Advertisement

Converting an Electric Power Utility Network to Defend Against Crafted Inputs

  • Michael MillianEmail author
  • Prashant Anantharaman
  • Sergey Bratus
  • Sean Smith
  • Michael Locasto
Conference paper
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 570)

Abstract

This chapter proposes a roadmap that employs secure parsers to eliminate the possibility of input-handling vulnerabilities in industrial control systems. Industrial control systems are responsible for maintaining the integrity of power grids. Complex communications networks constitute the backbones of these systems. Communications in industrial control networks must be processed correctly and they should not crash devices or enable attackers to access networked devices. Language-theoretic security is the practice of comprehensive input handling using secure parsers. This chapter demonstrates that the existing collection of secure parsers for industrial control protocols can cover the communications needs of industrial control networks. It discusses the merits of guarding industrial control networks using secure parsers, proposes a triage procedure for implementation and summarizes the security benefits and lessons learned.

Keywords

Industrial control networks input handling language-theoretic parsers 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    P. Anantharaman, K. Palani, R. Brantley, G. Brown, S. Bratus and S. Smith, PhasorSec: Protocol security filters for wide-area measurement systems, Proceedings of the IEEE International Conference on Communications, Control and Computing Technologies for Smart Grids, 2018Google Scholar
  2. 2.
    S. Bratus, A. Crain, S. Hallberg, D. Hirsch, M. Patterson, M. Koo and S. Smith, Implementing a vertically-hardened DNP3 control stack for power applications, Proceedings of the Second Annual Industrial Control System Security Workshop, pp. 45–53, 2016Google Scholar
  3. 3.
    N. Chomsky, Three models for the description of language, IRE Transactions on Information Theory, vol. 2(3), pp. 113–124, 1956CrossRefGoogle Scholar
  4. 4.
    Dartmouth’s PKI/Trust Lab, C37.118PMU and dnp3, GitHub (github.com/Dartmouth-Trustlab), 2018Google Scholar
  5. 5.
    P. Ducklin, Anatomy of a “goto fail” – Apple’s SSL bug explained, plus an unofficial patch for OS X! Naked Security (nakedsecurity.sophos.com/2014/02/24/anatomy-of-a-goto-fail-apples-ssl-bug-explained-plus-an-unofficial-patch), February 24, 2014Google Scholar
  6. 6.
    Z. Durumeric, F. Li, J. Kasten, J. Amann, J. Beekman, M. Payer, N. Weaver, D. Adrian, V. Paxson and M. Bailey, The matter of Heartbleed, Proceedings of the Internet Measurement Conference, pp. 475–488, 2014Google Scholar
  7. 7.
    J. Freeman, Exploit ( & fix) Android “master key,” The Realm of the Avatar Blog (www.saurik.com/id/17), 2013Google Scholar
  8. 8.
    B. Galloway and G. Hancke, Introduction to industrial control networks, IEEE Communications Surveys and Tutorials, vol. 15(2), pp. 860–880, 2013CrossRefGoogle Scholar
  9. 9.
    L. Hay Newman, The Hail Mary plan to restart a hacked US electric grid, Wired, November 14, 2018Google Scholar
  10. 10.
    C. Hurd and M. McCarty, A Survey of Security Tools for the Industrial Control System Environment, INL/EXT-17-42229, Revision 1, Idaho National Laboratory, Idaho Falls, Idaho, 2017Google Scholar
  11. 11.
    Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), Recommended Practice: Improving Industrial Control System Cybersecurity with Defense-in-Depth Strategies, Idaho Falls, Idaho, 2016Google Scholar
  12. 12.
    P. Johnson, S. Bratus and S. Smith, Protecting against malicious bits on the wire: Automatically generating a USB protocol parser for a production kernel, Proceedings of the Thirty-Third Annual Computer Security Applications Conference, pp. 528–541, 2017Google Scholar
  13. 13.
    R. Lee, Detecting the Siemens S7 worm and similar capabilities, SANS Industrial Control Systems Security Blog (blogs.sans.org/industrial-control-systems/2016/05), May 8, 2016Google Scholar
  14. 14.
    F. Momot, S. Bratus, S. Hallberg and M. Patterson, The seven turrets of Babel: A taxonomy of LangSec errors and how to expunge them, Proceedings of the IEEE Cybersecurity Development Conference, pp. 45–52, 2016Google Scholar
  15. 15.
    Office of Cybersecurity, Energy Security and Emergency Response, From Innovation to Practice: Re-Designing Energy Delivery Systems to Survive Cyber Attacks, U.S. Department of Energy, Washington, DC (www.energy.gov/sites/prod/files/2018/09/f55/CEDS%20From%20Innovation%20to%20Practice%20FINAL_0.pdf), July 2018
  16. 16.
    M. Patterson, Parser combinations for binary formats, in C; Yes, in C; What? Don’t look at me like that, GitHub (github.com/UpstandingHackers/hammer), 2017Google Scholar
  17. 17.
    M. Spagnuolo, Abusing JSONP with Rosetta Flash, Michele Spagnuolo Blog (miki.it/blog/2014/7/8/abusing-jsonp-with-rosetta-flash), July 8, 2014Google Scholar
  18. 18.
    Symantec Security Response, ShellShock: All you need to know about the Bash Bug vulnerability, Symantec Security Response Blog (www.symantec.com/connect/blogs/shellshock-all-you-need-know-about-bash-bug-vulnerability), September 25, 2014
  19. 19.
    K. Torpey, The DAO disaster illustrates differing philosophies in Bitcoin and Ethereum, CoinGecko Buzz (www.coingecko.com/buzz/dao-disaster-differing-philosophies-bitcoin-ethereum), July 4, 2016
  20. 20.
    C. Veitch, J. Henry, B. Richardson and D. Hart, Microgrid Cyber Security Reference Architecture, Version 1.0, Sandia Report SAND2013-5472, Sandia National Laboratories, Albuquerque, New Mexico, 2013Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2019

Authors and Affiliations

  • Michael Millian
    • 1
    Email author
  • Prashant Anantharaman
    • 1
  • Sergey Bratus
    • 1
  • Sean Smith
    • 1
  • Michael Locasto
    • 1
  1. 1.Dartmouth CollegeHanoverUSA

Personalised recommendations