Armor plc: A platform for cyber security threats assessments for PLCs

Wenhui Zhang, Yizheng Jiao, Dazhong Wu, Srivatsa Srinivasa, Asmit De, Swaroop Ghosh, Peng Liu

Research output: Contribution to journalConference articlepeer-review

4 Scopus citations

Abstract

Programmable Logic Controllers (PLCs) are essential parts in industrial manufacturing plants. With the emerging Industry 4.0 environment, legacy PLCs are now connected to the Internet to be better automated. However, these PLCs are especially vulnerable when connected to a network, since there is limited inherent security mechanisms built in. In this paper, we discuss various vulnerabilities in these PLCs. We describe threat models, detection and protection techniques. We consider vulnerabilities as compromised PLC logic, which is introduced by over-the-network malicious data injection. We leverage Host-Based Intrusion Detection System (HIDS) techniques, such as output value comparison using majority voting, timing comparison and using known I/O values for detecting such attacks for our Network-Based Intrusion Detection System for PLCs. We mimic functionalities of PLCs, through virtualization of PLCs' ladder logic on OpenPLC [7]. We use a record & replay technique for attack mitigation and system restoration. The record & replay system captures pin values of a Pulse Width Modulated (PWM) signal with sensitivity of 50 microseconds. We implement the attacks and our proposed security solution on the control flow logic of a sample industrial gas pipeline PLC network. We achieve a false positive rate of 1% along with a latency of 25 milliseconds in our abnormal detection with setting of 4 virtual PLCs (using OpenPLC [7]), and generated receiver operating characteristic results on different attack rates and ST file logic settings.

Original languageEnglish (US)
Pages (from-to)270-278
Number of pages9
JournalProcedia Manufacturing
Volume39
DOIs
StatePublished - 2019
Event25th International Conference on Production Research Manufacturing Innovation: Cyber Physical Manufacturing, ICPR 2019 - Chicago, United States
Duration: Aug 9 2019Aug 14 2019

All Science Journal Classification (ASJC) codes

  • Artificial Intelligence
  • Industrial and Manufacturing Engineering

Fingerprint

Dive into the research topics of 'Armor plc: A platform for cyber security threats assessments for PLCs'. Together they form a unique fingerprint.

Cite this