Under Control: Techniques for Securing Industrial Control Systems
Project and Presentation By: David Formby
ABSTRACT | Industrial control system (ICS) networks provide the power to keep our lights on, the clean water flowing from our faucets, and the material goods we take for granted every day; yet, due to the rarity of real world incidents, the IT security personnel at these facilities struggle to convince the engineers running the physical processes to see cyber attacks as a real threat. With the number of ICS security incidents increasing every year, it is imperative that these two sides agree on a solution before a more lethal ICS attack occur. Therefore, a suite of technologies was developed to provide security against nation-state level attackers while also providing valuable management tools for day-to-day operations: fingerprinting devices based on their physical operation times allows for detection of false data injection while also providing information for predictive maintenance, execution time signatures alert operators when a device is reprogrammed maliciously or accidentally, and automated passive backups enable fast recovery from attacks or human error.
David Formby is a Ph.D. candidate in the School of Electrical and Computer Engineering, performing research in the area of network security for industrial control systems under Dr. Raheem Beyah. His past and current research projects include network characterizations of power distribution substations, techniques for device type fingerprinting for cyber-physical systems, and tools to detect and analyze changes to industrial controller programming.