Abstract
Programmable Logic Controllers (PLCs) are a family of embedded devices that are being used to control physical processes in critical infrastructures. Similar to other embedded devices, PLCs are vulnerable to memory corruption and control-flow hijacking attacks. Because PLCs are being used for critical control applications, compromised PLCs constitute a significant security and safety risk.
In this paper, we introduce a novel, PLC-compatible control-flow integrity (CFI) mechanism named ECFI to protect such devices from control-flow hijacking attacks. Our CFI approach is the first system for real-time PLCs and considers the runtime operation of the PLC as the highest priority. We implemented a prototype of ECFI and tested it in a real-world industrial PLC against different kinds of attacks. Our performance evaluation demonstrates that ECFI is an efficient, non-intrusive CFI solution that does not impose notable performance overhead and maintains the timeliness of PLC runtime operations, a critical property for this kind of embedded systems.
In this paper, we introduce a novel, PLC-compatible control-flow integrity (CFI) mechanism named ECFI to protect such devices from control-flow hijacking attacks. Our CFI approach is the first system for real-time PLCs and considers the runtime operation of the PLC as the highest priority. We implemented a prototype of ECFI and tested it in a real-world industrial PLC against different kinds of attacks. Our performance evaluation demonstrates that ECFI is an efficient, non-intrusive CFI solution that does not impose notable performance overhead and maintains the timeliness of PLC runtime operations, a critical property for this kind of embedded systems.
Original language | English |
---|---|
Title of host publication | ACSAC 2017 |
Subtitle of host publication | Proceedings of the 33rd Annual Computer Security Applications Conference, Orlando, FL, USA, December 4-8, 2017 |
Publisher | Association for Computing Machinery |
Pages | 437-448 |
ISBN (Print) | 978-1-4503-5345-8 |
DOIs | |
Publication status | Published - 2 Dec 2017 |
Event | 33nd Annual Computer Security Applications Conference 2017 - Orlando, United States Duration: 4 Dec 2017 → 8 Dec 2017 Conference number: 33 https://www.acsac.org |
Conference
Conference | 33nd Annual Computer Security Applications Conference 2017 |
---|---|
Abbreviated title | ACSAC 2017 |
Country/Territory | United States |
City | Orlando |
Period | 4/12/17 → 8/12/17 |
Internet address |
Keywords
- PLC
- Real-Time
- Industrial control systems
- Embedded system
- Cyber Security