Securing Current and Future Process Control Systems
Process control systems (PCSs) are instrumental to the safe, reliable and efficient operation of many critical infrastructure components. However, PCSs increasingly employ commodity information technology (IT) elements and are being connected to the Internet. As a result, they have inherited IT cyber risks, threats and attacks that could affect the safe and reliable operation of infrastructure components, adversely affecting human safety and the economy. This paper focuses on the problem of securing current and future PCSs, and describes tools that automate the task. For current systems, we advocate specifying a policy that restricts control network access and verifying its implementation. We further advocate monitoring the control network to ensure policy implementation and verify that network use matches the design specifications. For future process control networks, we advocate hosting critical PCS software on platforms that tolerate malicious activity and protect PCS processes, and testing software with specialized tools to ensure that certain classes of vulnerabilities are absent prior to shipping.
Keywords: Process control systems, access control, intrusion detection, secure platforms, vulnerability testing
KeywordsIntrusion Detection Intrusion Detection System Process Control System Enterprise Network Access Control Mechanism
- 3Com Corporation, 3Com embedded firewall solution (www.3com. com/ other/pdfs/products/en US/400741. pdf), 2006.
- T. Aubuchon, I. Susanto and B. Peterson, Oil and gas industry partner- ship with government to improve cyber security, presented at the SPE International Oil and Gas Conference, 2006.Google Scholar
- S. Boyer, SCADA: Supervisory Control and Data Acquisition, Instrumen- tation, Systems and Automation Society, Research Triangle Park, North Carolina, 2004.Google Scholar
- E. Byres, J. Carter, A. Elramly and D. Hoffman, Worlds in collision: Eth- ernet on the plant floor, Proceedings of the ISA Emerging Technologies Conference, 2002.Google Scholar
- S. Cheung, B. Dutertre, M. Fong, U. Lindqvist, K. Skinner and A. Valdes, Using model-based intrusion detection for SCADA networks, presented at the SCADA Security Scientific Syposium, 2007.Google Scholar
- Cisco Systems, Cisco security agent (www.cisco. com/en/US/products/sw/secursw/ps5057/index. html), 2006.
- C. Cowan, C. Pu, D. Maier, H. Hinton, J. Walpole, P. Bakke, S. Beattie, A. Grier, P. Wagle and Q. Zhang, StackGuard: Automatic adaptive detection and prevention of buffer overflow attacks, Proceedings of the Seventh USENIX Security Symposium, pp. 63-78, 1998.Google Scholar
- Digital Bond, SCADA IDS signatures (digitalbond. com/index. php/category/scada-ids), 2005.Google Scholar
- Edison Design Group, C++ front end (www.edg. com/index. php?location=c frontend), 2006.
- J. Eisenhauer, P. Donnelly, M. Elllis and M. O’Brien, Roadmap to Secure Control Systems in the Energy Sector, Energetics, Columbia, Maryland, 2006.Google Scholar
- Embedded C++ Technical Committee, The embedded C++ specification (www.caravan. net/ec2plus/spec. html), 2006.
- V. Kiriansky, D. Bruening and S. Amarasinghe, Secure execution via program shepherding, Proceedings of the Eleventh USENIX Security Symposium, pp. 191-206, 2002.Google Scholar
- R. Lindner, Software development at a Baldridge winner: IBM Rochester, presented at the Total Quality Management for Software Conference, 1991.Google Scholar
- U. Lindqvist and P. Porras, Detecting computer and network misuse through the production-based expert system toolset (P-BEST), Proceed-ings of the IEEE Symposium on Security and Privacy, pp. 146-161, 1999.Google Scholar
- National Institute of Standards and Technology, CVE-2004-0775: Buffer overflow in WIDCOMM Bluetooth Connectivity Software (nvd. nist. gov/ nvd. cfm?cvename=CVE-2004-0775), 2005.Google Scholar
- National Institute of Standards and Technology, CVE-2004-1390: Multiple buffer overflows in the PPPoE daemon (nvd. nist. gov/nvd. cfm?cvename =CVE-2004-1390), 2005.Google Scholar
- National Institute of Standards and Technology, National Vulnerability Database Version 2. 0 (nvd. nist. gov), 2007.Google Scholar
- National Security Agency, Security-enhanced Linux (www.nsa. gov/selinux/index. cfm).
- netfilter. org, The netfilter. org iptables project (www.).
- C. Piller, Hackers target energy industry, Los Angeles Times, July 8, 2002.Google Scholar
- M. Roesch, Snort: Lightweight intrusion detection for networks, presented at the Thirteenth USENIX Systems Administration Conference, 1999.Google Scholar
- O. Ruwase and M. Lam, A practical dynamic buffer overflow detector, Proceedings of the Network and Distributed System Security Symposium, pp. 159-169, 2004.Google Scholar
- S. Singh, J. Lyons and D. Nicol, Fast model-based penetration testing, Proceedings of the 2004 Winter Simulation Conference, pp. 309-317, 2004.Google Scholar
- K. Stouffer, J. Falco and K. Kent, Guide to Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems Security -Initial Public Draft, National Institute of Standards and Technology, Gaithersburg, Maryland, 2006.Google Scholar
- M. Zhivich, Detecting Buffer Overflows Using Testcase Synthesis and Code Instrumentation, M. S. Thesis, Department of Electrical Engineering and Computer Sciences, Massachusetts Institute of Technology, Cambridge, Massachusetts, 2005.Google Scholar
- M. Zitser, R. Lippmann and T. Leek, Testing static analysis tools using exploitable buffer overflows from open-source code, Proceedings of the International Symposium on the Foundations of Software Engineering, pp. 97-106, 2004.Google Scholar