legacy compliant data authentication for industrial
play

Legacy-Compliant Data Authentication for Industrial Control System - PowerPoint PPT Presentation

Legacy-Compliant Data Authentication for Industrial Control System Traffic John Henry Castellanos, Daniele Antonioli, Nils Ole Tippenhauer and Martn Ochoa Singapore University of Technology and Design 15 th International Conference on Applied


  1. Legacy-Compliant Data Authentication for Industrial Control System Traffic John Henry Castellanos, Daniele Antonioli, Nils Ole Tippenhauer and Martín Ochoa Singapore University of Technology and Design 15 th International Conference on Applied Cryptography and Network Security Japan, Kanazawa, July 11, 2017. ACNS2017 1 1 1

  2. Industrial Control Systems What are ICSs? Automatic control of Industrial Processes: Manufacturing plants Power plants Public transportation infrastructure Utility infrastructure (water treatment, gas/oil, power generation) Source: urvil.wordpress.com ACNS2017 2 2

  3. Industrial Control Systems Industry Evolution Source: http://bcmpublicrelations.com/ ACNS2017 3 3

  4. Industrial Control Systems IT meets OT (Purdue Model) Information Technology: Servers and Client PCs Operational Technology: Servers, PLCs, SCADA, HMI Devices, Actuators and Sensors Integrity Attacks cause Operational Changes Source: https://pgjonline.com/ ACNS2017 4 4

  5. Cyber-security in ICS Motivation: Integrity Attacks Chemical Valve Tank Level Dispenser Controller Monitor Attacker Attacker PLC PLC Control Center ACNS2017 5

  6. Cyber-security in ICS Motivation: Integrity Attacks !! High level Chemical Valve Tank Level Dispenser Controller Monitor Attacker Attacker PLC High level PLC Control Center ACNS2017 6

  7. Cyber-security in ICS Motivation: Integrity Attacks !! High level Chemical Valve Tank Level Dispenser Controller Monitor Attacker Attacker High level PLC PLC Normal level Control Center ACNS2017 7

  8. Cyber-security in ICS Motivation: Integrity Attacks Chemical Valve Tank Level Dispenser Controller Monitor Attacker Attacker Turn off valve Reduce PLC PLC Chemical Control Center ACNS2017 8

  9. Cyber-security in ICS Motivation: Integrity Attacks Chemical Valve Tank Level Dispenser Controller Monitor Attacker Attacker Turn on Increase valve Chemical Turn off PLC valve PLC Reduce Chemical Control Center ACNS2017 9

  10. Cyber-security in ICS Motivation: Integrity Attacks Chemical Valve Tank Level Dispenser Controller Monitor Attacker Attacker PLC PLC Control Center ACNS2017 10 10 10

  11. Countermeasures Authenticity & Integrity checks !! High level High level Tank Level Monitor Control Center ACNS2017 11 11 11

  12. Countermeasures Authenticity & Integrity checks !! High level High level Tank Level Monitor Control Center ACNS2017 12 12 12

  13. Countermeasures Authenticity & Integrity checks !! High level High level Tank Level Monitor Control Center ACNS2017 13 13 13

  14. Countermeasures Authenticity & Integrity checks !! High level High level Tank Level Monitor Control Center ACNS2017 14 14 14

  15. Countermeasures Authenticity & Integrity checks !! High level High level Tank Level Monitor Control Center Attacker ACNS2017 15 15 15

  16. Countermeasures Authenticity & Integrity checks !! High level High level Tank Level Monitor Control Center Attacker ACNS2017 16 16 16

  17. Countermeasures Authenticity & Integrity checks !! High level Tank Level Monitor Control Center High level Attacker ACNS2017 17 17 17

  18. Countermeasures Authenticity & Integrity checks !! High level Tank Level Monitor Control Center Low level Attacker ACNS2017 18 18 18

  19. Countermeasures Authenticity & Integrity checks !! High level Low level Tank Level Monitor Control Center Attacker ACNS2017 19 19 19

  20. Industrial Control Systems IT/OT Requirements Attribute Information Technology Industrial Control Systems Systems (IT) (OT) Component 3 to 5 years 10 to 15 years Lifetime Connectivity Corporate network, IP-based, Control Network, proprietary standard protocols protocols Performance Non-real-time Real-time Requirements Sources: NIST: Guide to Industrial Control Systems Security. 800-82 Rev2 http://www.wbdg.org/ ACNS2017 20 20 20

  21. Data from a real ICS SWaT Testbed Secure Water Treatment (SWaT) is a testbed for research in the area of cyber security. ACNS2017 21 21 21

  22. Data from a real ICS Real-time requirements ACNS2017 22 22 22

  23. Data from a real ICS Understanding ICS Data By selecting CIP services with critical data our proposal avoids additional processing and bandwidth overheads in comparison with signing all CIP traffic. ACNS2017 23 23 23

  24. Data from a real ICS Understanding ICS Data CIP Services (Critical Data): Read_Tag Write_Tag Read_Tag_Fragmented By selecting CIP services with critical data our proposal avoids additional processing and bandwidth overheads in comparison with signing all CIP traffic. ACNS2017 24 24 24

  25. SPA Protocol Selective Packet Authentication Control Center PLC Bridging Non- Bridging Non- Critical Data Critical Data Signing Verifying Critical Data Critical Data Crypto-featured Hardware Crypto-featured Hardware ACNS2017 25 25 25

  26. Comparison with TLS SPA Evaluation As SPA only signs/verifies selected critical packets, it improves the overall hardened communication rate of the system compared with TLS. ACNS2017 26 26 26

  27. ASPA Protocol Aggregated Selective Packet Authentication Control Center PLC Bridging Non- Bridging Non- Critical Data Critical Data Marking & Marking & Bridging Critical Bridging Critical Data Data Signing Verifying Marked Chunk Marked Chunk Crypto-featured Hardware Crypto-featured Hardware ACNS2017 27 27 27

  28. Comparison with TLS ASPA Evaluation Using Aggregated-SPA the system would achieve higher tolerance communication levels processing different percentages of critical data. x-axis represents chunk of packets to be signed. y-axis represents tolerance at communication level reached by the system. ACNS2017 28 28 28

  29. Implementation Real Scenario on SWaT Testbed PLC1 PLC3 TCP/IP Switch Control Center ACNS2017 29 29 29

  30. Implementation Real Scenario on SWaT Testbed Critical Data PLC1 PLC3 TCP/IP Switch Signs Verifies Control Center ACNS2017 30 30 30

  31. Implementation Real Scenario on SWaT Testbed PLC1 Verifies Signs PLC3 TCP/IP Switch Critical Data Control Center ACNS2017 31 31 31

  32. Implementation Real Scenario on SWaT Testbed PLC1 PLC3 TCP/IP Switch Updates Updates stats stats Control Center ACNS2017 32 32 32

  33. Implementation Real Scenario on SWaT Testbed Monitors Monitors System system Performance performance PLC1 PLC3 TCP/IP Switch Control Center ACNS2017 33 33 33

  34. Benchmark Hardware Selection Hardware Processor CPU Memory Controllino ATmega2560 16 MHz 256 KB Microcontroller ARM (VM*) ARM926EJ-S 540 MHz 256 MB Raspberry PI 2 Quad-core ARM 900 MHz 1 GB Cortex-A7 Raspberry PI 3 Quad-core ARM 1200 MHz 1 GB Cortex-A53 PC (VM*) Intel Core i5-5300 U 2300 MHz 2 GB *VM: Virtual Machine ACNS2017 34 34 34

  35. Benchmark Hardware Performance Data Size Controllino ARM Raspberry Raspberry PC (Bytes) PI2 PI3 64 2.2 x 10 4 76 53 15 2 128 3.3 x 10 4 78 58 16 2 256 5.5 x 10 4 84 69 18 3 512 1 x 10 5 117 89 32 4 1K 1.8 x 10 5 171 130 35 6 2K 3.6 x 10 5 252 211 58 10 4K 7 x 10 5 474 374 104 18 ECDSA N/A 1.5 x 10 5 1 x 10 5 3.2 x 10 4 3.1 x 10 3 All data in μs Cryptographic Algorithms: • Symmetric: HMAC-SHA256 • Asymmetric: ECDSA ACNS2017 35 35 35

  36. ASPA Protocol Performance Evaluation (Speed) 10 7 10 6 10 5 10 4 Pk/s Min Pk/s 10 3 required in SWaT 10 2 10 1 60 100 120 20 40 80 ACNS2017 Aggregated Signature (Pks in a chunk) 36 36 36

  37. Conclusions Our protocols are backward compatible, as they transmit • Protocols Features authentication data as payload in legacy industrial protocols. With inexpensive and fast hardware (Raspberry PI), it is • feasible to enhance legacy plants with authentic channels for strong signature algorithms with simple protocols. It is feasible to significantly raise the bar against attackers • of ICS by including authentication based on modern cryptography without compromising efficiency or cost. We plan to compare the real-time constraints of SWaT • with constraints in other ICS Testbeds (Smart Grid). ACNS2017 37 37 37

  38. Thank you Q & A ACNS2017 38 38 38

  39. Backup Slides ACNS2017 39 39 39

  40. Industrial Control Systems IT/OT Requirements Attribute Information Technology Systems (IT) Industrial Control Systems (OT) Purpose Process transaction, provide information Controls and monitor physical processes Role Support people Control machines Architecture Enterprise wide infrastructure and applications Event-driven, real-time, embedded hardware and customized software Component 3 to 5 years 10 to 15 years Lifetime Interfaces GUI, Web browser, terminal and keyboard Electromechanical, sensors, actuators, coded displays Connectivity Corporate network, IP-based, standard protocols Control Network, proprietary protocols Performance Non-real-time Real-time Requirements Major risk impacts Delay of business operations Environmental impacts, loss of life, equipment, or production Sources: NIST: Guide to Industrial Control Systems Security. 800-82 Rev2 http://www.wbdg.org/ ACNS2017 40 40 40

Recommend


More recommend