CyFence: Securing Cyber-Physical Controllers via Trusted Execution Environment

TL;DR

CyFence enhances cyber-physical system security by integrating semantic checks within a Trusted Execution Environment, effectively detecting malicious behaviors with minimal performance impact.

Contribution

The paper introduces CyFence, a novel architecture leveraging trusted execution environments to secure CPS controllers through semantic validation.

Findings

Mitigates various cyber-attacks on CPS controllers.

Maintains system performance with negligible overhead.

Demonstrated effectiveness on an active braking digital controller.

Abstract

In the last decades, Cyber-physical Systems (CPSs) have experienced a significant technological evolution and increased connectivity, at the cost of greater exposure to cyber-attacks. Since many CPS are used in safety-critical systems, such attacks entail high risks and potential safety harms. Although several defense strategies have been proposed, they rarely exploit the cyber-physical nature of the system. In this work, we exploit the nature of CPS by proposing CyFence, a novel architecture that improves the resilience of closed-loop control systems against cyber-attacks by adding a semantic check, used to confirm that the system is behaving as expected. To ensure the security of the semantic check code, we use the Trusted Execution Environment implemented by modern processors. We evaluate CyFence considering a real-world application, consisting of an active braking digital controller, demonstrating that it can mitigate different types of attacks with a negligible computation overhead.