Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Designing Actively Secure, Highly Available Industrial Automation Applications
IT & Software Engineering, Auckland University of Technology, Auckland, New Zealand.
IT & Software Engineering, Auckland University of Technology, Auckland, New Zealand.
IT & Software Engineering, Auckland University of Technology, Auckland, New Zealand.
Research Centre in Digitalisation and Intelligent Robotics (CeDRI), Instituto Politecnico de Braganca, Campus de Santa Apolonia, Braganca, Portugal.
Show others and affiliations
2019 (English)In: 2019 IEEE 17th International Conference on Industrial Informatics (INDIN), IEEE, 2019, p. 374-379Conference paper, Published paper (Other academic)
Abstract [en]

Programmable Logic Controllers (PLCs) execute critical control software that drives Industrial Automation and Control Systems (IACS). PLCs can become easy targets for cyber-adversaries as they are resource-constrained and are usually built using legacy, less-capable security measures. Security attacks can significantly affect system availability, which is an essential requirement for IACS. We propose a method to make PLC applications more security-aware. Based on the well-known IEC 61499 function blocks standard for developing IACS software, our method allows designers to annotate critical parts of an application during design time. On deployment, these parts of the application are automatically secured using appropriate security mechanisms to detect and prevent attacks. We present a summary of availability attacks on distributed IACS applications that can be mitigated by our proposed method. Security mechanisms are achieved using IEC 61499 Service-Interface Function Blocks (SIFBs) embedding Intrusion Detection and Prevention System (IDPS), added to the application at compile time. This method is more amenable to providing active security protection from attacks on previously unknown (zero-day) vulnerabilities. We test our solution on an IEC 61499 application executing on Wago PFC200 PLCs. Experiments show that we can successfully log and prevent attacks at the application level as well as help the application to gracefully degrade into safe mode, subsequently improving availability.

Place, publisher, year, edition, pages
IEEE, 2019. p. 374-379
Series
IEEE International Conference on Industrial Informatics (INDIN), ISSN 1935-4576, E-ISSN 2378-363X
Keywords [en]
Industrial automation and control systems, Programmable Logic Controllers, IEC 61499, active security protection, Availability, Intrusion detection and prevention
National Category
Computer Sciences
Research subject
Dependable Communication and Computation Systems
Identifiers
URN: urn:nbn:se:ltu:diva-79458DOI: 10.1109/INDIN41052.2019.8972262ISI: 000529510400054Scopus ID: 2-s2.0-85079057430OAI: oai:DiVA.org:ltu-79458DiVA, id: diva2:1439572
Conference
2019 IEEE 17th International Conference on Industrial Informatics (INDIN), 22-25 July, 2019, Helsinki-Espoo, Finland
Note

ISBN för värdpublikation: 978-1-7281-2927-3, 978-1-7281-2928-0

Available from: 2020-06-12 Created: 2020-06-12 Last updated: 2020-06-12Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records

Vyatkin, Valeriy

Search in DiVA

By author/editor
Vyatkin, Valeriy
By organisation
Computer Science
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 19 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf