{"title":"CPS: stateful policy enforcement for control system device usage","authors":"Stephen E. McLaughlin","doi":"10.1145/2523649.2523673","DOIUrl":null,"url":null,"abstract":"Networked control systems used in energy, manufacturing, and transportation combine large, vulnerable attack surfaces with far overprovisioned privileges. Often, compromising a single computer or user account is sufficient to give an attacker free reign over physical machinery. Significant reduction of attack surface size is an ongoing problem, so we shift our focus to reducing the privileges granted to system operators and embedded controllers. To this end, we introduce C2, an enforcement mechanism for policies governing the usage of electromechanical devices. In presenting C2, we address two basic problems: (i.) How should a policy for physical device usage be expressed and enforced? This is a challenging question, as the safe usage of physical devices is dependent on mechanical limitations and the behavior of nearby devices. (ii.) What actions should be taken if a physical machine is issued an operation that violates the policy? C2 takes measures to ensure unsafe behaviors are not caused when denying slightly erroneous yet legitimate operations. We evaluate C2 against six representative control systems, and show that it can efficiently perform policy checks with less than 3.7% overhead, while not introducing new unsafe behaviors into a control system.","PeriodicalId":127404,"journal":{"name":"Proceedings of the 29th Annual Computer Security Applications Conference","volume":"14 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-12-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"40","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 29th Annual Computer Security Applications Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2523649.2523673","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 40
Abstract
Networked control systems used in energy, manufacturing, and transportation combine large, vulnerable attack surfaces with far overprovisioned privileges. Often, compromising a single computer or user account is sufficient to give an attacker free reign over physical machinery. Significant reduction of attack surface size is an ongoing problem, so we shift our focus to reducing the privileges granted to system operators and embedded controllers. To this end, we introduce C2, an enforcement mechanism for policies governing the usage of electromechanical devices. In presenting C2, we address two basic problems: (i.) How should a policy for physical device usage be expressed and enforced? This is a challenging question, as the safe usage of physical devices is dependent on mechanical limitations and the behavior of nearby devices. (ii.) What actions should be taken if a physical machine is issued an operation that violates the policy? C2 takes measures to ensure unsafe behaviors are not caused when denying slightly erroneous yet legitimate operations. We evaluate C2 against six representative control systems, and show that it can efficiently perform policy checks with less than 3.7% overhead, while not introducing new unsafe behaviors into a control system.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
