Abstract
Strict regulations and security practices of critical cyber-physical systems, such as nuclear plants, require complete isolation between their data-acquisition zone and their safety and security zones. Isolation methods range from firewall devices, to 'data diodes' that only allow one-way communication. In this work we explore a possible threat bypassing existing isolation methods by communicating through the physical process. Specifically, we show how a corrupt actuator in one zone can send covert information to a sensor in a different zone, breaking the isolation. This may allow an attack where the actuator is intentionally malfunctioning, and the sensor is intentionally masking the malfunction. Furthermore, we show that under certain assumptions, such communication can be provably covert. Namely, it cannot be efficiently detected, by current and future detection systems. This has important implications for the design of security and safety mechanisms for critical cyber-physical systems.
Original language | English |
---|---|
Title of host publication | CPS-SPC 2019 - Proceedings of the ACM Workshop on Cyber-Physical Systems Security and Privacy |
Publisher | Association for Computing Machinery |
Pages | 87-98 |
Number of pages | 12 |
ISBN (Electronic) | 9781450368315 |
DOIs | |
State | Published - 11 Nov 2019 |
Event | 5th ACM Workshop on Cyber-Physical Systems Security and PrivaCy, CPS-SPC 2019, in conjunction with the 26th ACM Conference on Computer and Communications Security, CCS 2019 - London, United Kingdom Duration: 11 Nov 2019 → … |
Publication series
Name | Proceedings of the ACM Conference on Computer and Communications Security |
---|---|
ISSN (Print) | 1543-7221 |
Conference
Conference | 5th ACM Workshop on Cyber-Physical Systems Security and PrivaCy, CPS-SPC 2019, in conjunction with the 26th ACM Conference on Computer and Communications Security, CCS 2019 |
---|---|
Country/Territory | United Kingdom |
City | London |
Period | 11/11/19 → … |
Bibliographical note
Publisher Copyright:© 2019 Association for Computing Machinery.
Funding
This research is in part supported by an endowment from the Comcast corporation. The opinions expressed in the paper are those of the researchers themselves and not of their universities or of Comcast. We would like to acknowledge Dvir Shemesh for his support in this research. ACKNOWLEDGEMENTS: This research is in part supported by an endowment from the Comcast corporation. The opinions expressed in the paper are those of the researchers themselves and not of their universities or of Comcast. We would like to acknowledge Dvir Shemesh for his support in this research.
Funders | Funder number |
---|---|
Comcast corporation | |
Comcast |
Keywords
- Covert channel
- Cyber physical systems
- Cyber security
- Intrusion detection