Skip to main content
SpringerLink
Log in

Implementation and Detection of Novel Attacks to the PLC Memory of a Clean Water Supply System

  • Conference paper
  • First Online:
Technology Trends (CITT 2018)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 895))

Included in the following conference series:

Abstract

Critical infrastructures such as nuclear plants and water supply systems are mainly managed through electronic control systems. Such control systems comprise of a number of elements, such as programmable logic controllers (PLC), networking devices, sensors and actuators. With the development of online and networking solutions, such control systems can be managed online. Even though network connected control systems permit users to keep up to date with system operation, it also opens the door to attackers taking advantages of such availability. In this paper, a novel attack vector for modifying PLC memory is proposed, which affects the perceived values of sensors, such as a water flow meter, or the operation of actuators, such as a pump. In addition, this attack vector can also manipulate control variables located in the PLC working memory, reprogramming decision making rules. To show the impact of the attacks in a real scenario, a model of a clean water supply system is implemented on a Festo MPA rig. The results show that the attacks on the PLC memory can have a significant detrimental effect on control system operations. Further, a mechanism of detecting such attacks on the PLC memory is proposed based on monitoring energy consumption and electrical signals using current-measurement sensors. The results show the successful implementation of the novel PLC attacks as well as the feasibility of detecting such attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Kaspersky: Threat Landscape for Industrial Automation Systems in H1 2017, 20 May 2018. https://ics-cert.kaspersky.com/reports/2017/09/28/threat-landscape-for-industrial-automation-systems-in-h1-2017/

  2. Secure water treatment (SWaT) Dataset, 21 May 2018. https://itrust.sutd.edu.sg/research/dataset/

  3. Morris, T.H., Gao, W.: Industrial control system cyber attacks. In: Proceedings of the 1st International Symposium on ICS & SCADA Cyber Security Research 2013, Leicester (2013)

    Google Scholar 

  4. Bradley, T.: Water utility hacked: are critical systems at risk? PCWorld, 20 November 2011. https://www.pcworld.com/article/244359/water_utility_hacked_are_our_scada_systems_at_risk_.html. Accessed 30 April 2018

  5. FESTO: MPS® PA Compact Workstation with level, flow rate, pressure and temperature controlled systems. http://www.festo-didactic.com/int-en/learning-systems/process-automation/compact-workstation/mps-pa-compact-workstation-with-level,flow-rate,pressure-and-temperature-controlled-systems.htm?fbid=aW50LmVuLjU1Ny4xNy4xOC44ODIuNDM3Ng

  6. Khurum Nazir, J., Goh, J.: Behaviour-based attack detection and classification in cyber physical systems using machine learning. In: Proceedings of the 2nd ACM International Workshop on Cyber-Physical System Security, Xi’an, China (2016)

    Google Scholar 

  7. Adepu, S., Mathur, A.: An investigation into the response of a water treatment system to cyber attacks. In: 2016 IEEE 17th International Symposium on High Assurance Systems Engineering (HASE) (2016)

    Google Scholar 

  8. Terai, A., Abe, S., Kojima, S., Takano, Y., Koshijima, I.: Cyber-attack detection for industrial control system monitoring with support vector machine based on communication profile. In: 2017 IEEE European Symposium on Security and Privacy Workshops (EuroS PW) (2017)

    Google Scholar 

  9. Hurst, W., Merabti, M., Fergus, P.: Big data analysis techniques for cyber-threat detection in critical infrastructures. In: 28th International Conference on Advanced Information Networking and Applications Workshops (2014)

    Google Scholar 

  10. Inoue, J., Yamagata, Y., Chen, Y., Poskitt, C., Sun, J.: Anomaly detection for a water treatment system using unsupervised machine learning. In: IEEE International Conference on Data Mining Workshops (2017)

    Google Scholar 

  11. Goh, J., Adepu, S., Tan, M., Lee, Z.: Anomaly detection in cyber physical systems using recurrent neural networks. In: 2017 IEEE 18th International Symposium on High Assurance Systems Engineering (HASE) (2017)

    Google Scholar 

  12. Almalawi, A., Yu, X., Tari, Z., Fahad, A., Khalila, I.: An unsupervised anomaly-based detection approach for integrity attacks on SCADA systems. Comput. Secur. 46, 94 (2014)

    Google Scholar 

  13. Frank, A., Asuncion, A.: UCI machine learning repository, 12 May 2018. http://archive.ics.uci.edu/ml

  14. Kamel, K., Kamel, E.: Programmable Logic Controllers: Industrial Control. McGraw-Hill Professional, New York (2013)

    Google Scholar 

  15. Bolton, W.: Input/output devices. In: Programmable Logic Controllers, Sixth Edn., Chap. 2, pp. 23–61. Newnes, Boston (2015)

    Google Scholar 

  16. Langner, R.: Stuxnet: dissecting a cyberwarfare weapon. IEEE Secur. Priv. 9, 49–51 (2011)

    Google Scholar 

  17. Shames, I., Texeira, A., Sandberg, H., Johansson, K.: Revealing stealthy attacks in control systems. In: 2012 50th Annual Allerton Conference on Communication, Control, and Computing (Allerton) (2012)

    Google Scholar 

  18. Urbina, D., et al.: Limiting the impact of stealthy attacks on industrial control systems. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna (2016)

    Google Scholar 

  19. Robles-Durazno, A., Moradpoor, N., McWhinnie, J., Russell, G.: A supervised energy monitoring-based machine learning approach for anomaly detection in a clean water supply system. In: Cyber Security 2018 (2018). Accepted for publication

    Google Scholar 

  20. NORDPOOL: Market Data Nord Pool. NORDPOOL. https://www.nordpoolgroup.com/Market-data1/Power-system-data/Consumption1/Consumption/ALL/Hourly1/?view=table. Accessed 30 April 2018

Download references

Author information

Authors and Affiliations

  1. Edinburgh Napier University, Edinburgh, Scotland, UK

    Andres Robles-Durazno, Naghmeh Moradpoor, James McWhinnie, Gordon Russell & Inaki Maneru-Marin

Authors
  1. Andres Robles-Durazno
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Naghmeh Moradpoor
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. James McWhinnie
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Gordon Russell
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Inaki Maneru-Marin
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Andres Robles-Durazno .

Editor information

Editors and Affiliations

  1. Eindhoven University of Technology, Eindhoven, Noord-Brabant, The Netherlands

    Miguel Botto-Tobar

  2. Computer Science, Politecnica Salesiana University, Cuenca, Ecuador

    Guillermo Pizarro

  3. Facultad de Ingenieria, University of Cuenca, Cuenca, Ecuador

    Miguel Zúñiga-Prieto

  4. Universidad Estatal de Milagro, San Francisco de Milagro, Ecuador

    Mayra D’Armas

  5. Universidad Técnica de Babahoyo, Babahoyo, Ecuador

    Miguel Zúñiga Sánchez

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Robles-Durazno, A., Moradpoor, N., McWhinnie, J., Russell, G., Maneru-Marin, I. (2019). Implementation and Detection of Novel Attacks to the PLC Memory of a Clean Water Supply System. In: Botto-Tobar, M., Pizarro, G., Zúñiga-Prieto, M., D’Armas, M., Zúñiga Sánchez, M. (eds) Technology Trends. CITT 2018. Communications in Computer and Information Science, vol 895. Springer, Cham. https://doi.org/10.1007/978-3-030-05532-5_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-05532-5_7

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-05531-8

  • Online ISBN: 978-3-030-05532-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation