A Hardware-level Live Patching Framework for Protecting Legacy Industrial Controllers

Abstract

Approved for Public ReleaseIndustrial Control Systems (ICS), especially programmable logic controllers (PLCs) that control the underlying physical infrastructures such as gas pipeline systems, are most commonly run for a long time of uninterrupted services. This means that legacy vulnerabilities cannot be patched in a timely fashion after disclosure, because normally patching has to wait for a rare downtime window. To avoid downtime and maintenance cost, the concept of live patching has been introduced. Unfortunately, the previous live patching approaches cannot be applied to closed-source real-time devices such as PLCs, since the internal working mechanisms of commercial PLC are hardly known for an outsider. In this project, we propose a framework for patching controller security vulnerabilities at the binary code level without rebooting. The core of our proposed framework is an update agent that works on the built-in real-time debug logic of a microcontroller unit (MCU), and thisagent can fix bugs without interrupting the control logic execution. To ensure system availability and reliability, we plan to use the debug logic to create hot patches based on our buggyinstruction positioning approach. Considering restricted resources of controllers, hot patches are tiny designed and just consist of a few dozen bytes while reducing the potential side effects of bugs. To validate the feasibility and effectiveness of our framework, we will deploy it on a widely used Rockwell PLC within a small field environment (i.e., trainer-kit) and use it to patch known vulnerabilities in this PLC. Finally, we plan to evaluate our framework on a real-world industry control system.

Document Details

Document Type

DoD Grant Award

Publication Date

Jan 12, 2023

Source ID

N000142312158

Entities

Tags