Resilience via Blackbox Self-Piloting Plants

Michel Barbeau; Joaquin Garcia-Alfaro; Christian Lübben; Marc Oliver Pahl; Lars Wüstrich

Resilience via Blackbox Self-Piloting Plants

Michel Barbeau
, Joaquin Garcia-Alfaro
, Christian Lübben
, Marc Oliver Pahl
, Lars Wüstrich

Carleton University, School of Computer Science
C&ESAR'22: Computer & Electronics Security Application Rendezvous
Critical Networked Infrastructures
Technical University of Munich
Chair for Network Architectures and Services
IRISA

Résultats de recherche: Contribution à un journal › Article de conférence › Revue par des pairs

Résumé

Distributed control is a reality of today's industrial automation and systems. Parts of a system are on-site, and other elements are on the edge of the cloud. The overall system-functioning relies on the reliable operation of local and remote components. However, all system parts can be attacked. Typically, local entities of a cyber-physical system, such as robot arms or conveyor belts, get affected by cyber attacks. However, attacking the control and monitoring channels between a plant and its remote controller is attractive, too. There is a diversity of attacks, such as manipulating a plant's input signals, controller logic, and output signals. To detect and mitigate the impact of such various attacks and to make a plant more resilient, we introduce a self-learning controller proxy in the plant's communication channel to the controller. It acts as a local trust anchor to the commands received from a remote controller. It does black box self-learning of the controller algorithms and audits its operations. Once an attack is detected, the plant pivots into self-piloting mode. We investigate design alternatives for the controller proxy. We evaluate how complex the control algorithms can be to enable self-piloting resilience.

langue originale	Anglais
Pages (de - à)	35-46
Nombre de pages	12
journal	CEUR Workshop Proceedings
Volume	3329
état	Publié - 1 janv. 2022
Evénement	29th Computer and Electronics Security Application Rendezvous, C and ESAR 2022 - Rennes, France Durée: 15 nov. 2022 → 16 nov. 2022

Autres fichiers et liens

Lien vers la publication dans Scopus

Contient cette citation

@article{6a89ff0f5aca4cc7863dc857327518aa,

title = "Resilience via Blackbox Self-Piloting Plants",

abstract = "Distributed control is a reality of today's industrial automation and systems. Parts of a system are on-site, and other elements are on the edge of the cloud. The overall system-functioning relies on the reliable operation of local and remote components. However, all system parts can be attacked. Typically, local entities of a cyber-physical system, such as robot arms or conveyor belts, get affected by cyber attacks. However, attacking the control and monitoring channels between a plant and its remote controller is attractive, too. There is a diversity of attacks, such as manipulating a plant's input signals, controller logic, and output signals. To detect and mitigate the impact of such various attacks and to make a plant more resilient, we introduce a self-learning controller proxy in the plant's communication channel to the controller. It acts as a local trust anchor to the commands received from a remote controller. It does black box self-learning of the controller algorithms and audits its operations. Once an attack is detected, the plant pivots into self-piloting mode. We investigate design alternatives for the controller proxy. We evaluate how complex the control algorithms can be to enable self-piloting resilience.",

keywords = "Cyber-Physical System, Networked-Control Systems, incident response, resilience, security",

author = "Michel Barbeau and Joaquin Garcia-Alfaro and Christian L{\"u}bben and Pahl, \{Marc Oliver\} and Lars W{\"u}strich",

note = "Publisher Copyright: {\textcopyright}2022 Copyright for this paper by its authors.; 29th Computer and Electronics Security Application Rendezvous, C and ESAR 2022 ; Conference date: 15-11-2022 Through 16-11-2022",

year = "2022",

month = jan,

day = "1",

language = "English",

volume = "3329",

pages = "35--46",

journal = "CEUR Workshop Proceedings",

issn = "1613-0073",

}

TY - JOUR

T1 - Resilience via Blackbox Self-Piloting Plants

AU - Barbeau, Michel

AU - Garcia-Alfaro, Joaquin

AU - Lübben, Christian

AU - Pahl, Marc Oliver

AU - Wüstrich, Lars

PY - 2022/1/1

Y1 - 2022/1/1

N2 - Distributed control is a reality of today's industrial automation and systems. Parts of a system are on-site, and other elements are on the edge of the cloud. The overall system-functioning relies on the reliable operation of local and remote components. However, all system parts can be attacked. Typically, local entities of a cyber-physical system, such as robot arms or conveyor belts, get affected by cyber attacks. However, attacking the control and monitoring channels between a plant and its remote controller is attractive, too. There is a diversity of attacks, such as manipulating a plant's input signals, controller logic, and output signals. To detect and mitigate the impact of such various attacks and to make a plant more resilient, we introduce a self-learning controller proxy in the plant's communication channel to the controller. It acts as a local trust anchor to the commands received from a remote controller. It does black box self-learning of the controller algorithms and audits its operations. Once an attack is detected, the plant pivots into self-piloting mode. We investigate design alternatives for the controller proxy. We evaluate how complex the control algorithms can be to enable self-piloting resilience.

AB - Distributed control is a reality of today's industrial automation and systems. Parts of a system are on-site, and other elements are on the edge of the cloud. The overall system-functioning relies on the reliable operation of local and remote components. However, all system parts can be attacked. Typically, local entities of a cyber-physical system, such as robot arms or conveyor belts, get affected by cyber attacks. However, attacking the control and monitoring channels between a plant and its remote controller is attractive, too. There is a diversity of attacks, such as manipulating a plant's input signals, controller logic, and output signals. To detect and mitigate the impact of such various attacks and to make a plant more resilient, we introduce a self-learning controller proxy in the plant's communication channel to the controller. It acts as a local trust anchor to the commands received from a remote controller. It does black box self-learning of the controller algorithms and audits its operations. Once an attack is detected, the plant pivots into self-piloting mode. We investigate design alternatives for the controller proxy. We evaluate how complex the control algorithms can be to enable self-piloting resilience.

KW - Cyber-Physical System

KW - Networked-Control Systems

KW - incident response

KW - resilience

KW - security

UR - https://www.scopus.com/pages/publications/85146717643

M3 - Conference article

AN - SCOPUS:85146717643

SN - 1613-0073

VL - 3329

SP - 35

EP - 46

JO - CEUR Workshop Proceedings

JF - CEUR Workshop Proceedings

T2 - 29th Computer and Electronics Security Application Rendezvous, C and ESAR 2022

Y2 - 15 November 2022 through 16 November 2022

ER -

Resilience via Blackbox Self-Piloting Plants

Résumé

Autres fichiers et liens

Empreinte digitale

Contient cette citation