Securing Industrial Control Systems Using Physical Device Fingerprinting

2020 7th International Conference on Internet of Things: Systems, Management and Security (IOTSMS) Pub Date : 2020-12-14 DOI:10.1109/IOTSMS52051.2020.9340160

Tsion Yimer, Md Tanvir Arafin, K. Kornegay

{"title":"Securing Industrial Control Systems Using Physical Device Fingerprinting","authors":"Tsion Yimer, Md Tanvir Arafin, K. Kornegay","doi":"10.1109/IOTSMS52051.2020.9340160","DOIUrl":null,"url":null,"abstract":"The advent of the Internet-of-Things (IoT) has introduced new connectivity modalities, communication protocols, and optimized architectures to coordinate Things on a network. BACnet MS/TP is a protocol that has the potential to deliver a reliable IoT back-end for industrial systems. However, conventional security threats can severely affect trust between the nodes in the network, leading to critical infrastructure failures. Hence, we analyze the opportunities and challenges for hardware solutions in securing BACnet controllers in this work. First, we look into the security threats and develop practical attack models. Then, we demonstrate how we model clocks in the network for fingerprinting. Next, we propose a distributed security monitor for deployment across the BACnet MS/TP nodes. We also illustrate how clock fingerprinting data can enable the security monitor to prevent intrusion and tampering. Finally, we experimentally verify our attacker model, attack scenarios, and the effectiveness of hardware-oriented security solutions for intrusion prevention and tampering on an industrial standard BACnet MS/TP network.","PeriodicalId":147136,"journal":{"name":"2020 7th International Conference on Internet of Things: Systems, Management and Security (IOTSMS)","volume":"82 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-12-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 7th International Conference on Internet of Things: Systems, Management and Security (IOTSMS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IOTSMS52051.2020.9340160","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

Abstract

The advent of the Internet-of-Things (IoT) has introduced new connectivity modalities, communication protocols, and optimized architectures to coordinate Things on a network. BACnet MS/TP is a protocol that has the potential to deliver a reliable IoT back-end for industrial systems. However, conventional security threats can severely affect trust between the nodes in the network, leading to critical infrastructure failures. Hence, we analyze the opportunities and challenges for hardware solutions in securing BACnet controllers in this work. First, we look into the security threats and develop practical attack models. Then, we demonstrate how we model clocks in the network for fingerprinting. Next, we propose a distributed security monitor for deployment across the BACnet MS/TP nodes. We also illustrate how clock fingerprinting data can enable the security monitor to prevent intrusion and tampering. Finally, we experimentally verify our attacker model, attack scenarios, and the effectiveness of hardware-oriented security solutions for intrusion prevention and tampering on an industrial standard BACnet MS/TP network.

查看原文本刊更多论文

使用物理设备指纹保护工业控制系统

物联网(IoT)的出现引入了新的连接模式、通信协议和优化的架构来协调网络上的事物。BACnet MS/TP是一种有潜力为工业系统提供可靠的物联网后端协议。然而，传统的安全威胁会严重影响网络中节点之间的信任，导致关键的基础设施故障。因此，我们分析了在这项工作中保护BACnet控制器的硬件解决方案的机遇和挑战。首先，我们研究安全威胁并开发实用的攻击模型。然后，我们将演示如何在网络中建模用于指纹识别的时钟。接下来，我们提出一个分布式安全监视器，用于跨BACnet MS/TP节点的部署。我们还说明了时钟指纹数据如何使安全监视器能够防止入侵和篡改。最后，我们在工业标准BACnet MS/TP网络上实验验证了我们的攻击者模型、攻击场景以及面向硬件的入侵防御和篡改安全解决方案的有效性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2020 7th International Conference on Internet of Things: Systems, Management and Security (IOTSMS)

自引率

0.00%

发文量