Controller-aware false data injection against programmable logic controllers

Stephen McLaughlin, Saman Zonouz

Research output: Chapter in Book/Report/Conference proceedingConference contribution

6 Scopus citations

Abstract

Control systems rely on accurate sensor measurements to safely regulate physical processes. In False Data Injection (FDI) attacks, adversaries inject forged sensor measurements into a control system in hopes of misguiding control algorithms into taking dangerous actions. Traditional FDI attacks mostly require adversaries to know the full system topology, i.e., hundreds or thousands of lines and buses, while having unpredictable consequences. In this paper, we present a new class of FDI attacks directly against individual Programmable Logic Controllers (PLCs), which are ubiquitous in power generation and distribution. Our attack allows the adversary to have only partial information about the victim subsystem, and produces a predictable malicious result. Our attack tool analyzes an I/O trace of the compromised PLCs to produce a set of inputs to achieve the desired PLC outputs, i.e., the system behavior. It proceeds in two steps. First, our tool constructs a model of the PLC's internal logic from the I/O traces. Second, it searches for a set of inputs that cause the model to calculate the desired malicious behavior. We evaluate our tool against a set of representative control systems and show that it is a practical threat against insecure sensor configurations.

Original languageEnglish (US)
Title of host publication2014 IEEE International Conference on Smart Grid Communications, SmartGridComm 2014
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages848-853
Number of pages6
ISBN (Electronic)9781479949342
DOIs
StatePublished - Jan 12 2015
Event2014 IEEE International Conference on Smart Grid Communications, SmartGridComm 2014 - Venice, Italy
Duration: Nov 3 2014Nov 6 2014

Publication series

Name2014 IEEE International Conference on Smart Grid Communications, SmartGridComm 2014

Other

Other2014 IEEE International Conference on Smart Grid Communications, SmartGridComm 2014
CountryItaly
CityVenice
Period11/3/1411/6/14

    Fingerprint

ASJC Scopus subject areas

  • Communication
  • Computer Networks and Communications
  • Computer Science Applications

Cite this

McLaughlin, S., & Zonouz, S. (2015). Controller-aware false data injection against programmable logic controllers. In 2014 IEEE International Conference on Smart Grid Communications, SmartGridComm 2014 (pp. 848-853). [7007754] (2014 IEEE International Conference on Smart Grid Communications, SmartGridComm 2014). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/SmartGridComm.2014.7007754