Abstract
Industrial control systems monitor and control critical infrastructure assets such as the electric power grid, oil and gas pipelines, transportation systems and water treatment and supply facilities. Attacks that impact the operations of these critical assets could have devastating consequences to society. The complexity and interconnectivity of industrial control systems have introduced vulnerabilities and attack surfaces that previously did not exist. The numerous communications paths and ingress and egress points, technological diversity and strict operating requirements provide myriad opportunities for a motivated adversary. This paper investigates the detection of integrity errors in industrial control systems by correlating state values from field devices. Specifically, it considers a formulation of the classic Byzantine Generals Problem in the context of industrial control systems. The results demonstrate that leveraging physical system properties allows the inference of system states to identify integrity compromises.
The rights of this work are transferred to the extent transferable according to title 17 U.S.C. § 105.
Chapter PDF
References
J. Finkle, “Irrational” hackers are growing U.S. security fear, Reuters, May 22, 2013.
L. Lamport, R. Shostak and M. Pease, The Byzantine Generals Problem, ACM Transactions on Programming Languages and Systems, vol. 4(3), pp. 382–401, 1982.
Y. Lindell, A. Lysyanskaya and T. Rabin, On the composition of authenticated Byzantine agreement, Journal of the ACM, vol. 56(6), pp. 881–917, 2006.
T. Macaulay and B. Singer, Cyber Security for Industrial Control Systems: SCADA, DCS, PLC, HMI and SIS, CRC Press, Boca Raton, Florida, 2012.
National Transportation Safety Board, Pipeline Accident Report, Pipeline Rupture and Release of Fuel Oil into the Reedy River at Fork Shoals, South Carolina, Report PB98-916502, NTSB/PAR-98-01, Washington, DC, 1996.
F. Rashid, ICS-CERT: Response to cyber “incidents” against critical infrastructure jumped 52 percent in 2012, Security Week, January 10, 2013.
U.S. Department of Homeland Security, ICS-CERT Incident Response Summary Report: 2009–2011, Washington, DC, 2012.
Z. Zorz, Company’s industrial heating system hacked via backdoor, Help Net Security, Kastav, Croatia, December 12, 2012
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 IFIP International Federation for Information Processing
About this paper
Cite this paper
Arnold, C., Butts, J., Thirunarayan, K. (2014). Detecting Integrity Attacks on Industrial Control Systems. In: Butts, J., Shenoi, S. (eds) Critical Infrastructure Protection VIII. ICCIP 2014. IFIP Advances in Information and Communication Technology, vol 441. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-45355-1_1
Download citation
DOI: https://doi.org/10.1007/978-3-662-45355-1_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-45354-4
Online ISBN: 978-3-662-45355-1
eBook Packages: Computer ScienceComputer Science (R0)