{"title":"在工业控制系统中实现身份验证的数据交换","authors":"A. Duka, B. Genge, P. Haller","doi":"10.1109/ISDFS.2018.8355337","DOIUrl":null,"url":null,"abstract":"In the context of the ever more increasing number of cyber attacks targeted against Industrial Control Systems, the protection of data (e.g., process variables) commonly exchanged between the system's components (e.g., between Programmable Logic Controllers — PLCs, and Human Machine Interfaces — HMIs), is of greatest importance. In spite of their modest computational resources, we show that, when compared to other computer systems (e.g., traditional PCs), it is possible to enhance the control programs running within PLCs with Message Authentication Codes (MACs) constructions. These enable to authenticate the exchanged data, therefore providing a means to simultaneously verify both the data integrity and the authentication of process variables. This paper presents PLC-specific details for several MAC implementations and assesses their efficiency, in terms of execution time, as tested on Phoenix Contact's ILC 350 PN controller.","PeriodicalId":154279,"journal":{"name":"2018 6th International Symposium on Digital Forensic and Security (ISDFS)","volume":"56 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Enabling authenticated data exchanges in industrial control systems\",\"authors\":\"A. Duka, B. Genge, P. Haller\",\"doi\":\"10.1109/ISDFS.2018.8355337\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In the context of the ever more increasing number of cyber attacks targeted against Industrial Control Systems, the protection of data (e.g., process variables) commonly exchanged between the system's components (e.g., between Programmable Logic Controllers — PLCs, and Human Machine Interfaces — HMIs), is of greatest importance. In spite of their modest computational resources, we show that, when compared to other computer systems (e.g., traditional PCs), it is possible to enhance the control programs running within PLCs with Message Authentication Codes (MACs) constructions. These enable to authenticate the exchanged data, therefore providing a means to simultaneously verify both the data integrity and the authentication of process variables. This paper presents PLC-specific details for several MAC implementations and assesses their efficiency, in terms of execution time, as tested on Phoenix Contact's ILC 350 PN controller.\",\"PeriodicalId\":154279,\"journal\":{\"name\":\"2018 6th International Symposium on Digital Forensic and Security (ISDFS)\",\"volume\":\"56 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-03-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 6th International Symposium on Digital Forensic and Security (ISDFS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISDFS.2018.8355337\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 6th International Symposium on Digital Forensic and Security (ISDFS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISDFS.2018.8355337","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Enabling authenticated data exchanges in industrial control systems
In the context of the ever more increasing number of cyber attacks targeted against Industrial Control Systems, the protection of data (e.g., process variables) commonly exchanged between the system's components (e.g., between Programmable Logic Controllers — PLCs, and Human Machine Interfaces — HMIs), is of greatest importance. In spite of their modest computational resources, we show that, when compared to other computer systems (e.g., traditional PCs), it is possible to enhance the control programs running within PLCs with Message Authentication Codes (MACs) constructions. These enable to authenticate the exchanged data, therefore providing a means to simultaneously verify both the data integrity and the authentication of process variables. This paper presents PLC-specific details for several MAC implementations and assesses their efficiency, in terms of execution time, as tested on Phoenix Contact's ILC 350 PN controller.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
