Side-Channel Based Intrusion Detection for Industrial Control Systems

Pol Van Aubel*, Kostas Papagiannopoulos, Łukasz Chmielewski, Christian Doerr

*Corresponding author for this work

Research output: Chapter in Book/Conference proceedings/Edited volumeConference contributionScientificpeer-review

7 Citations (Scopus)


Industrial Control Systems are under increased scrutiny. Their security is historically sub-par, and although measures are being taken by the manufacturers to remedy this, the large installed base of legacy systems cannot easily be updated with state-of-the-art security measures. We propose a system that uses electromagnetic side-channel measurements to detect behavioural changes of the software running on industrial control systems. To demonstrate the feasibility of this method, we show it is possible to profile and distinguish between even small changes in programs on Siemens S7-317 PLCs, using methods from cryptographic side-channel analysis.

Original languageEnglish
Title of host publicationCritical Information Infrastructures Security - 12th International Conference, CRITIS 2017, Revised Selected Papers
EditorsGregorio D'Agostino, Antonio Scala
Place of PublicationCham
Number of pages18
ISBN (Electronic)978-3-319-99843-5
ISBN (Print)978-3-319-99842-8
Publication statusPublished - 2018
Event12th International Conference on Critical Information Infrastructures Security, CRITIS 2017 - Lucca, Italy
Duration: 8 Oct 201713 Oct 2017

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume10707 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Conference12th International Conference on Critical Information Infrastructures Security, CRITIS 2017


  • EM
  • ICS
  • Industrial control system
  • Intrusion detection
  • PLC
  • Programmable logic controller
  • Side-channel


Dive into the research topics of 'Side-Channel Based Intrusion Detection for Industrial Control Systems'. Together they form a unique fingerprint.

Cite this