Browse by author
Lookup NU author(s): Dr Mujeeb AhmedORCiD
Full text for this publication is not currently held within this repository. Alternative links are provided below where available.
Programmable Logic Controllers (PLCs) are a core component of an Industrial Control System (ICS). However, if a PLC is compromised or the commands sent across a network from the PLCs are spoofed, consequences could be catastrophic. In this work, a novel technique to authenticate PLCs is proposed that aims at raising the bar against powerful attackers while being compatible with real-time systems. The proposed technique captures timing information for each controller in a non-invasive manner. It is argued that Scan Cycle is a unique feature of a PLC that can be approximated passively by observing network traffic. An attacker that spoofs commands issued by the PLCs would deviate from such fingerprints. To detect replay attacks a PLC Watermarking technique is proposed. PLC Watermarking models the relation between the scan cycle and the control logic by modeling the input/output as a function of request/response messages of a PLC. The proposed technique is validated on an operational water treatment plant (SWaT) and smart grid (EPIC) testbeds. Results from experiments indicate that PLCs can be distinguished based on their scan cycle timing characteristics.
Author(s): Ahmed CM, Ochoa M, Zhou J, Mathur A
Publication type: Conference Proceedings (inc. Abstract)
Publication status: Published
Conference Name: ASIA CCS '21: Proceedings of the 2021 ACM Asia Conference on Computer and Communications Security
Year of Conference: 2021
Pages: 886-900
Print publication date: 04/06/2021
Online publication date: 04/06/2021
Acceptance date: 20/03/2021
Publisher: ACM
URL: https://doi.org/10.1145/3433210.3453102
DOI: 10.1145/3433210.3453102
Library holdings: Search Newcastle University Library for this item
ISBN: 9781450382878
