6 research outputs found
A Survey on Industrial Control System Testbeds and Datasets for Security Research
The increasing digitization and interconnection of legacy Industrial Control
Systems (ICSs) open new vulnerability surfaces, exposing such systems to
malicious attackers. Furthermore, since ICSs are often employed in critical
infrastructures (e.g., nuclear plants) and manufacturing companies (e.g.,
chemical industries), attacks can lead to devastating physical damages. In
dealing with this security requirement, the research community focuses on
developing new security mechanisms such as Intrusion Detection Systems (IDSs),
facilitated by leveraging modern machine learning techniques. However, these
algorithms require a testing platform and a considerable amount of data to be
trained and tested accurately. To satisfy this prerequisite, Academia,
Industry, and Government are increasingly proposing testbed (i.e., scaled-down
versions of ICSs or simulations) to test the performances of the IDSs.
Furthermore, to enable researchers to cross-validate security systems (e.g.,
security-by-design concepts or anomaly detectors), several datasets have been
collected from testbeds and shared with the community. In this paper, we
provide a deep and comprehensive overview of ICSs, presenting the architecture
design, the employed devices, and the security protocols implemented. We then
collect, compare, and describe testbeds and datasets in the literature,
highlighting key challenges and design guidelines to keep in mind in the design
phases. Furthermore, we enrich our work by reporting the best performing IDS
algorithms tested on every dataset to create a baseline in state of the art for
this field. Finally, driven by knowledge accumulated during this survey's
development, we report advice and good practices on the development, the
choice, and the utilization of testbeds, datasets, and IDSs
Hyperloop: A Cybersecurity Perspective
Hyperloop is among the most prominent future transportation systems. First
introduced by Elon Musk, Hyperloop concept involves novel technologies to allow
traveling at a maximum speed of 1220km/h, while guaranteeing sustainability.
Due to the system's performance requirements and the critical infrastructure it
represents, its safety and security need to be carefully considered. In
cyber-physical systems, cyberattacks could lead to safety issues with
catastrophic consequences, both on the population and the surrounding
environment. Therefore, the cybersecurity of all the components and links in
Hyperloop represents a fundamental challenge. To this day, no research
investigated the cyber security of the technology used for Hyperloop.
In this paper, we propose the first analysis of the cybersecurity challenges
raised by Hyperloop technology. We base our analysis on the related works on
Hyperloop, distilling the common features which will be likely to be present in
the system. Furthermore, we provide an analysis of possible directions on the
Hyperloop infrastructure management, together with their security concerns.
Finally, we discuss possible countermeasures and future directions for the
security of the future Hyperloop design.Comment: 9 pages, 4 figures, 1 tabl
EVScout2.0: Electric Vehicle Profiling Through Charging Profile
EVs (Electric Vehicles) represent a green alternative to traditional
fuel-powered vehicles. To enforce their widespread use, both the technical
development and the security of users shall be guaranteed. Privacy of users
represents one of the possible threats impairing EVs adoption. In particular,
recent works showed the feasibility of identifying EVs based on the current
exchanged during the charging phase. In fact, while the resource negotiation
phase runs over secure communication protocols, the signal exchanged during the
actual charging contains features peculiar to each EV. A suitable feature
extractor can hence associate such features to each EV, in what is commonly
known as profiling. In this paper, we propose EVScout2.0, an extended and
improved version of our previously proposed framework to profile EVs based on
their charging behavior. By exploiting the current and pilot signals exchanged
during the charging phase, our scheme is able to extract features peculiar for
each EV, allowing hence for their profiling. We implemented and tested
EVScout2.0 over a set of real-world measurements considering over 7500 charging
sessions from a total of 137 EVs. In particular, numerical results show the
superiority of EVScout2.0 with respect to the previous version. EVScout2.0 can
profile EVs, attaining a maximum of 0.88 recall and 0.88 precision. To the best
of the authors' knowledge, these results set a new benchmark for upcoming
privacy research for large datasets of EVs
EVExchange: A Relay Attack on Electric Vehicle Charging System
To support the increasing spread of Electric Vehicles (EVs), Charging
Stations (CSs) are being installed worldwide. The new generation of CSs employs
the Vehicle-To-Grid (V2G) paradigm by implementing novel standards such as the
ISO 15118. This standard enables high-level communication between the vehicle
and the charging column, helps manage the charge smartly, and simplifies the
payment phase. This novel charging paradigm, which connects the Smart Grid to
external networks (e.g., EVs and CSs), has not been thoroughly examined yet.
Therefore, it may lead to dangerous vulnerability surfaces and new research
challenges.
In this paper, we present EVExchange, the first attack to steal energy during
a charging session in a V2G communication: i.e., charging the attacker's car
while letting the victim pay for it. Furthermore, if reverse charging flow is
enabled, the attacker can even sell the energy available on the victim's car!
Thus, getting the economic profit of this selling, and leaving the victim with
a completely discharged battery. We developed a virtual and a physical testbed
in which we validate the attack and prove its effectiveness in stealing the
energy. To prevent the attack, we propose a lightweight modification of the ISO
15118 protocol to include a distance bounding algorithm. Finally, we validated
the countermeasure on our testbeds. Our results show that the proposed
countermeasure can identify all the relay attack attempts while being
transparent to the user.Comment: 20 pages, 6 figure