{"title":"Online Distributed Schedule Randomization to Mitigate Timing Attacks in Industrial Control Systems","authors":"Ankita Samaddar, Arvind Easwaran","doi":"10.1145/3624584","DOIUrl":null,"url":null,"abstract":"Industrial control systems (ICSs) consist of a large number of control applications that are associated with periodic real-time flows with hard deadlines. To facilitate large-scale integration, remote control, and co-ordination, wireless sensor and actuator networks form the main communication framework in most ICSs. Among the existing wireless sensor and actuator network protocols, WirelessHART is the most suitable protocol for real-time applications in ICSs. The communications in a WirelessHART network are time-division multiple access based. To satisfy the hard deadlines of the real-time flows, the schedule in a WirelessHART network is pre-computed. The same schedule is repeated over every hyperperiod (i.e., lowest common multiple of the periods of the flows). However, a malicious attacker can exploit the repetitive behavior of the flow schedules to launch timing attacks (e.g., selective jamming attacks). To mitigate timing attacks, we propose an online distributed schedule randomization strategy that randomizes the time-slots in the schedules at each network device without violating the flow deadlines, while ensuring the closed-loop control stability. To increase the extent of randomization in the schedules further, and to reduce the energy consumption of the system, we incorporate a period adaptation strategy that adjusts the transmission periods of the flows depending on the stability of the control loops at runtime. We use Kullback-Leibler divergence and prediction probability of slots as two metrics to evaluate the performance of our proposed strategy. We compare our strategy with an offline centralized schedule randomization strategy. Experimental results show that the schedules generated by our strategy are 10% to 15% more diverse and 5% to 10% less predictable on average compared to the offline strategy when the number of base schedules and keys vary between 4 and 6 and 12 and 32, respectively, under all slot utilization (number of occupied slots in a hyperperiod). On incorporating period adaptation, the divergence in the schedules reduceat each period increase with 46% less power consumption on average.","PeriodicalId":50914,"journal":{"name":"ACM Transactions on Embedded Computing Systems","volume":" 9","pages":"0"},"PeriodicalIF":2.8000,"publicationDate":"2023-11-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM Transactions on Embedded Computing Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3624584","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}
引用次数: 0
Abstract
Industrial control systems (ICSs) consist of a large number of control applications that are associated with periodic real-time flows with hard deadlines. To facilitate large-scale integration, remote control, and co-ordination, wireless sensor and actuator networks form the main communication framework in most ICSs. Among the existing wireless sensor and actuator network protocols, WirelessHART is the most suitable protocol for real-time applications in ICSs. The communications in a WirelessHART network are time-division multiple access based. To satisfy the hard deadlines of the real-time flows, the schedule in a WirelessHART network is pre-computed. The same schedule is repeated over every hyperperiod (i.e., lowest common multiple of the periods of the flows). However, a malicious attacker can exploit the repetitive behavior of the flow schedules to launch timing attacks (e.g., selective jamming attacks). To mitigate timing attacks, we propose an online distributed schedule randomization strategy that randomizes the time-slots in the schedules at each network device without violating the flow deadlines, while ensuring the closed-loop control stability. To increase the extent of randomization in the schedules further, and to reduce the energy consumption of the system, we incorporate a period adaptation strategy that adjusts the transmission periods of the flows depending on the stability of the control loops at runtime. We use Kullback-Leibler divergence and prediction probability of slots as two metrics to evaluate the performance of our proposed strategy. We compare our strategy with an offline centralized schedule randomization strategy. Experimental results show that the schedules generated by our strategy are 10% to 15% more diverse and 5% to 10% less predictable on average compared to the offline strategy when the number of base schedules and keys vary between 4 and 6 and 12 and 32, respectively, under all slot utilization (number of occupied slots in a hyperperiod). On incorporating period adaptation, the divergence in the schedules reduceat each period increase with 46% less power consumption on average.
期刊介绍:
The design of embedded computing systems, both the software and hardware, increasingly relies on sophisticated algorithms, analytical models, and methodologies. ACM Transactions on Embedded Computing Systems (TECS) aims to present the leading work relating to the analysis, design, behavior, and experience with embedded computing systems.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
