Abstract
Critical infrastructures such as nuclear plants and water supply systems are mainly managed through electronic control systems. Such control systems comprise of a number of elements, such as programmable logic controllers (PLC), networking devices, sensors and actuators. With the development of online and networking solutions, such control systems can be managed online. Even though network connected control systems permit users to keep up to date with system operation, it also opens the door to attackers taking advantages of such availability. In this paper, a novel attack vector for modifying PLC memory is proposed, which affects the perceived values of sensors, such as a water flow meter, or the operation of actuators, such as a pump. In addition, this attack vector can also manipulate control variables located in the PLC working memory, reprogramming decision making rules. To show the impact of the attacks in a real scenario, a model of a clean water supply system is implemented on a Festo MPA rig. The results show that the attacks on the PLC memory can have a significant detrimental effect on control system operations. Further, a mechanism of detecting such attacks on the PLC memory is proposed based on monitoring energy consumption and electrical signals using current-measurement sensors. The results show the successful implementation of the novel PLC attacks as well as the feasibility of detecting such attacks.
Keywords
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Kaspersky: Threat Landscape for Industrial Automation Systems in H1 2017, 20 May 2018. https://ics-cert.kaspersky.com/reports/2017/09/28/threat-landscape-for-industrial-automation-systems-in-h1-2017/
Secure water treatment (SWaT) Dataset, 21 May 2018. https://itrust.sutd.edu.sg/research/dataset/
Morris, T.H., Gao, W.: Industrial control system cyber attacks. In: Proceedings of the 1st International Symposium on ICS & SCADA Cyber Security Research 2013, Leicester (2013)
Bradley, T.: Water utility hacked: are critical systems at risk? PCWorld, 20 November 2011. https://www.pcworld.com/article/244359/water_utility_hacked_are_our_scada_systems_at_risk_.html. Accessed 30 April 2018
FESTO: MPS® PA Compact Workstation with level, flow rate, pressure and temperature controlled systems. http://www.festo-didactic.com/int-en/learning-systems/process-automation/compact-workstation/mps-pa-compact-workstation-with-level,flow-rate,pressure-and-temperature-controlled-systems.htm?fbid=aW50LmVuLjU1Ny4xNy4xOC44ODIuNDM3Ng
Khurum Nazir, J., Goh, J.: Behaviour-based attack detection and classification in cyber physical systems using machine learning. In: Proceedings of the 2nd ACM International Workshop on Cyber-Physical System Security, Xi’an, China (2016)
Adepu, S., Mathur, A.: An investigation into the response of a water treatment system to cyber attacks. In: 2016 IEEE 17th International Symposium on High Assurance Systems Engineering (HASE) (2016)
Terai, A., Abe, S., Kojima, S., Takano, Y., Koshijima, I.: Cyber-attack detection for industrial control system monitoring with support vector machine based on communication profile. In: 2017 IEEE European Symposium on Security and Privacy Workshops (EuroS PW) (2017)
Hurst, W., Merabti, M., Fergus, P.: Big data analysis techniques for cyber-threat detection in critical infrastructures. In: 28th International Conference on Advanced Information Networking and Applications Workshops (2014)
Inoue, J., Yamagata, Y., Chen, Y., Poskitt, C., Sun, J.: Anomaly detection for a water treatment system using unsupervised machine learning. In: IEEE International Conference on Data Mining Workshops (2017)
Goh, J., Adepu, S., Tan, M., Lee, Z.: Anomaly detection in cyber physical systems using recurrent neural networks. In: 2017 IEEE 18th International Symposium on High Assurance Systems Engineering (HASE) (2017)
Almalawi, A., Yu, X., Tari, Z., Fahad, A., Khalila, I.: An unsupervised anomaly-based detection approach for integrity attacks on SCADA systems. Comput. Secur. 46, 94 (2014)
Frank, A., Asuncion, A.: UCI machine learning repository, 12 May 2018. http://archive.ics.uci.edu/ml
Kamel, K., Kamel, E.: Programmable Logic Controllers: Industrial Control. McGraw-Hill Professional, New York (2013)
Bolton, W.: Input/output devices. In: Programmable Logic Controllers, Sixth Edn., Chap. 2, pp. 23–61. Newnes, Boston (2015)
Langner, R.: Stuxnet: dissecting a cyberwarfare weapon. IEEE Secur. Priv. 9, 49–51 (2011)
Shames, I., Texeira, A., Sandberg, H., Johansson, K.: Revealing stealthy attacks in control systems. In: 2012 50th Annual Allerton Conference on Communication, Control, and Computing (Allerton) (2012)
Urbina, D., et al.: Limiting the impact of stealthy attacks on industrial control systems. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna (2016)
Robles-Durazno, A., Moradpoor, N., McWhinnie, J., Russell, G.: A supervised energy monitoring-based machine learning approach for anomaly detection in a clean water supply system. In: Cyber Security 2018 (2018). Accepted for publication
NORDPOOL: Market Data Nord Pool. NORDPOOL. https://www.nordpoolgroup.com/Market-data1/Power-system-data/Consumption1/Consumption/ALL/Hourly1/?view=table. Accessed 30 April 2018
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Robles-Durazno, A., Moradpoor, N., McWhinnie, J., Russell, G., Maneru-Marin, I. (2019). Implementation and Detection of Novel Attacks to the PLC Memory of a Clean Water Supply System. In: Botto-Tobar, M., Pizarro, G., Zúñiga-Prieto, M., D’Armas, M., Zúñiga Sánchez, M. (eds) Technology Trends. CITT 2018. Communications in Computer and Information Science, vol 895. Springer, Cham. https://doi.org/10.1007/978-3-030-05532-5_7
Download citation
DOI: https://doi.org/10.1007/978-3-030-05532-5_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-05531-8
Online ISBN: 978-3-030-05532-5
eBook Packages: Computer ScienceComputer Science (R0)