Using Logical Error Detection in Software Controlling Remote-Terminal Units to Predict Critical Information Infrastructures Failures

A method for predicting software failures to critical information infrastructures is presented in this paper. Software failures in critical infrastructures can stem from logical errors in the source code which manipulates controllers that handle machinery; i.e. Remote Terminal Units and Programmable Logic Controllers in SCADA systems. Since these controllers are often responsible for handling hardware in critical infrastructures, detecting such logical errors in the software controlling their functionality implies detecting possible failures in the machine itself and, consequently, predicting single or cascading infrastructure failures. Our method may also be tweaked to provide estimates of the impact and likelihood of each detected error. An existing source code analysis method is adjusted to analyze code able to send commands to SCADA systems. A practical implementation of the method is presented and discussed. Examples are given using open-source SCADA operating interfaces.

[1]  S. Shankar Sastry,et al.  Research Challenges for the Security of Control Systems , 2008, HotSec.

[2]  Panayiotis Kotzanikolaou,et al.  Assessing n-order dependencies between critical infrastructures , 2013, Int. J. Crit. Infrastructures.

[3]  Thierry Benoist,et al.  Demo abstract: Demonstrating cyber-attacks impact on cyber-physical simulated environment , 2014, 2014 ACM/IEEE International Conference on Cyber-Physical Systems (ICCPS).

[4]  Wei-Chih Chen,et al.  Empirical analysis of software-induced failure events in the nuclear industry , 2013 .

[5]  Panayiotis Kotzanikolaou,et al.  Risk assessment methodology for interdependent critical infrastructures , 2011 .

[6]  Karen A. Scarfone,et al.  Guide to Industrial Control Systems (ICS) Security , 2015 .

[7]  E. Chikuni,et al.  Investigating the security of electrical power systems SCADA , 2007, AFRICON 2007.

[8]  Christopher Krügel,et al.  Toward Automated Detection of Logic Vulnerabilities in Web Applications , 2010, USENIX Security Symposium.

[9]  C. Alcaraz,et al.  Secure SCADA framework for the protection of energy control systems , 2011, Concurr. Comput. Pract. Exp..

[10]  Dimitris Gritzalis,et al.  On Business Logic Vulnerabilities Hunting: The APP_LogGIC Framework , 2013, NSS.

[11]  William Bolton 1 – Programmable logic controllers , 2006 .

[12]  W. Bolton,et al.  Programmable Logic Controllers, Fourth Edition , 2006 .

[13]  Ravishankar K. Iyer,et al.  Characterization of the error resiliency of power grid substation devices , 2012, IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2012).

[14]  Dimitris Gritzalis,et al.  Source code profiling and classification for automated detection of logical errors , 2014 .

[15]  Panayiotis Kotzanikolaou,et al.  Interdependencies between Critical Infrastructures: Analyzing the Risk of Cascading Effects , 2011, CRITIS.

[16]  Panayiotis Kotzanikolaou,et al.  Cascading Effects of Common-Cause Failures in Critical Infrastructures , 2013, Critical Infrastructure Protection.

[17]  Timothy Grance,et al.  Guide to Supervisory Control and Data Acquisition (SCADA) and Other Industrial Control System Security , 2006 .

[18]  Sujeet Shenoi,et al.  Critical Infrastructure Protection VII , 2013, IFIP Advances in Information and Communication Technology.

[19]  Christopher Krügel,et al.  Fear the EAR: discovering and mitigating execution after redirect vulnerabilities , 2011, CCS '11.

[20]  Yang Xiang,et al.  A secure and efficient data aggregation scheme for wireless sensor networks , 2011, Concurr. Comput. Pract. Exp..

[21]  William Bolton Chapter 1 – Programmable Logic Controllers , 2015 .

[22]  Ingrid Bouwer Utne,et al.  Risk analysis of critical infrastructures emphasizing electricity supply and interdependencies , 2012, Reliab. Eng. Syst. Saf..

[23]  Stephen McCamant,et al.  The Daikon system for dynamic detection of likely invariants , 2007, Sci. Comput. Program..

[24]  Ronald L. Krutz Securing SCADA systems , 2005 .

[25]  Dimitris Gritzalis,et al.  Automated Detection of Logical Errors in Programs , 2014, CRiSIS.

[26]  Frank D. Petruzella,et al.  Programmable Logic Controllers , 1989 .

[27]  Paul E. Black,et al.  Juliet 1.1 C/C++ and Java Test Suite , 2012, Computer.

[28]  Dimitris Gritzalis,et al.  Hunting Application-Level Logical Errors , 2012, ESSoS.