Side-Channel Based Intrusion Detection for Industrial Control Systems

Pol Van Aubel; Kostas Papagiannopoulos; Łukasz Chmielewski; Christian Doerr

doi:10.1007/978-3-319-99843-5_19

Side-Channel Based Intrusion Detection for Industrial Control Systems

Pol Van Aubel^*, Kostas Papagiannopoulos, Łukasz Chmielewski, Christian Doerr

^*Corresponding author for this work

Cyber Security

Research output: Chapter in Book/Conference proceedings/Edited volume › Conference contribution › Scientific › peer-review

7 Citations (Scopus)

Abstract

Industrial Control Systems are under increased scrutiny. Their security is historically sub-par, and although measures are being taken by the manufacturers to remedy this, the large installed base of legacy systems cannot easily be updated with state-of-the-art security measures. We propose a system that uses electromagnetic side-channel measurements to detect behavioural changes of the software running on industrial control systems. To demonstrate the feasibility of this method, we show it is possible to profile and distinguish between even small changes in programs on Siemens S7-317 PLCs, using methods from cryptographic side-channel analysis.

Original language	English
Title of host publication	Critical Information Infrastructures Security - 12th International Conference, CRITIS 2017, Revised Selected Papers
Editors	Gregorio D'Agostino, Antonio Scala
Place of Publication	Cham
Publisher	Springer
Pages	207-224
Number of pages	18
ISBN (Electronic)	978-3-319-99843-5
ISBN (Print)	978-3-319-99842-8
DOIs	https://doi.org/10.1007/978-3-319-99843-5_19
Publication status	Published - 2018
Event	12th International Conference on Critical Information Infrastructures Security, CRITIS 2017 - Lucca, Italy Duration: 8 Oct 2017 → 13 Oct 2017

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	10707 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	12th International Conference on Critical Information Infrastructures Security, CRITIS 2017
Country/Territory	Italy
City	Lucca
Period	8/10/17 → 13/10/17

Keywords

EM
ICS
Industrial control system
Intrusion detection
PLC
Programmable logic controller
Side-channel

Access to Document

10.1007/978-3-319-99843-5_19

Cite this

Van Aubel, P., Papagiannopoulos, K., Chmielewski, Ł., & Doerr, C. (2018). Side-Channel Based Intrusion Detection for Industrial Control Systems. In G. D'Agostino, & A. Scala (Eds.), Critical Information Infrastructures Security - 12th International Conference, CRITIS 2017, Revised Selected Papers (pp. 207-224). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10707 LNCS). Springer. https://doi.org/10.1007/978-3-319-99843-5_19

Van Aubel, Pol ; Papagiannopoulos, Kostas ; Chmielewski, Łukasz et al. / Side-Channel Based Intrusion Detection for Industrial Control Systems. Critical Information Infrastructures Security - 12th International Conference, CRITIS 2017, Revised Selected Papers. editor / Gregorio D'Agostino ; Antonio Scala. Cham : Springer, 2018. pp. 207-224 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{8a127509ed054d32a0495db5d2298b26,

title = "Side-Channel Based Intrusion Detection for Industrial Control Systems",

abstract = "Industrial Control Systems are under increased scrutiny. Their security is historically sub-par, and although measures are being taken by the manufacturers to remedy this, the large installed base of legacy systems cannot easily be updated with state-of-the-art security measures. We propose a system that uses electromagnetic side-channel measurements to detect behavioural changes of the software running on industrial control systems. To demonstrate the feasibility of this method, we show it is possible to profile and distinguish between even small changes in programs on Siemens S7-317 PLCs, using methods from cryptographic side-channel analysis.",

keywords = "EM, ICS, Industrial control system, Intrusion detection, PLC, Programmable logic controller, Side-channel",

author = "{Van Aubel}, Pol and Kostas Papagiannopoulos and {\L}ukasz Chmielewski and Christian Doerr",

year = "2018",

doi = "10.1007/978-3-319-99843-5_19",

language = "English",

isbn = "978-3-319-99842-8",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer",

pages = "207--224",

editor = "Gregorio D'Agostino and Antonio Scala",

booktitle = "Critical Information Infrastructures Security - 12th International Conference, CRITIS 2017, Revised Selected Papers",

note = "12th International Conference on Critical Information Infrastructures Security, CRITIS 2017 ; Conference date: 08-10-2017 Through 13-10-2017",

}

Van Aubel, P, Papagiannopoulos, K, Chmielewski, Ł & Doerr, C 2018, Side-Channel Based Intrusion Detection for Industrial Control Systems. in G D'Agostino & A Scala (eds), Critical Information Infrastructures Security - 12th International Conference, CRITIS 2017, Revised Selected Papers. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 10707 LNCS, Springer, Cham, pp. 207-224, 12th International Conference on Critical Information Infrastructures Security, CRITIS 2017, Lucca, Italy, 8/10/17. https://doi.org/10.1007/978-3-319-99843-5_19

Side-Channel Based Intrusion Detection for Industrial Control Systems. / Van Aubel, Pol; Papagiannopoulos, Kostas; Chmielewski, Łukasz et al.
Critical Information Infrastructures Security - 12th International Conference, CRITIS 2017, Revised Selected Papers. ed. / Gregorio D'Agostino; Antonio Scala. Cham: Springer, 2018. p. 207-224 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10707 LNCS).

Research output: Chapter in Book/Conference proceedings/Edited volume › Conference contribution › Scientific › peer-review

TY - GEN

T1 - Side-Channel Based Intrusion Detection for Industrial Control Systems

AU - Van Aubel, Pol

AU - Papagiannopoulos, Kostas

AU - Chmielewski, Łukasz

AU - Doerr, Christian

PY - 2018

Y1 - 2018

N2 - Industrial Control Systems are under increased scrutiny. Their security is historically sub-par, and although measures are being taken by the manufacturers to remedy this, the large installed base of legacy systems cannot easily be updated with state-of-the-art security measures. We propose a system that uses electromagnetic side-channel measurements to detect behavioural changes of the software running on industrial control systems. To demonstrate the feasibility of this method, we show it is possible to profile and distinguish between even small changes in programs on Siemens S7-317 PLCs, using methods from cryptographic side-channel analysis.

AB - Industrial Control Systems are under increased scrutiny. Their security is historically sub-par, and although measures are being taken by the manufacturers to remedy this, the large installed base of legacy systems cannot easily be updated with state-of-the-art security measures. We propose a system that uses electromagnetic side-channel measurements to detect behavioural changes of the software running on industrial control systems. To demonstrate the feasibility of this method, we show it is possible to profile and distinguish between even small changes in programs on Siemens S7-317 PLCs, using methods from cryptographic side-channel analysis.

KW - EM

KW - ICS

KW - Industrial control system

KW - Intrusion detection

KW - PLC

KW - Programmable logic controller

KW - Side-channel

UR - http://www.scopus.com/inward/record.url?scp=85053876783&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-99843-5_19

DO - 10.1007/978-3-319-99843-5_19

M3 - Conference contribution

AN - SCOPUS:85053876783

SN - 978-3-319-99842-8

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 207

EP - 224

BT - Critical Information Infrastructures Security - 12th International Conference, CRITIS 2017, Revised Selected Papers

A2 - D'Agostino, Gregorio

A2 - Scala, Antonio

PB - Springer

CY - Cham

T2 - 12th International Conference on Critical Information Infrastructures Security, CRITIS 2017

Y2 - 8 October 2017 through 13 October 2017

ER -

Van Aubel P, Papagiannopoulos K, Chmielewski Ł, Doerr C. Side-Channel Based Intrusion Detection for Industrial Control Systems. In D'Agostino G, Scala A, editors, Critical Information Infrastructures Security - 12th International Conference, CRITIS 2017, Revised Selected Papers. Cham: Springer. 2018. p. 207-224. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-319-99843-5_19

Side-Channel Based Intrusion Detection for Industrial Control Systems

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this