E. Sohl, C. Fielding, Tyler Hanlon, J. Rrushi, H. Farhangi, C. Howey, K. Carmichael, Joey Dabell
{"title":"A Field Study of Digital Forensics of Intrusions in the Electrical Power Grid","authors":"E. Sohl, C. Fielding, Tyler Hanlon, J. Rrushi, H. Farhangi, C. Howey, K. Carmichael, Joey Dabell","doi":"10.1145/2808705.2808716","DOIUrl":"https://doi.org/10.1145/2808705.2808716","url":null,"abstract":"The paper describes the findings of a field study that we conducted to practically determine the digital forensics processes, tools, and technical considerations that apply to investigations of computer intrusions into the electrical power grid. Our findings are based on technical interactions with industry and law enforcement, as well as on actual applied research in the lab. In the paper, we discuss the most widespread vulnerabilities of industrial control systems, and thus build on those preliminaries to describe the inner workings of control system forensics in the real world. Several advanced works on control systems forensics abstract from low-level fundamentals, assuming that those are easily doable. The main contribution made by this paper is the focus on those fundamentals, with the goal of laying the foundation for further developments of practical and hence usable digital forensics in the electrical power grid.","PeriodicalId":144851,"journal":{"name":"Proceedings of the First ACM Workshop on Cyber-Physical Systems-Security and/or PrivaCy","volume":"85 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-10-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132402342","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
I. Ruchkin, Ashwini Rao, Dionisio de Niz, S. Chaki, D. Garlan
{"title":"Eliminating Inter-Domain Vulnerabilities in Cyber-Physical Systems: An Analysis Contracts Approach","authors":"I. Ruchkin, Ashwini Rao, Dionisio de Niz, S. Chaki, D. Garlan","doi":"10.1145/2808705.2808714","DOIUrl":"https://doi.org/10.1145/2808705.2808714","url":null,"abstract":"Designing secure cyber-physical systems (CPS) is a particularly difficult task since security vulnerabilities stem not only from traditional cybersecurity concerns, but also physical ones. Many of the standard methods for CPS design make strong and unverified assumptions about the trustworthiness of physical devices, such as sensors. When these assumptions are violated, subtle inter-domain vulnerabilities are introduced into the system model. In this paper we use formal specification of analysis contracts to expose security assumptions and guarantees of analyses from reliability, control, and sensor security domains. We show that this specification allows us to determine where these assumptions are violated, opening the door to malicious attacks. We demonstrate how this approach can help discover and prevent vulnerabilities using a self-driving car example.","PeriodicalId":144851,"journal":{"name":"Proceedings of the First ACM Workshop on Cyber-Physical Systems-Security and/or PrivaCy","volume":"2009 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-10-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125629311","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Secure and Resilient Control Design for Cloud Enabled Networked Control Systems","authors":"Zhiheng Xu, Quanyan Zhu","doi":"10.1145/2808705.2808708","DOIUrl":"https://doi.org/10.1145/2808705.2808708","url":null,"abstract":"Cloud computing enables resource-constrained Networked Control Systems (NCSs) to outsource heavy computations to a cloud server with massive computational resources. However, Cloud-enabled NCSs (CE-NCSs) introduce new challenges arising from the trustworthiness of the cloud and the cyber-physical connections between the control system and the cloud. To address these concerns, this paper presents a secure and resilient mechanism, which employs customized cryptographic tools to encrypt the data of a control problem and develops verification methods to guarantee the integrity of the computational results from the cloud. In addition, our design enables a Switching Mode Mechanism (SMM) to provide resiliency to the NCSs when the system successively fails to receive correct control inputs from the cloud. We demonstrate that the mechanism can achieve the data confidentiality and integrity, guarantee the stability, and enhance the resiliency. Finally, an Unmanned Aerial Vehicle (UAV) example is used to corroborate these properties.","PeriodicalId":144851,"journal":{"name":"Proceedings of the First ACM Workshop on Cyber-Physical Systems-Security and/or PrivaCy","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-10-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127983785","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"The Impact of Social Engineering on Industrial Control System Security","authors":"B. Green, D. Prince, J. Busby, D. Hutchison","doi":"10.1145/2808705.2808717","DOIUrl":"https://doi.org/10.1145/2808705.2808717","url":null,"abstract":"In assessing the security posture of Industrial Control Systems (ICS), several approaches have been proposed, including attack graphs, attack trees, Bayesian networks and security ideals. Predominantly focusing on technical vulnerabilities, challenges stemming from social and organisational factors are often reviewed in isolation, if at all. Taking a mean time-to-compromise (MTTC) metric as a base for expansion, we explore the impact social engineering attack vectors (malicious e-mails) could have on such assessments. The applied method takes a holistic view, to better understand the potential impact of social engineering across a small European utility company. The results of this review are analysed and discussed, highlighting the level of access an attacker could gain through social engineering, and the need for assessment metrics to include vulnerabilities stemming not only from technical factors, but social and organisational ones as well.","PeriodicalId":144851,"journal":{"name":"Proceedings of the First ACM Workshop on Cyber-Physical Systems-Security and/or PrivaCy","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-10-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133032825","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Imran Sajjad, D. D. Dunn, Rajnikant Sharma, Ryan M. Gerdes
{"title":"Attack Mitigation in Adversarial Platooning Using Detection-Based Sliding Mode Control","authors":"Imran Sajjad, D. D. Dunn, Rajnikant Sharma, Ryan M. Gerdes","doi":"10.1145/2808705.2808713","DOIUrl":"https://doi.org/10.1145/2808705.2808713","url":null,"abstract":"In this paper, we consider a mitigation strategy to prevent a vehicle controlled by an attacker from causing collisions in a vehicular platoon. An adversarial-aware control scheme, based on sliding mode control using only local sensor information and a decentralized attack detector, is shown to significantly reduce the number and severity of collisions, without the need for inter-vehicle or vehicle-to-infrastructure communication. Simulations demonstrate that collisions are eliminated (or significantly reduced) when the attacker and normal vehicles have same capabilities, and collisions are reduced even with more powerful attackers.","PeriodicalId":144851,"journal":{"name":"Proceedings of the First ACM Workshop on Cyber-Physical Systems-Security and/or PrivaCy","volume":"69 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-10-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133501954","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"On Passive Data Link Layer Fingerprinting of Aircraft Transponders","authors":"Martin Strohmeier, I. Martinovic","doi":"10.1145/2808705.2808712","DOIUrl":"https://doi.org/10.1145/2808705.2808712","url":null,"abstract":"In order to meet future demands in increasingly congested airspaces, the world's aviation authorities are currently upgrading their air-traffic management systems. The Automatic Dependent Surveillance-Broadcast (ADS-B) protocol is at the core of the Next Generation Air Transportation (NextGen) system, and an increasingly large number of aircraft use ADS-B to broadcast data to their surroundings. In this paper, we use differences in the implementation of aircraft transponders to fingerprint their wireless drivers. In particular, without any modification to either aircraft or the off-the-shelf ADS-B receivers that we use, we develop a passive fingerprinting technique that accurately and efficiently identifies the wireless implementation by exploiting variations in their transmission behavior. We perform an evaluation of our fingerprinting technique that shows it both quickly and accurately fingerprints aircraft transponders using real-world aircraft data. Furthermore, through cross-referencing our fingerprints with open source aircraft databases, we are able to infer potential aircraft types and fleet combinations, as well as general market proliferation of different transponder implementations. Finally, we discuss implications for the security and privacy of our approach as well as potential mitigating factors.","PeriodicalId":144851,"journal":{"name":"Proceedings of the First ACM Workshop on Cyber-Physical Systems-Security and/or PrivaCy","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-10-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124635251","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Mathias Payer, S. Mangard, E. Weippl, S. Katzenbeisser, A. Cárdenas, R. Bobba
{"title":"Proceedings of the First ACM Workshop on Cyber-Physical Systems-Security and/or PrivaCy","authors":"Mathias Payer, S. Mangard, E. Weippl, S. Katzenbeisser, A. Cárdenas, R. Bobba","doi":"10.1145/2808705","DOIUrl":"https://doi.org/10.1145/2808705","url":null,"abstract":"It is our great pleasure to welcome you to the Second ACM Workshop on Cyber-Physical Systems Security and PrivaCy (CPS-SPC) in conjunction with the 23rd ACM Conference on Computer and Communications Security (CCS) in Vienna, Austria. \u0000 \u0000Our increased dependency on cyber-physical systems (CPS) has amplified concerns of cyber attacks on these systems. These transformative attack methods require additional research into secure control systems and related architectures of CPS. The majority of the published literature addressing the security and privacy of CPS reflect a field still in its infancy; as such, the overall principles, models, and theories for securing CPS have not yet emerged. It is hoped that this workshop will provide a focal point for the research community to begin addressing the security and privacy of CPS in a comprehensive and multidisciplinary manner and, in tandem with other efforts, build a comprehensive research roadmap. As a workshop, we expect to attract papers that reflect ongoing work that are still \"works in progress\". \u0000 \u0000This year's workshop builds on the foundation laid last year to become one of the premier forums for presentation of interdisciplinary research results and experience reports at the interface of control theory, information security, embedded and real-time systems and human factors applied to CPS. The mission of the workshop is to create a community of researchers focusing on diverse aspects of CPS Security and Privacy, and to provide researchers and practitioners a premiere forum to share their perspectives with others interested in interdisciplinary approaches to solve the challenging security and privacy problems in CPS. \u0000 \u0000The workshop attracted 26 submissions from across 10 countries, and all papers were reviewed by at least three program committee members. 12 papers were accepted leading to a 46% acceptance rate.","PeriodicalId":144851,"journal":{"name":"Proceedings of the First ACM Workshop on Cyber-Physical Systems-Security and/or PrivaCy","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-10-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131032123","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Xiaolong Wang, M. Mizuno, M. Neilsen, Xinming Ou, S. R. Rajagopalan, Will G. Boldwin, Bryan Phillips
{"title":"Secure RTOS Architecture for Building Automation","authors":"Xiaolong Wang, M. Mizuno, M. Neilsen, Xinming Ou, S. R. Rajagopalan, Will G. Boldwin, Bryan Phillips","doi":"10.1145/2808705.2808709","DOIUrl":"https://doi.org/10.1145/2808705.2808709","url":null,"abstract":"Building Automation System (BAS) is a computer-based control system that is widely installed in office buildings and laboratories for monitoring and controlling mechanical/electrical equipment. With the advancements in Cyber-Physical System (CPS) and Internet of Things (IoTs), BAS is in the process of becoming more intelligent by merging computing resources and network communication with physical control. Along with potential benefits, it also brings tremendous risks of security breaches and safety violations, especially when it comes to Programmable Logic Controllers (PLCs). In this paper, we systematically analyze biocontainment laboratory control models based on real case scenarios from Biosecurity Research Institute (BRI) at Kansas State University. We present a vision for a new secure Real-Time Operating System (RTOS) architecture, which leverages various technologies, including microkernel structure, Trusted Platform Module (TPM), proxy-based policy enforcement, and formal verification. The secure RTOS architecture is designed specifically to work with embedded controllers which are widely used in BAS and other CPS to achieve a highly secure and trustworthy control system.","PeriodicalId":144851,"journal":{"name":"Proceedings of the First ACM Workshop on Cyber-Physical Systems-Security and/or PrivaCy","volume":"27 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-10-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126164159","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
W. Knowles, J. Such, Antonios Gouglidis, Gaurav Misra, A. Rashid
{"title":"Assurance Techniques for Industrial Control Systems (ICS)","authors":"W. Knowles, J. Such, Antonios Gouglidis, Gaurav Misra, A. Rashid","doi":"10.1145/2808705.2808710","DOIUrl":"https://doi.org/10.1145/2808705.2808710","url":null,"abstract":"Assurance techniques generate evidence that allow us to make claims of assurance about security. For the purpose of certification to an assurance scheme, this evidence enables us to answer the question: are the implemented security controls consistent with organisational risk posture? This paper uses interviews with security practitioners to assess how ICS security assessments are conducted in practice, before introducing the five \"PASIV\" principles to ensure the safe use of assurance techniques. PASIV is then applied to three phases of the system development life cycle (development; procurement; operational), to determine when and when not, these assurance techniques can be used to generate evidence. Focusing then on the operational phase, this study assesses how assurances techniques generate evidence for the 35 security control families of ISO/IEC 27001:2013.","PeriodicalId":144851,"journal":{"name":"Proceedings of the First ACM Workshop on Cyber-Physical Systems-Security and/or PrivaCy","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-10-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132168591","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
W. Abbas, Aron Laszka, Yevgeniy Vorobeychik, X. Koutsoukos
{"title":"Scheduling Intrusion Detection Systems in Resource-Bounded Cyber-Physical Systems","authors":"W. Abbas, Aron Laszka, Yevgeniy Vorobeychik, X. Koutsoukos","doi":"10.1145/2808705.2808711","DOIUrl":"https://doi.org/10.1145/2808705.2808711","url":null,"abstract":"In order to be resilient to attacks, a cyber-physical system (CPS) must be able to detect attacks before they can cause significant damage. To achieve this, emph{intrusion detection systems} (IDS) may be deployed, which can detect attacks and alert human operators, who can then intervene. However, the resource-constrained nature of many CPS poses a challenge, since reliable IDS can be computationally expensive. Consequently, computational nodes may not be able to perform intrusion detection continuously, which means that we have to devise a schedule for performing intrusion detection. While a uniformly random schedule may be optimal in a purely cyber system, an optimal schedule for protecting CPS must also take into account the physical properties of the system, since the set of adversarial actions and their consequences depend on the physical systems. Here, in the context of water distribution networks, we study IDS scheduling problems in two settings and under the constraints on the available battery supplies. In the first problem, the objective is to design, for a given duration of time $T$, scheduling schemes for IDS so that the probability of detecting an attack is maximized within that duration. We propose efficient heuristic algorithms for this general problem and evaluate them on various networks. In the second problem, our objective is to design scheduling schemes for IDS so that the overall lifetime of the network is maximized while ensuring that an intruder attack is always detected. Various strategies to deal with this problem are presented and evaluated for various networks.","PeriodicalId":144851,"journal":{"name":"Proceedings of the First ACM Workshop on Cyber-Physical Systems-Security and/or PrivaCy","volume":"52 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-10-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130222091","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}