Programmable Logic Challenge: A Red team-Blue team stress test for state of the art PLC defense

Abstract

The secure, reliable, and efficient operation of Industrial Control Systems (ICS) lays the foundation for a strongcybersecurity pos""ture of critical systems and their individual components. As information and operation technologiescontinue to converge, the risk o""f cyberphysical attacks to ICS increases. In fact, the cyber aspects of ICS haveattracted the interest of the security community, a""cademics, government, but also threat actors who havedemonstrated theircapability to launch cyberattacks against critical systems.""A vital component of ICS is Programmable Logic Controllers (PLCs), which act as intermediaries between the cyberand the physical w""orld. As such, PLCs have been used as a pivot for more advanced cyberattacks to ICS. It wasn~tuntil recently, however, that PLCs be""came the focus of the security community, as highlighted by a recent reportindicating that 85% of ICS security breaches took months"" before being detected. To mitigate these security risks, as00 03/23/17well as detect and/or thwart cyberattacks, state-of-the-art"" defenses have since been reported in literature.In this project, we propose to organize a red-team/blue-team Embedded Security Cha""llenge (ESC) aiming to engageengineering students on basic and advanced concepts of ICS cybersecurity research. In addition, the pr""oposedexercise will provide public assessment of state-of-the-art PLC defenses, and help uncover vulnerabilities, to ultimatelyinc""rease assurance for contemporary ICS platforms. ESC consists of three phases:Phase 1 - Qualification: In this phase, teams must com""pile a written report, providing an analysis, strategy, and tacticsfor bypassing state-of-the-art security protection techniques fo""r PLCs.Phase 2 ~ Final competition: In the final competition phase, teams must instantiate and demonstrate their techniquesfor byp"assing security protections using a hardware platform.Phase 3 - Results Dissemination: The top-3 teams will be invited to a special session in a top-tier conference todisseminate their findings.

Document Details

Document Type

DoD Grant Award

Publication Date

May 05, 2017

Source ID

N000141712515

Entities

Tags