Securing Current and Future Process Control Systems

  • Robert Cunningham
  • Steven Cheung
  • Martin Fong
  • Ulf Lindqvist
  • David Nicol
  • Ronald Pawlowski
  • Eric Robinson
  • William Sanders
  • Sankalp Singh
  • Alfonso Valdes
  • Bradley Woodworth
  • Michael Zhivich
Part of the IFIP International Federation for Information Processing book series (IFIPAICT, volume 253)

Process control systems (PCSs) are instrumental to the safe, reliable and efficient operation of many critical infrastructure components. However, PCSs increasingly employ commodity information technology (IT) elements and are being connected to the Internet. As a result, they have inherited IT cyber risks, threats and attacks that could affect the safe and reliable operation of infrastructure components, adversely affecting human safety and the economy. This paper focuses on the problem of securing current and future PCSs, and describes tools that automate the task. For current systems, we advocate specifying a policy that restricts control network access and verifying its implementation. We further advocate monitoring the control network to ensure policy implementation and verify that network use matches the design specifications. For future process control networks, we advocate hosting critical PCS software on platforms that tolerate malicious activity and protect PCS processes, and testing software with specialized tools to ensure that certain classes of vulnerabilities are absent prior to shipping.

Keywords: Process control systems, access control, intrusion detection, secure platforms, vulnerability testing


Intrusion Detection Intrusion Detection System Process Control System Enterprise Network Access Control Mechanism 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 3Com Corporation, 3Com embedded firewall solution (www.3com. com/ other/pdfs/products/en US/400741. pdf), 2006.
  2. [2]
    T. Aubuchon, I. Susanto and B. Peterson, Oil and gas industry partner- ship with government to improve cyber security, presented at the SPE International Oil and Gas Conference, 2006.Google Scholar
  3. [3]
    S. Boyer, SCADA: Supervisory Control and Data Acquisition, Instrumen- tation, Systems and Automation Society, Research Triangle Park, North Carolina, 2004.Google Scholar
  4. [4]
    E. Byres, J. Carter, A. Elramly and D. Hoffman, Worlds in collision: Eth- ernet on the plant floor, Proceedings of the ISA Emerging Technologies Conference, 2002.Google Scholar
  5. [5]
    S. Cheung, B. Dutertre, M. Fong, U. Lindqvist, K. Skinner and A. Valdes, Using model-based intrusion detection for SCADA networks, presented at the SCADA Security Scientific Syposium, 2007.Google Scholar
  6. Cisco Systems, Cisco security agent ( com/en/US/products/sw/secursw/ps5057/index. html), 2006.
  7. [7]
    C. Cowan, C. Pu, D. Maier, H. Hinton, J. Walpole, P. Bakke, S. Beattie, A. Grier, P. Wagle and Q. Zhang, StackGuard: Automatic adaptive detection and prevention of buffer overflow attacks, Proceedings of the Seventh USENIX Security Symposium, pp. 63-78, 1998.Google Scholar
  8. Digital Bond, SCADA IDS signatures (digitalbond. com/index. php/category/scada-ids), 2005.Google Scholar
  9. Edison Design Group, C++ front end (www.edg. com/index. php?location=c frontend), 2006.
  10. [10]
    J. Eisenhauer, P. Donnelly, M. Elllis and M. O’Brien, Roadmap to Secure Control Systems in the Energy Sector, Energetics, Columbia, Maryland, 2006.Google Scholar
  11. Embedded C++ Technical Committee, The embedded C++ specification ( net/ec2plus/spec. html), 2006.
  12. [12]
    P. Heidelberger, Fast simulation of rare events in queueing and reliability models, ACM Transactions on Modeling and Computer Simulations, vol. 5(1), pp. 43-85, 1995.CrossRefMATHGoogle Scholar
  13. [13]
    V. Kiriansky, D. Bruening and S. Amarasinghe, Secure execution via program shepherding, Proceedings of the Eleventh USENIX Security Symposium, pp. 191-206, 2002.Google Scholar
  14. [14]
    R. Lindner, Software development at a Baldridge winner: IBM Rochester, presented at the Total Quality Management for Software Conference, 1991.Google Scholar
  15. [15]
    U. Lindqvist and P. Porras, Detecting computer and network misuse through the production-based expert system toolset (P-BEST), Proceed-ings of the IEEE Symposium on Security and Privacy, pp. 146-161, 1999.Google Scholar
  16. National Institute of Standards and Technology, CVE-2004-0775: Buffer overflow in WIDCOMM Bluetooth Connectivity Software (nvd. nist. gov/ nvd. cfm?cvename=CVE-2004-0775), 2005.Google Scholar
  17. National Institute of Standards and Technology, CVE-2004-1390: Multiple buffer overflows in the PPPoE daemon (nvd. nist. gov/nvd. cfm?cvename =CVE-2004-1390), 2005.Google Scholar
  18. National Institute of Standards and Technology, National Vulnerability Database Version 2. 0 (nvd. nist. gov), 2007.Google Scholar
  19. National Security Agency, Security-enhanced Linux (www.nsa. gov/selinux/index. cfm).
  20. netfilter. org, The netfilter. org iptables project (www.).
  21. [21]
    P. Neumann and R. Feiertag, PSOS revisited, Proceedings of the Nineteenth Annual Computer Security Applications Conference, pp. 208-216, 2003.CrossRefGoogle Scholar
  22. [22]
    C. Piller, Hackers target energy industry, Los Angeles Times, July 8, 2002.Google Scholar
  23. [23]
    P. Porras, M. Fong and A. Valdes, A mission-impact-based approach to INFOSEC alarm correlation, in Recent Advances in Intrusion Detection (LNCS 2516), A. Wespi, G. Vigna and L. Deri (Eds. ), Springer, Berlin- Heilderberg, pp. 95-114, 2002.CrossRefGoogle Scholar
  24. M. Roesch, Snort: Lightweight intrusion detection for networks, presented at the Thirteenth USENIX Systems Administration Conference, 1999.Google Scholar
  25. [25]
    O. Ruwase and M. Lam, A practical dynamic buffer overflow detector, Proceedings of the Network and Distributed System Security Symposium, pp. 159-169, 2004.Google Scholar
  26. [26]
    S. Singh, J. Lyons and D. Nicol, Fast model-based penetration testing, Proceedings of the 2004 Winter Simulation Conference, pp. 309-317, 2004.Google Scholar
  27. [27]
    S. Smith, Trusted Computing Platforms: Design and Applications, Springer, New York, 2005.CrossRefMATHGoogle Scholar
  28. [28]
    K. Stouffer, J. Falco and K. Kent, Guide to Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems Security -Initial Public Draft, National Institute of Standards and Technology, Gaithersburg, Maryland, 2006.Google Scholar
  29. [29]
    A. Valdes and K. Skinner, Adaptive model-based monitoring for cyber attack detection, in Recent Advances in Intrusion Detection (LNCS 1907), H. Debar, L. Me and S. Wu (Eds. ), Springer, Berlin-Heilderberg, pp. 80-92, 2000.CrossRefGoogle Scholar
  30. [30]
    A. Valdes and K. Skinner, Probabilistic alert correlation, in Recent Advances in Intrusion Detection (LNCS 2212), W. Lee, L. Me and A. Wespi (Eds. ), Springer, Berlin-Heidelberg, pp. 54-68, 2001.CrossRefGoogle Scholar
  31. [31]
    A. Wool, A quantitative study of firewall configuration errors, IEEE Computer, vol. 37(6), pp. 62-67, 2004.CrossRefGoogle Scholar
  32. [32]
    M. Zhivich, Detecting Buffer Overflows Using Testcase Synthesis and Code Instrumentation, M. S. Thesis, Department of Electrical Engineering and Computer Sciences, Massachusetts Institute of Technology, Cambridge, Massachusetts, 2005.Google Scholar
  33. [33]
    M. Zitser, R. Lippmann and T. Leek, Testing static analysis tools using exploitable buffer overflows from open-source code, Proceedings of the International Symposium on the Foundations of Software Engineering, pp. 97-106, 2004.Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2008

Authors and Affiliations

  • Robert Cunningham
    • 1
  • Steven Cheung
    • 2
  • Martin Fong
    • 2
  • Ulf Lindqvist
    • 2
  • David Nicol
    • 3
  • Ronald Pawlowski
    • 4
  • Eric Robinson
    • 4
  • William Sanders
    • 3
  • Sankalp Singh
    • 5
  • Alfonso Valdes
    • 2
  • Bradley Woodworth
    • 6
  • Michael Zhivich
    • 7
  1. 1.Information Systems Technology GroupMIT Lincoln LaboratoryLexingtonUSA
  2. 2.SRI InternationalMenlo ParkUSA
  3. 3.Electrical and Computer EngineeringUniversity of Illinois at Urbana-ChampaignUrbanaUSA
  4. 4.Pacific Northwest National Laboratory in RichlandWashingtonUSA
  5. 5.Computer ScienceUniversity of Illinois at Urbana-ChampaignUrbanaUSA
  6. 6.Pacific Northwest National Laboratory in RichlandWashingtonUSA
  7. 7.MIT Lincoln LaboratoryLexingtonUSA

Personalised recommendations