Abstract
This chapter proposes a roadmap that employs secure parsers to eliminate the possibility of input-handling vulnerabilities in industrial control systems. Industrial control systems are responsible for maintaining the integrity of power grids. Complex communications networks constitute the backbones of these systems. Communications in industrial control networks must be processed correctly and they should not crash devices or enable attackers to access networked devices. Language-theoretic security is the practice of comprehensive input handling using secure parsers. This chapter demonstrates that the existing collection of secure parsers for industrial control protocols can cover the communications needs of industrial control networks. It discusses the merits of guarding industrial control networks using secure parsers, proposes a triage procedure for implementation and summarizes the security benefits and lessons learned.
Chapter PDF
Similar content being viewed by others
References
P. Anantharaman, K. Palani, R. Brantley, G. Brown, S. Bratus and S. Smith, PhasorSec: Protocol security filters for wide-area measurement systems, Proceedings of the IEEE International Conference on Communications, Control and Computing Technologies for Smart Grids, 2018
S. Bratus, A. Crain, S. Hallberg, D. Hirsch, M. Patterson, M. Koo and S. Smith, Implementing a vertically-hardened DNP3 control stack for power applications, Proceedings of the Second Annual Industrial Control System Security Workshop, pp. 45–53, 2016
N. Chomsky, Three models for the description of language, IRE Transactions on Information Theory, vol. 2(3), pp. 113–124, 1956
Dartmouth’s PKI/Trust Lab, C37.118PMU and dnp3, GitHub (github.com/Dartmouth-Trustlab), 2018
P. Ducklin, Anatomy of a “goto fail” – Apple’s SSL bug explained, plus an unofficial patch for OS X! Naked Security (nakedsecurity.sophos.com/2014/02/24/anatomy-of-a-goto-fail-apples-ssl-bug-explained-plus-an-unofficial-patch), February 24, 2014
Z. Durumeric, F. Li, J. Kasten, J. Amann, J. Beekman, M. Payer, N. Weaver, D. Adrian, V. Paxson and M. Bailey, The matter of Heartbleed, Proceedings of the Internet Measurement Conference, pp. 475–488, 2014
J. Freeman, Exploit ( & fix) Android “master key,” The Realm of the Avatar Blog (www.saurik.com/id/17), 2013
B. Galloway and G. Hancke, Introduction to industrial control networks, IEEE Communications Surveys and Tutorials, vol. 15(2), pp. 860–880, 2013
L. Hay Newman, The Hail Mary plan to restart a hacked US electric grid, Wired, November 14, 2018
C. Hurd and M. McCarty, A Survey of Security Tools for the Industrial Control System Environment, INL/EXT-17-42229, Revision 1, Idaho National Laboratory, Idaho Falls, Idaho, 2017
Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), Recommended Practice: Improving Industrial Control System Cybersecurity with Defense-in-Depth Strategies, Idaho Falls, Idaho, 2016
P. Johnson, S. Bratus and S. Smith, Protecting against malicious bits on the wire: Automatically generating a USB protocol parser for a production kernel, Proceedings of the Thirty-Third Annual Computer Security Applications Conference, pp. 528–541, 2017
R. Lee, Detecting the Siemens S7 worm and similar capabilities, SANS Industrial Control Systems Security Blog (blogs.sans.org/industrial-control-systems/2016/05), May 8, 2016
F. Momot, S. Bratus, S. Hallberg and M. Patterson, The seven turrets of Babel: A taxonomy of LangSec errors and how to expunge them, Proceedings of the IEEE Cybersecurity Development Conference, pp. 45–52, 2016
Office of Cybersecurity, Energy Security and Emergency Response, From Innovation to Practice: Re-Designing Energy Delivery Systems to Survive Cyber Attacks, U.S. Department of Energy, Washington, DC (www.energy.gov/sites/prod/files/2018/09/f55/CEDS%20From%20Innovation%20to%20Practice%20FINAL_0.pdf), July 2018
M. Patterson, Parser combinations for binary formats, in C; Yes, in C; What? Don’t look at me like that, GitHub (github.com/UpstandingHackers/hammer), 2017
M. Spagnuolo, Abusing JSONP with Rosetta Flash, Michele Spagnuolo Blog (miki.it/blog/2014/7/8/abusing-jsonp-with-rosetta-flash), July 8, 2014
Symantec Security Response, ShellShock: All you need to know about the Bash Bug vulnerability, Symantec Security Response Blog (www.symantec.com/connect/blogs/shellshock-all-you-need-know-about-bash-bug-vulnerability), September 25, 2014
K. Torpey, The DAO disaster illustrates differing philosophies in Bitcoin and Ethereum, CoinGecko Buzz (www.coingecko.com/buzz/dao-disaster-differing-philosophies-bitcoin-ethereum), July 4, 2016
C. Veitch, J. Henry, B. Richardson and D. Hart, Microgrid Cyber Security Reference Architecture, Version 1.0, Sandia Report SAND2013-5472, Sandia National Laboratories, Albuquerque, New Mexico, 2013
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 IFIP International Federation for Information Processing
About this paper
Cite this paper
Millian, M., Anantharaman, P., Bratus, S., Smith, S., Locasto, M. (2019). Converting an Electric Power Utility Network to Defend Against Crafted Inputs. In: Staggs, J., Shenoi, S. (eds) Critical Infrastructure Protection XIII. ICCIP 2019. IFIP Advances in Information and Communication Technology, vol 570. Springer, Cham. https://doi.org/10.1007/978-3-030-34647-8_4
Download citation
DOI: https://doi.org/10.1007/978-3-030-34647-8_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-34646-1
Online ISBN: 978-3-030-34647-8
eBook Packages: Computer ScienceComputer Science (R0)