Detecting industrial control malware using automated PLC code analytics

Saman Zonouz, Julian Rrushi, Stephen McLaughlin

Research output: Contribution to journalArticle

24 Citations (Scopus)

Abstract

The authors discuss their research on programmable logic controller (PLC) code analytics, which leverages safety engineering to detect and characterize PLC infections that target physical destruction of power plants. Their approach also draws on control theory, namely the field of engineering and mathematics that deals with the behavior of dynamical systems, to reverse-engineer safety-critical code to identify complex and highly dynamic safety properties for use in the hybrid code analytics approach.

Original languageEnglish
Article number7006408
Pages (from-to)40-47
Number of pages8
JournalIEEE Security and Privacy
Volume12
Issue number6
DOIs
StatePublished - Nov 1 2014

Fingerprint

Programmable logic controllers
safety engineer
Codes (standards)
engineering
Safety engineering
control theory
power plant
Control theory
Power plants
Dynamical systems
mathematics
Engineers
Malware

Keywords

  • formal models
  • industrial control malware
  • model checking
  • PLC code analytics
  • process control systems
  • reverse engineering
  • safety-critical code
  • security

ASJC Scopus subject areas

  • Electrical and Electronic Engineering
  • Computer Networks and Communications
  • Law

Cite this

Detecting industrial control malware using automated PLC code analytics. / Zonouz, Saman; Rrushi, Julian; McLaughlin, Stephen.

In: IEEE Security and Privacy, Vol. 12, No. 6, 7006408, 01.11.2014, p. 40-47.

Research output: Contribution to journalArticle

Zonouz, Saman ; Rrushi, Julian ; McLaughlin, Stephen. / Detecting industrial control malware using automated PLC code analytics. In: IEEE Security and Privacy. 2014 ; Vol. 12, No. 6. pp. 40-47.
@article{211497c04c9c444b988b647e7bb1ebba,
title = "Detecting industrial control malware using automated PLC code analytics",
abstract = "The authors discuss their research on programmable logic controller (PLC) code analytics, which leverages safety engineering to detect and characterize PLC infections that target physical destruction of power plants. Their approach also draws on control theory, namely the field of engineering and mathematics that deals with the behavior of dynamical systems, to reverse-engineer safety-critical code to identify complex and highly dynamic safety properties for use in the hybrid code analytics approach.",
keywords = "formal models, industrial control malware, model checking, PLC code analytics, process control systems, reverse engineering, safety-critical code, security",
author = "Saman Zonouz and Julian Rrushi and Stephen McLaughlin",
year = "2014",
month = "11",
day = "1",
doi = "10.1109/MSP.2014.113",
language = "English",
volume = "12",
pages = "40--47",
journal = "IEEE Security and Privacy",
issn = "1540-7993",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
number = "6",

}

TY - JOUR

T1 - Detecting industrial control malware using automated PLC code analytics

AU - Zonouz, Saman

AU - Rrushi, Julian

AU - McLaughlin, Stephen

PY - 2014/11/1

Y1 - 2014/11/1

N2 - The authors discuss their research on programmable logic controller (PLC) code analytics, which leverages safety engineering to detect and characterize PLC infections that target physical destruction of power plants. Their approach also draws on control theory, namely the field of engineering and mathematics that deals with the behavior of dynamical systems, to reverse-engineer safety-critical code to identify complex and highly dynamic safety properties for use in the hybrid code analytics approach.

AB - The authors discuss their research on programmable logic controller (PLC) code analytics, which leverages safety engineering to detect and characterize PLC infections that target physical destruction of power plants. Their approach also draws on control theory, namely the field of engineering and mathematics that deals with the behavior of dynamical systems, to reverse-engineer safety-critical code to identify complex and highly dynamic safety properties for use in the hybrid code analytics approach.

KW - formal models

KW - industrial control malware

KW - model checking

KW - PLC code analytics

KW - process control systems

KW - reverse engineering

KW - safety-critical code

KW - security

UR - http://www.scopus.com/inward/record.url?scp=84921416016&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84921416016&partnerID=8YFLogxK

U2 - 10.1109/MSP.2014.113

DO - 10.1109/MSP.2014.113

M3 - Article

VL - 12

SP - 40

EP - 47

JO - IEEE Security and Privacy

JF - IEEE Security and Privacy

SN - 1540-7993

IS - 6

M1 - 7006408

ER -