The leaky actuator: A provably-covert channel in cyber physical systems

Amir Herzberg, Yehonatan Kfir

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

9 Scopus citations

Abstract

Strict regulations and security practices of critical cyber-physical systems, such as nuclear plants, require complete isolation between their data-acquisition zone and their safety and security zones. Isolation methods range from firewall devices, to 'data diodes' that only allow one-way communication. In this work we explore a possible threat bypassing existing isolation methods by communicating through the physical process. Specifically, we show how a corrupt actuator in one zone can send covert information to a sensor in a different zone, breaking the isolation. This may allow an attack where the actuator is intentionally malfunctioning, and the sensor is intentionally masking the malfunction. Furthermore, we show that under certain assumptions, such communication can be provably covert. Namely, it cannot be efficiently detected, by current and future detection systems. This has important implications for the design of security and safety mechanisms for critical cyber-physical systems.

Original languageEnglish
Title of host publicationCPS-SPC 2019 - Proceedings of the ACM Workshop on Cyber-Physical Systems Security and Privacy
PublisherAssociation for Computing Machinery
Pages87-98
Number of pages12
ISBN (Electronic)9781450368315
DOIs
StatePublished - 11 Nov 2019
Event5th ACM Workshop on Cyber-Physical Systems Security and PrivaCy, CPS-SPC 2019, in conjunction with the 26th ACM Conference on Computer and Communications Security, CCS 2019 - London, United Kingdom
Duration: 11 Nov 2019 → …

Publication series

NameProceedings of the ACM Conference on Computer and Communications Security
ISSN (Print)1543-7221

Conference

Conference5th ACM Workshop on Cyber-Physical Systems Security and PrivaCy, CPS-SPC 2019, in conjunction with the 26th ACM Conference on Computer and Communications Security, CCS 2019
Country/TerritoryUnited Kingdom
CityLondon
Period11/11/19 → …

Bibliographical note

Publisher Copyright:
© 2019 Association for Computing Machinery.

Funding

This research is in part supported by an endowment from the Comcast corporation. The opinions expressed in the paper are those of the researchers themselves and not of their universities or of Comcast. We would like to acknowledge Dvir Shemesh for his support in this research. ACKNOWLEDGEMENTS: This research is in part supported by an endowment from the Comcast corporation. The opinions expressed in the paper are those of the researchers themselves and not of their universities or of Comcast. We would like to acknowledge Dvir Shemesh for his support in this research.

FundersFunder number
Comcast corporation
Comcast

    Keywords

    • Covert channel
    • Cyber physical systems
    • Cyber security
    • Intrusion detection

    Fingerprint

    Dive into the research topics of 'The leaky actuator: A provably-covert channel in cyber physical systems'. Together they form a unique fingerprint.

    Cite this