United We Stand: A Threshold Signature Scheme for Identifying Outliers in PLCs
| Title | United We Stand: A Threshold Signature Scheme for Identifying Outliers in PLCs |
| Publication Type | Conference Paper |
| Year of Publication | 2019 |
| Authors | Chatterjee, Urbi, Santikellur, Pranesh, Sadhukhan, Rajat, Govindan, Vidya, Mukhopadhyay, Debdeep, Chakraborty, Rajat Subhra |
| Conference Name | 2019 56th ACM/IEEE Design Automation Conference (DAC) |
| Date Published | June 2019 |
| Publisher | IEEE |
| ISBN Number | 978-1-4503-6725-7 |
| Keywords | (k, \$-threshold signature scheme, anomaly detection, BIOS Security, compromised state, control engineering computing, corrupted PLC, cyber security awareness week-2017 competition, digital signatures, electro-mechanical processes, finite state machine, finite state machines, group-signature, human factors, I-O Systems, i-o systems security, I/O pin configuration attack, input-output mechanism, IO pin configuration attack, l)-threshold signature scheme, Legacy PLC system, legacy PLCs, malicious code, malicious disruption, Malware, Metrics, OpenPLC software, particular state, Pins, PLCs, predefined states, programmable controllers, Protocols, Prototypes, pubcrawl, Pulse width modulation, pulse width modulation pins, PWM, Raspberry Pi, Registers, resilience, Resiliency, Scalability, security, signature shares, uncorrupted PLC |
| Abstract | This work proposes a scheme to detect, isolate and mitigate malicious disruption of electro-mechanical processes in legacy PLCs where each PLC works as a finite state machine (FSM) and goes through predefined states depending on the control flow of the programs and input-output mechanism. The scheme generates a group-signature for a particular state combining the signature shares from each of these PLCs using \$(k,\textbackslashtextbackslash l)\$-threshold signature scheme.If some of them are affected by the malicious code, signature can be verified by k out of l uncorrupted PLCs and can be used to detect the corrupted PLCs and the compromised state. We use OpenPLC software to simulate Legacy PLC system on Raspberry Pi and show I/O\$ pin configuration attack on digital and pulse width modulation (PWM) pins. We describe the protocol using a small prototype of five instances of legacy PLCs simultaneously running on OpenPLC software. We show that when our proposed protocol is deployed, the aforementioned attacks get successfully detected and the controller takes corrective measures. This work has been developed as a part of the problem statement given in the Cyber Security Awareness Week-2017 competition. |
| URL | https://ieeexplore.ieee.org/document/8806979 |
| Citation Key | chatterjee_united_2019 |
- Pulse width modulation
- malware
- Metrics
- OpenPLC software
- particular state
- Pins
- PLCs
- predefined states
- programmable controllers
- Protocols
- Prototypes
- pubcrawl
- malicious disruption
- pulse width modulation pins
- PWM
- Raspberry Pi
- Registers
- resilience
- Resiliency
- Scalability
- security
- signature shares
- uncorrupted PLC
- group-signature
- \$-threshold signature scheme
- Anomaly Detection
- BIOS Security
- compromised state
- control engineering computing
- corrupted PLC
- cyber security awareness week-2017 competition
- digital signatures
- electro-mechanical processes
- finite state machine
- finite state machines
- (k
- Human Factors
- I-O Systems
- i-o systems security
- I/O pin configuration attack
- input-output mechanism
- IO pin configuration attack
- l)-threshold signature scheme
- Legacy PLC system
- legacy PLCs
- malicious code