S3A: Secure System Simplex Architecture for Enhanced Security of Cyber-Physical Systems

Until recently, cyber-physical systems, especially those with safety-critical properties that manage critical infrastructure (e.g. power generation plants, water treatment facilities, etc.) were considered to be invulnerable against software security breaches. The recently discovered 'W32.Stuxnet' worm has drastically changed this perception by demonstrating that such systems are susceptible to external attacks. Here we present an architecture that enhances the security of safety-critical cyber-physical systems despite the presence of such malware. Our architecture uses the property that control systems have deterministic execution behavior, to detect an intrusion within 0.6 {\mu}s while still guaranteeing the safety of the plant. We also show that even if an attack is successful, the overall state of the physical system will still remain safe. Even if the operating system's administrative privileges have been compromised, our architecture will still be able to protect the physical system from coming to harm.

[1]  G. Edward Suh,et al.  Flexible and Efficient Instruction-Grained Run-Time Monitoring Using On-Chip Reconfigurable Fabric , 2010, 2010 43rd Annual IEEE/ACM International Symposium on Microarchitecture.

[2]  Stanley Bak,et al.  Hybrid Cyberphysical System Verification with Simplex Using Discrete Abstractions , 2010, 2010 16th IEEE Real-Time and Embedded Technology and Applications Symposium.

[3]  Tal Garfinkel,et al.  Terra: a virtual machine-based platform for trusted computing , 2003, SOSP '03.

[4]  Jakob Engblom,et al.  The worst-case execution-time problem—overview of methods and survey of tools , 2008, TECS.

[5]  Elaine Shi,et al.  Pioneer: verifying code integrity and enforcing untampered code execution on legacy systems , 2005, SOSP '05.

[6]  Lui Sha,et al.  The System-Level Simplex Architecture for Improved Real-Time Embedded System Safety , 2009, 2009 15th IEEE Real-Time and Embedded Technology and Applications Symposium.

[7]  Hovav Shacham,et al.  Comprehensive Experimental Analyses of Automotive Attack Surfaces , 2011, USENIX Security Symposium.

[8]  Lui Sha,et al.  Using Simplicity to Control Complexity , 2001, IEEE Softw..

[9]  Lui Sha,et al.  Dynamic control system upgrade using the Simplex architecture , 1998 .

[10]  Frank Mueller,et al.  Time-based intrusion detection in cyber-physical systems , 2010, ICCPS '10.

[11]  Lui Sha,et al.  Real-Time I/O Management System with COTS Peripherals , 2013, IEEE Transactions on Computers.

[12]  Marco Caccamo,et al.  Sandboxing Controllers for Cyber-Physical Systems , 2011, 2011 IEEE/ACM Second International Conference on Cyber-Physical Systems.

[13]  Lui Sha,et al.  The Simplex Reference Model: Limiting Fault-Propagation Due to Unreliable Components in Cyber-Physical System Architectures , 2007, RTSS 2007.

[14]  Marco Caccamo,et al.  A Predictable Execution Model for COTS-Based Embedded Systems , 2011, 2011 17th IEEE Real-Time and Embedded Technology and Applications Symposium.

[15]  Trent Jaeger,et al.  Secure coprocessor-based intrusion detection , 2002, EW 10.

[16]  Niraj K. Jha,et al.  Hijacking an insulin pump: Security attacks and defenses for a diabetes therapy system , 2011, 2011 IEEE 13th International Conference on e-Health Networking, Applications and Services.

[17]  Ravishankar K. Iyer,et al.  Reconfigurable Tamper-resistant Hardware Support Against Insider Threats: The Trusted ILLIAC Approach , 2008, Insider Attack and Cyber Security.

[18]  Ravishankar K. Iyer,et al.  Toward Application-Aware Security and Reliability , 2007, IEEE Security & Privacy.

[19]  Matti Valovirta,et al.  Experimental Security Analysis of a Modern Automobile , 2011 .

[20]  Frank Mueller,et al.  Hybrid Timing Analysis of Modern Processor Pipelines via Hardware/Software Interactions , 2008, 2008 IEEE Real-Time and Embedded Technology and Applications Symposium.

[21]  Danbing Seto,et al.  Case Study: Development of a Baseline Controller for Automatic Landing of an F-16 Aircraft Using Linear Matrix Inequalities (LMIs) , 2000 .

[22]  Isaac Liu,et al.  Elimination of Side Channel attacks on a Precision Timed Architecture , 2009 .