Skip navigation

ARMET: behavior-based secure and resilient industrial control systems

ARMET: behavior-based secure and resilient industrial control systems

Khan, Muhammad Taimoor ORCID: 0000-0002-5752-6420, Serpanos, Dimitrios and Shrobe, Howard (2017) ARMET: behavior-based secure and resilient industrial control systems. Proceedings of the IEEE, 106 (1). pp. 129-143. ISSN 0018-9219 (Print), 1558-2256 (Online) (doi:https://doi.org/10.1109/JPROC.2017.2725642)

[img]
Preview
PDF (Author's Accepted Manuscript)
24371 KHAN_ARMET_Behavior-based_Industrial_Control_Systems_(AAM)_2018.pdf - Accepted Version

Download (1MB) | Preview

Abstract

In this paper, we introduce a design methodology to develop reliable and secure industrial control systems (ICSs) based on the behavior of their computational resources (i.e., process/application) and underlying physical resources (e.g., the controlled plant). The methodology has three independent, but complementary, components that employ novel approaches and techniques in the design of reliable and secure ICSs. First, we introduce reliable-and-secure-by-design development of secure industrial control applications through stepwise sound refinement of an executable specification, employing deductive synthesis to enforce functional and nonfunctional (e.g., security and safety) properties of ICS applications. Second, we present a runtime security monitor at the middleware level of ICSs that protects ICS operation in the field through comparison of the application execution and the application specification execution in real time; the runtime security monitor can be synthesized from the executable specification. Finally, based on the specification, we perform a vulnerability analysis for false data injection (FDI) attacks, which leads to ICS application designs that are resilient to this type of attacks. We demonstrate the methodology through its application to a basic and typical ICS example application, describing all the tools used and ARMET, the middleware monitor that constitutes the core component of the methodology.

Item Type: Article
Uncontrolled Keywords: security, integrated circuits, safety, information and communication technology, runtime, sensors, industrial control, cyber-physical, systems, design methodology, computer crime, computer security
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Faculty / School / Research Centre / Research Group: Faculty of Engineering & Science > Internet of Things and Security Research Centre (ISEC)
Faculty of Engineering & Science > School of Computing & Mathematical Sciences (CMS)
Faculty of Engineering & Science
Last Modified: 04 Mar 2022 13:07
URI: http://gala.gre.ac.uk/id/eprint/24371

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year

View more statistics