AttkFinder: Discovering Attack Vectors in PLC Programs using Information Flow Analysis
- 6 October 2021
- conference paper
- conference paper
- Published by Association for Computing Machinery (ACM) in 24th International Symposium on Research in Attacks, Intrusions and Defenses
Abstract
To protect an Industrial Control System (ICS), defenders need to identify potential attacks on the system and then design mechanisms to prevent them. Unfortunately, identifying potential attack conditions is a time-consuming and error-prone process. In this work, we propose and evaluate a set of tools to symbolically analyse the software of Programmable Logic Controllers (PLCs) guided by an information flow analysis that takes into account PLC network communication (compositions). Our tools systematically analyse malicious network packets that may force the PLC to send specific control commands to actuators. We evaluate our approach in a real-world system controlling the dosing of chemicals for water treatment. Our tools are able to find 75 attack tactics (56 were novel attacks), and we confirm that 96% of these tactics cause the intended effect in our testbed.Keywords
This publication has 24 references indexed in Scilit:
- Symbolic execution of programmable logic controller codePublished by Association for Computing Machinery (ACM) ,2017
- Security and Privacy in Cyber-Physical Systems: A Survey of SurveysIEEE Design & Test, 2017
- Limiting the Impact of Stealthy Attacks on Industrial Control SystemsPublished by Association for Computing Machinery (ACM) ,2016
- Distributed Detection of Single-Stage Multipoint Cyber Attacks in a Water Treatment PlantPublished by Association for Computing Machinery (ACM) ,2016
- Analysis and Design of Cyber-Physical Systems: A Hybrid Control Systems ApproachPublished by Taylor & Francis Ltd ,2015
- Through the eye of the PLCPublished by Association for Computing Machinery (ACM) ,2014
- A Trusted Safety Verifier for Process Controller CodePublished by Internet Society ,2014
- Membrane fouling control in ultrafiltration technology for drinking water production: A reviewDesalination, 2011
- Attacks against process control systemsPublished by Association for Computing Machinery (ACM) ,2011
- The Theory of Hybrid AutomataPublished by Springer Science and Business Media LLC ,2000