Side-channel based intrusion detection for industrial control systems
Pol Van Aubel (1), Kostas Papagiannopoulos (1), {\L}ukasz Chmielewski, (2), Christian Doerr (3) ((1) Radboud University, Digital Security Group, (2), Riscure BV, Delft, the Netherlands, (3) Delft University of Technology,, Department of Intelligent Systems)
TL;DR
This paper introduces a novel intrusion detection method for industrial control systems using electromagnetic side-channel measurements to identify behavioral changes in software, especially on legacy systems.
Contribution
It demonstrates the feasibility of using cryptographic side-channel analysis techniques to profile and distinguish small program changes on industrial controllers.
Findings
Successful profiling of Siemens S7-317 PLCs
Detection of small software changes using electromagnetic measurements
Feasibility of side-channel based intrusion detection in ICS
Abstract
Industrial Control Systems are under increased scrutiny. Their security is historically sub-par, and although measures are being taken by the manufacturers to remedy this, the large installed base of legacy systems cannot easily be updated with state-of-the-art security measures. We propose a system that uses electromagnetic side-channel measurements to detect behavioural changes of the software running on industrial control systems. To demonstrate the feasibility of this method, we show it is possible to profile and distinguish between even small changes in programs on Siemens S7-317 PLCs, using methods from cryptographic side-channel analysis.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.