Janus：用于工业机器人控制器攻击检测的可信执行环境方法

IF 5.1 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

IEEE Transactions on Emerging Topics in Computing Pub Date : 2024-04-24 DOI:10.1109/TETC.2024.3390435

Stefano Longari;Jacopo Jannone;Mario Polino;Michele Carminati;Andrea Zanchettin;Mara Tanelli;Stefano Zanero

{"title":"Janus：用于工业机器人控制器攻击检测的可信执行环境方法","authors":"Stefano Longari;Jacopo Jannone;Mario Polino;Michele Carminati;Andrea Zanchettin;Mara Tanelli;Stefano Zanero","doi":"10.1109/TETC.2024.3390435","DOIUrl":null,"url":null,"abstract":"In the last few decades, technological progress has led to a spike in the adoption of robots by the manufacturing industry. With the new “Industry 4.0” paradigm, companies strive to automate their production processes by interconnecting and integrating different industrial systems. The resulting increase in complexity contributes to a larger attack surface and paves the way for novel attacks. In the context of cyber-physical systems, consequences include economic and physical damage, as well as harm to human workers. In this article, we present Janus, a novel monitoring mechanism for industrial robot controllers that exploits the trusted execution environment (TEE) to guarantee the integrity of the attack detection algorithm even in case the controller's software is compromised, while not requiring external hardware for its detection process. In particular, we use the state observers strategy for detecting low-level controller (LLC) attacks. We assess our approach by testing it against various attacks, identifying those that are simpler to detect and pinpointing the more elusive ones, which are mostly detected nonetheless. Finally, we demonstrate that our approach does not add significant computation overheads.","PeriodicalId":13156,"journal":{"name":"IEEE Transactions on Emerging Topics in Computing","volume":"13 1","pages":"185-195"},"PeriodicalIF":5.1000,"publicationDate":"2024-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=10508318","citationCount":"0","resultStr":"{\"title\":\"Janus: A Trusted Execution Environment Approach for Attack Detection in Industrial Robot Controllers\",\"authors\":\"Stefano Longari;Jacopo Jannone;Mario Polino;Michele Carminati;Andrea Zanchettin;Mara Tanelli;Stefano Zanero\",\"doi\":\"10.1109/TETC.2024.3390435\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In the last few decades, technological progress has led to a spike in the adoption of robots by the manufacturing industry. With the new “Industry 4.0” paradigm, companies strive to automate their production processes by interconnecting and integrating different industrial systems. The resulting increase in complexity contributes to a larger attack surface and paves the way for novel attacks. In the context of cyber-physical systems, consequences include economic and physical damage, as well as harm to human workers. In this article, we present Janus, a novel monitoring mechanism for industrial robot controllers that exploits the trusted execution environment (TEE) to guarantee the integrity of the attack detection algorithm even in case the controller's software is compromised, while not requiring external hardware for its detection process. In particular, we use the state observers strategy for detecting low-level controller (LLC) attacks. We assess our approach by testing it against various attacks, identifying those that are simpler to detect and pinpointing the more elusive ones, which are mostly detected nonetheless. Finally, we demonstrate that our approach does not add significant computation overheads.\",\"PeriodicalId\":13156,\"journal\":{\"name\":\"IEEE Transactions on Emerging Topics in Computing\",\"volume\":\"13 1\",\"pages\":\"185-195\"},\"PeriodicalIF\":5.1000,\"publicationDate\":\"2024-04-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=10508318\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IEEE Transactions on Emerging Topics in Computing\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://ieeexplore.ieee.org/document/10508318/\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Emerging Topics in Computing","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10508318/","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

摘要

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Janus: A Trusted Execution Environment Approach for Attack Detection in Industrial Robot Controllers

In the last few decades, technological progress has led to a spike in the adoption of robots by the manufacturing industry. With the new “Industry 4.0” paradigm, companies strive to automate their production processes by interconnecting and integrating different industrial systems. The resulting increase in complexity contributes to a larger attack surface and paves the way for novel attacks. In the context of cyber-physical systems, consequences include economic and physical damage, as well as harm to human workers. In this article, we present Janus, a novel monitoring mechanism for industrial robot controllers that exploits the trusted execution environment (TEE) to guarantee the integrity of the attack detection algorithm even in case the controller's software is compromised, while not requiring external hardware for its detection process. In particular, we use the state observers strategy for detecting low-level controller (LLC) attacks. We assess our approach by testing it against various attacks, identifying those that are simpler to detect and pinpointing the more elusive ones, which are mostly detected nonetheless. Finally, we demonstrate that our approach does not add significant computation overheads.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

IEEE Transactions on Emerging Topics in Computing Computer Science-Computer Science (miscellaneous)

CiteScore

12.10

自引率

5.10%

发文量

113

期刊介绍： IEEE Transactions on Emerging Topics in Computing publishes papers on emerging aspects of computer science, computing technology, and computing applications not currently covered by other IEEE Computer Society Transactions. Some examples of emerging topics in computing include: IT for Green, Synthetic and organic computing structures and systems, Advanced analytics, Social/occupational computing, Location-based/client computer systems, Morphic computer design, Electronic game systems, & Health-care IT.