’entraînemen
On the adaptation of physical-layer failure detection mechanisms to handle attacks against SCADA systems
International audienceSupervisory Control and Data Acquisition (SCADA), is a technology to monitor industrial and critical infrastructures. The SCADA technology was conceived for centralized and isolation processes. Nowadays, it is more distributed and vulnerable to cyber attacks. SCADA systems are typically composed of three well-defined types of field devices: 1) Master Terminal Units (MTUs) and Human Machine Interfaces (HMIs), located in top and managing all communications; 2) Remote Terminal Units (RTUs) and Programmable Logic Controllers (PLCs), which control and acquire data from remote equipment and connect with the master station; and 3) sensors and actuators, which act as the input and output functions of the system. Threats to SCADA systems can target the lower layers. For instance, replay and integrity attacks to alter the state estimation conducted by PLCs, actuators and sensors. Given the difficulty of handling such threats at the upper layers, detection and protection against malicious activities must be conducted at the lower layers themselves. Several approaches in the literature propose the adaptation of physical-layer failure detection mechanisms (e.g., systems for the detection of faults and accidents) to handle malicious attacks (e.g., replay and integrity attacks conducted by malicious adversaries). The talk elaborates on such approaches, and will discuss about some of their limitations. Some conclusions and perspectives for future work will be presente
On the use of watermark-based schemes to detect cyber-physical attacks
Abstract We address security issues in cyber-physical systems (CPSs). We focus on the detection of attacks against cyber-physical systems. Attacks against these systems shall be handled both in terms of safety and security. Networked-control technologies imposed by industrial standards already cover the safety dimension. However, from a security standpoint, using only cyber information to analyze the security of a cyber-physical system is not enough, since the physical malicious actions that can threaten the correct behavior of the systems are ignored. For this reason, the systems have to be protected from threats to their cyber and physical layers. Some authors have handled replay and integrity attacks using, for example, physical attestation to validate the cyber process and to detect the attacks, or watermark-based detectors which uses also physical parameters to ensure the cyber layers. We reexamine the effectiveness of a stationary watermark-based detector. We show that this approach only detects adversaries that do not attempt to get any knowledge about the system dynamics. We analyze the detection ratio of the original design under the presence of new adversaries that are able to infer the system dynamics and are able to evade the detector with high frequency. We propose a new detection scheme which employs several non-stationary watermarks. We validate the detection efficiency of the new strategy via numeric simulations and via running experiments on a laboratory testbed. Results show that the proposed strategy is able to detect adversaries using non-parametric methods, but it is not equally effective against adversaries using parametric identification methods
Adaptive control-theoretic detection of integrity attacks against cyber-physical industrial systems
International audienceThe use of control-theoretic solutions to detect attacks against cyber-physical industrial systems is a growing area of research. Traditional literature proposes the use of control strategies to retain, eg, satisfactory close-loop performance, as well as safety properties, when a communication network connects the distributed components of a physical system (eg, sensors, actuators, and controllers). However, the adaptation of these strategies to handle security incidents is an ongoing challenge. In this paper, we survey the advantages of a watermark-based detector against some integrity attacks as well as the weaknesses against other attacks. To cover these weaknesses, we propose a new control and security strategy that complements the watermark-based detector. We validate the detection efficiency of the new strategy via numeric simulation. Experimental results are also presented by using a laboratory testbed based on supervisory control and data acquisition industrial protocol
Advanced Smartphone-Based Identification of Transport Modes: Resilience under GNSS-Based Attacks
One of the main challenges for ticketing in Mobility as a Service is the integration of the public and individual transport modes into a unified ticketing service. To realize this concept, a trustworthy identification of transport modes that is resilient to possible attacks is required. In this work, we propose two smartphone-based methods to seamlessly identify the use of trams, buses, subways, walking and bicycles, which are able to detect GNSS-based attacks and continue to provide a trustworthy identification of transport modes. We have recorded real-world measurements with commercial smartphones using the transport network in Munich and Paris. Our results show that it is possible to provide trustworthy identification of transport modes even when the system is under attack. In conclusion, in this work we demonstrate the vulnerability of smartphone-based ticketing to GNSS-based attacks, propose two methods to overcome this vulnerability and demonstrate the validity of our methods with real-world measurements
Security of cyber-physical systems : from theory to testbeds and validation
International audienceTraditional control environments connected to physical systems are being upgraded with novel information and communication technologies. The resulting systems need to be adequately protected. Experimental testbeds are crucial for the study and analysis of ongoing threats against those resulting cyber-physical systems. The research presented in this paper discusses some actions towards the development of a replicable and affordable cyber-physical testbed for training and research. The architecture of the testbed is based on real-world components, and emulates cyber-physical scenarios commanded by SCADA (Supervisory Control And Data Acquisition) technologies. We focus on two representative protocols, Modbus and DNP3. The paper reports as well the development of some adversarial scenarios, in order to evaluate the testbed under cyber-physical threat situations. Some detection strategies are evaluated using our proposed testbe