ECFI: Asynchronous Control Flow Integrity for Programmable Logic Controllers

Ali  Abbasi; Thorsten Holz; Emmanuele Zambon; Sandro  Etalle

doi:10.1145/3134600.3134618

ECFI: Asynchronous Control Flow Integrity for Programmable Logic Controllers

Ali Abbasi, Thorsten Holz, Emmanuele Zambon, Sandro Etalle

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

13 Citations (Scopus)

128 Downloads (Pure)

Abstract

Programmable Logic Controllers (PLCs) are a family of embedded devices that are being used to control physical processes in critical infrastructures. Similar to other embedded devices, PLCs are vulnerable to memory corruption and control-flow hijacking attacks. Because PLCs are being used for critical control applications, compromised PLCs constitute a significant security and safety risk.

In this paper, we introduce a novel, PLC-compatible control-flow integrity (CFI) mechanism named ECFI to protect such devices from control-flow hijacking attacks. Our CFI approach is the first system for real-time PLCs and considers the runtime operation of the PLC as the highest priority. We implemented a prototype of ECFI and tested it in a real-world industrial PLC against different kinds of attacks. Our performance evaluation demonstrates that ECFI is an efficient, non-intrusive CFI solution that does not impose notable performance overhead and maintains the timeliness of PLC runtime operations, a critical property for this kind of embedded systems.

Original language	English
Title of host publication	ACSAC 2017
Subtitle of host publication	Proceedings of the 33rd Annual Computer Security Applications Conference, Orlando, FL, USA, December 4-8, 2017
Publisher	Association for Computing Machinery (ACM)
Pages	437-448
ISBN (Print)	978-1-4503-5345-8
DOIs	https://doi.org/10.1145/3134600.3134618
Publication status	Published - 2 Dec 2017
Event	33nd Annual Computer Security Applications Conference 2017 - Orlando, United States Duration: 4 Dec 2017 → 8 Dec 2017 Conference number: 33 https://www.acsac.org

Conference

Conference	33nd Annual Computer Security Applications Conference 2017
Abbreviated title	ACSAC 2017
Country	United States
City	Orlando
Period	4/12/17 → 8/12/17
Internet address	https://www.acsac.org

Keywords

PLC
Real-Time
Industrial control systems
Embedded system
Cyber Security

Access to Document

10.1145/3134600.3134618

ECFI-ACSAC17

Fingerprint Dive into the research topics of 'ECFI: Asynchronous Control Flow Integrity for Programmable Logic Controllers'. Together they form a unique fingerprint.

Cite this

@inproceedings{9b24b643c84940f89f286f4c785e7bb2,

title = "ECFI: Asynchronous Control Flow Integrity for Programmable Logic Controllers",

abstract = "Programmable Logic Controllers (PLCs) are a family of embedded devices that are being used to control physical processes in critical infrastructures. Similar to other embedded devices, PLCs are vulnerable to memory corruption and control-flow hijacking attacks. Because PLCs are being used for critical control applications, compromised PLCs constitute a significant security and safety risk. In this paper, we introduce a novel, PLC-compatible control-flow integrity (CFI) mechanism named ECFI to protect such devices from control-flow hijacking attacks. Our CFI approach is the first system for real-time PLCs and considers the runtime operation of the PLC as the highest priority. We implemented a prototype of ECFI and tested it in a real-world industrial PLC against different kinds of attacks. Our performance evaluation demonstrates that ECFI is an efficient, non-intrusive CFI solution that does not impose notable performance overhead and maintains the timeliness of PLC runtime operations, a critical property for this kind of embedded systems.",

keywords = "PLC, Real-Time, Industrial control systems, Embedded system, Cyber Security",

author = "Ali Abbasi and Thorsten Holz and Emmanuele Zambon and Sandro Etalle",

year = "2017",

month = dec,

day = "2",

doi = "10.1145/3134600.3134618",

language = "English",

isbn = "978-1-4503-5345-8",

pages = "437--448",

booktitle = "ACSAC 2017",

publisher = "Association for Computing Machinery (ACM)",

address = "United States",

note = "33nd Annual Computer Security Applications Conference 2017 , ACSAC 2017 ; Conference date: 04-12-2017 Through 08-12-2017",

url = "https://www.acsac.org",

}

Abbasi, A, Holz, T, Zambon, E & Etalle, S 2017, ECFI: Asynchronous Control Flow Integrity for Programmable Logic Controllers. in ACSAC 2017: Proceedings of the 33rd Annual Computer Security Applications Conference, Orlando, FL, USA, December 4-8, 2017. Association for Computing Machinery (ACM), pp. 437-448, 33nd Annual Computer Security Applications Conference 2017 , Orlando, United States, 4/12/17. https://doi.org/10.1145/3134600.3134618

ECFI: Asynchronous Control Flow Integrity for Programmable Logic Controllers. / Abbasi, Ali ; Holz, Thorsten; Zambon, Emmanuele; Etalle, Sandro .

ACSAC 2017: Proceedings of the 33rd Annual Computer Security Applications Conference, Orlando, FL, USA, December 4-8, 2017. Association for Computing Machinery (ACM), 2017. p. 437-448.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - ECFI: Asynchronous Control Flow Integrity for Programmable Logic Controllers

AU - Abbasi, Ali

AU - Holz, Thorsten

AU - Zambon, Emmanuele

AU - Etalle, Sandro

N1 - Conference code: 33

PY - 2017/12/2

Y1 - 2017/12/2

N2 - Programmable Logic Controllers (PLCs) are a family of embedded devices that are being used to control physical processes in critical infrastructures. Similar to other embedded devices, PLCs are vulnerable to memory corruption and control-flow hijacking attacks. Because PLCs are being used for critical control applications, compromised PLCs constitute a significant security and safety risk. In this paper, we introduce a novel, PLC-compatible control-flow integrity (CFI) mechanism named ECFI to protect such devices from control-flow hijacking attacks. Our CFI approach is the first system for real-time PLCs and considers the runtime operation of the PLC as the highest priority. We implemented a prototype of ECFI and tested it in a real-world industrial PLC against different kinds of attacks. Our performance evaluation demonstrates that ECFI is an efficient, non-intrusive CFI solution that does not impose notable performance overhead and maintains the timeliness of PLC runtime operations, a critical property for this kind of embedded systems.

AB - Programmable Logic Controllers (PLCs) are a family of embedded devices that are being used to control physical processes in critical infrastructures. Similar to other embedded devices, PLCs are vulnerable to memory corruption and control-flow hijacking attacks. Because PLCs are being used for critical control applications, compromised PLCs constitute a significant security and safety risk. In this paper, we introduce a novel, PLC-compatible control-flow integrity (CFI) mechanism named ECFI to protect such devices from control-flow hijacking attacks. Our CFI approach is the first system for real-time PLCs and considers the runtime operation of the PLC as the highest priority. We implemented a prototype of ECFI and tested it in a real-world industrial PLC against different kinds of attacks. Our performance evaluation demonstrates that ECFI is an efficient, non-intrusive CFI solution that does not impose notable performance overhead and maintains the timeliness of PLC runtime operations, a critical property for this kind of embedded systems.

KW - PLC

KW - Real-Time

KW - Industrial control systems

KW - Embedded system

KW - Cyber Security

U2 - 10.1145/3134600.3134618

DO - 10.1145/3134600.3134618

M3 - Conference contribution

SN - 978-1-4503-5345-8

SP - 437

EP - 448

BT - ACSAC 2017

PB - Association for Computing Machinery (ACM)

T2 - 33nd Annual Computer Security Applications Conference 2017

Y2 - 4 December 2017 through 8 December 2017

ER -