Designing actively secure, highly available industrial automation applications

Awais Tanveer; Roopak Sinha; Stephen G. MacDonell; Paulo Leitao; Valeriy Vyatkin

doi:10.1109/INDIN41052.2019.8972262

Designing actively secure, highly available industrial automation applications

Awais Tanveer, Roopak Sinha, Stephen G. MacDonell, Paulo Leitao, Valeriy Vyatkin

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Scientific › peer-review

1 Citation (Scopus)

Abstract

Programmable Logic Controllers (PLCs) execute critical control software that drives Industrial Automation and Control Systems (IACS). PLCs can become easy targets for cyber-adversaries as they are resource-constrained and are usually built using legacy, less-capable security measures. Security attacks can significantly affect system availability, which is an essential requirement for IACS. We propose a method to make PLC applications more security-aware. Based on the well-known IEC 61499 function blocks standard for developing IACS software, our method allows designers to annotate critical parts of an application during design time. On deployment, these parts of the application are automatically secured using appropriate security mechanisms to detect and prevent attacks. We present a summary of availability attacks on distributed IACS applications that can be mitigated by our proposed method. Security mechanisms are achieved using IEC 61499 Service-Interface Function Blocks (SIFBs) embedding Intrusion Detection and Prevention System (IDPS), added to the application at compile time. This method is more amenable to providing active security protection from attacks on previously unknown (zero-day) vulnerabilities. We test our solution on an IEC 61499 application executing on Wago PFC200 PLCs. Experiments show that we can successfully log and prevent attacks at the application level as well as help the application to gracefully degrade into safe mode, subsequently improving availability.

Original language	English
Title of host publication	Proceedings of the 17th IEEE International Conference on Industrial Informatics, INDIN 2019
Publisher	IEEE
Pages	374-379
Number of pages	6
ISBN (Electronic)	9781728129273
DOIs	https://doi.org/10.1109/INDIN41052.2019.8972262
Publication status	Published - 1 Jul 2019
MoE publication type	A4 Article in a conference publication
Event	IEEE International Conference on Industrial Informatics - Aalto University, Helsinki-Espoo, Finland Duration: 22 Jul 2019 → 25 Jul 2019 Conference number: 17 https://www.indin2019.org/

Publication series

Name	IEEE International Conference on Industrial Informatics
Publisher	IEEE
ISSN (Print)	1935-4576
ISSN (Electronic)	2378-363X

Conference

Conference	IEEE International Conference on Industrial Informatics
Abbreviated title	INDIN
Country	Finland
City	Helsinki-Espoo
Period	22/07/2019 → 25/07/2019
Internet address	https://www.indin2019.org/

Keywords

Active security protection
Availability
IEC 61499
Industrial automation and control systems
Intrusion detection and prevention
Programmable Logic Controllers

Access to Document

10.1109/INDIN41052.2019.8972262

Link to publication in Scopus

Fingerprint Dive into the research topics of 'Designing actively secure, highly available industrial automation applications'. Together they form a unique fingerprint.

Cite this

Tanveer, A., Sinha, R., MacDonell, S. G., Leitao, P., & Vyatkin, V. (2019). Designing actively secure, highly available industrial automation applications. In Proceedings of the 17th IEEE International Conference on Industrial Informatics, INDIN 2019 (pp. 374-379). [8972262] (IEEE International Conference on Industrial Informatics). IEEE. https://doi.org/10.1109/INDIN41052.2019.8972262

@inproceedings{b0f0b6aa503b45159eec788d133b3ed6,

title = "Designing actively secure, highly available industrial automation applications",

abstract = "Programmable Logic Controllers (PLCs) execute critical control software that drives Industrial Automation and Control Systems (IACS). PLCs can become easy targets for cyber-adversaries as they are resource-constrained and are usually built using legacy, less-capable security measures. Security attacks can significantly affect system availability, which is an essential requirement for IACS. We propose a method to make PLC applications more security-aware. Based on the well-known IEC 61499 function blocks standard for developing IACS software, our method allows designers to annotate critical parts of an application during design time. On deployment, these parts of the application are automatically secured using appropriate security mechanisms to detect and prevent attacks. We present a summary of availability attacks on distributed IACS applications that can be mitigated by our proposed method. Security mechanisms are achieved using IEC 61499 Service-Interface Function Blocks (SIFBs) embedding Intrusion Detection and Prevention System (IDPS), added to the application at compile time. This method is more amenable to providing active security protection from attacks on previously unknown (zero-day) vulnerabilities. We test our solution on an IEC 61499 application executing on Wago PFC200 PLCs. Experiments show that we can successfully log and prevent attacks at the application level as well as help the application to gracefully degrade into safe mode, subsequently improving availability.",

keywords = "Active security protection, Availability, IEC 61499, Industrial automation and control systems, Intrusion detection and prevention, Programmable Logic Controllers",

author = "Awais Tanveer and Roopak Sinha and MacDonell, {Stephen G.} and Paulo Leitao and Valeriy Vyatkin",

year = "2019",

month = jul,

day = "1",

doi = "10.1109/INDIN41052.2019.8972262",

language = "English",

series = "IEEE International Conference on Industrial Informatics",

publisher = "IEEE",

pages = "374--379",

booktitle = "Proceedings of the 17th IEEE International Conference on Industrial Informatics, INDIN 2019",

address = "United States",

note = "IEEE International Conference on Industrial Informatics, INDIN ; Conference date: 22-07-2019 Through 25-07-2019",

url = "https://www.indin2019.org/",

}

Tanveer, A, Sinha, R, MacDonell, SG, Leitao, P & Vyatkin, V 2019, Designing actively secure, highly available industrial automation applications. in Proceedings of the 17th IEEE International Conference on Industrial Informatics, INDIN 2019., 8972262, IEEE International Conference on Industrial Informatics, IEEE, pp. 374-379, IEEE International Conference on Industrial Informatics, Helsinki-Espoo, Finland, 22/07/2019. https://doi.org/10.1109/INDIN41052.2019.8972262

Designing actively secure, highly available industrial automation applications. / Tanveer, Awais; Sinha, Roopak; MacDonell, Stephen G.; Leitao, Paulo; Vyatkin, Valeriy.

Proceedings of the 17th IEEE International Conference on Industrial Informatics, INDIN 2019. IEEE, 2019. p. 374-379 8972262 (IEEE International Conference on Industrial Informatics).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Scientific › peer-review

TY - GEN

T1 - Designing actively secure, highly available industrial automation applications

AU - Tanveer, Awais

AU - Sinha, Roopak

AU - MacDonell, Stephen G.

AU - Leitao, Paulo

AU - Vyatkin, Valeriy

N1 - Conference code: 17

PY - 2019/7/1

Y1 - 2019/7/1

N2 - Programmable Logic Controllers (PLCs) execute critical control software that drives Industrial Automation and Control Systems (IACS). PLCs can become easy targets for cyber-adversaries as they are resource-constrained and are usually built using legacy, less-capable security measures. Security attacks can significantly affect system availability, which is an essential requirement for IACS. We propose a method to make PLC applications more security-aware. Based on the well-known IEC 61499 function blocks standard for developing IACS software, our method allows designers to annotate critical parts of an application during design time. On deployment, these parts of the application are automatically secured using appropriate security mechanisms to detect and prevent attacks. We present a summary of availability attacks on distributed IACS applications that can be mitigated by our proposed method. Security mechanisms are achieved using IEC 61499 Service-Interface Function Blocks (SIFBs) embedding Intrusion Detection and Prevention System (IDPS), added to the application at compile time. This method is more amenable to providing active security protection from attacks on previously unknown (zero-day) vulnerabilities. We test our solution on an IEC 61499 application executing on Wago PFC200 PLCs. Experiments show that we can successfully log and prevent attacks at the application level as well as help the application to gracefully degrade into safe mode, subsequently improving availability.

AB - Programmable Logic Controllers (PLCs) execute critical control software that drives Industrial Automation and Control Systems (IACS). PLCs can become easy targets for cyber-adversaries as they are resource-constrained and are usually built using legacy, less-capable security measures. Security attacks can significantly affect system availability, which is an essential requirement for IACS. We propose a method to make PLC applications more security-aware. Based on the well-known IEC 61499 function blocks standard for developing IACS software, our method allows designers to annotate critical parts of an application during design time. On deployment, these parts of the application are automatically secured using appropriate security mechanisms to detect and prevent attacks. We present a summary of availability attacks on distributed IACS applications that can be mitigated by our proposed method. Security mechanisms are achieved using IEC 61499 Service-Interface Function Blocks (SIFBs) embedding Intrusion Detection and Prevention System (IDPS), added to the application at compile time. This method is more amenable to providing active security protection from attacks on previously unknown (zero-day) vulnerabilities. We test our solution on an IEC 61499 application executing on Wago PFC200 PLCs. Experiments show that we can successfully log and prevent attacks at the application level as well as help the application to gracefully degrade into safe mode, subsequently improving availability.

KW - Active security protection

KW - Availability

KW - IEC 61499

KW - Industrial automation and control systems

KW - Intrusion detection and prevention

KW - Programmable Logic Controllers

UR - http://www.scopus.com/inward/record.url?scp=85079057430&partnerID=8YFLogxK

U2 - 10.1109/INDIN41052.2019.8972262

DO - 10.1109/INDIN41052.2019.8972262

M3 - Conference contribution

AN - SCOPUS:85079057430

T3 - IEEE International Conference on Industrial Informatics

SP - 374

EP - 379

BT - Proceedings of the 17th IEEE International Conference on Industrial Informatics, INDIN 2019

PB - IEEE

T2 - IEEE International Conference on Industrial Informatics

Y2 - 22 July 2019 through 25 July 2019

ER -

Tanveer A, Sinha R, MacDonell SG, Leitao P, Vyatkin V. Designing actively secure, highly available industrial automation applications. In Proceedings of the 17th IEEE International Conference on Industrial Informatics, INDIN 2019. IEEE. 2019. p. 374-379. 8972262. (IEEE International Conference on Industrial Informatics). https://doi.org/10.1109/INDIN41052.2019.8972262