ICS-BlockOpS: Blockchain for operational data security in industrial control system

Abstract Industrial Control Systems (ICS) are the backbone of critical infrastructure found in power, water, manufacturing and other industries. An ICS controls a physical plant through the use of sensors and actuators. A Historian sits on a plant network and receives, parses, and saves data and commands transmitted over the network, across the Programmable Logic Controllers (PLCs), sensors and actuators. This data has at least two uses. One use is to check for any process anomalies that may occur due to component failures and cyber attacks. The other use of this data, and the focus of this work, is to serve as critical input to off-line activities such as forensic analysis. A cyber attack on the Historian could jeopardize any forensic analysis be it for maintenance, or discovering an attack trail. In this work, a novel architecture, named ICS-BlockOpS, is proposed to secure plant operational data recorded in the Historian. ICS-BlockOpS is designed to enhance data security along two dimensions: immutability and redundancy. An integrity checking mechanism, in combination with blockchain, is used to ensure data integrity. Data redundancy is achieved by applying an efficient replication mechanism and enables data recovery after an attack. A prototype implementation of ICS-BlockOpS uses Ethereum blockchain in the local network as part of the tamper proofing mechanism. The implementation is in an operational six-stage water treatment plant. The underlying design ideas are generic and could be applied to other ICS as well.

[1]  Boo-Sun Jeon,et al.  A study of cyber security policy in industrial control system using data diodes , 2016, 2016 18th International Conference on Advanced Communication Technology (ICACT).

[2]  Arshdeep Bahga,et al.  Blockchain Platform for Industrial Internet of Things , 2016 .

[3]  Andrew Lippman,et al.  MedRec: Using Blockchain for Medical Data Access and Permission Management , 2016, 2016 2nd International Conference on Open and Big Data (OBD).

[4]  Nils Ole Tippenhauer,et al.  SWaT: a water treatment testbed for research and training on ICS security , 2016, 2016 International Workshop on Cyber-physical Systems for Smart Water Networks (CySWater).

[5]  Ing-Ray Chen,et al.  A survey of intrusion detection techniques for cyber-physical systems , 2014, ACM Comput. Surv..

[6]  Qin Lin,et al.  TABOR: A Graphical Model-based Approach for Anomaly Detection in Industrial Control Systems , 2018, AsiaCCS.

[7]  Sridhar Adepu,et al.  Distributed Detection of Single-Stage Multipoint Cyber Attacks in a Water Treatment Plant , 2016, AsiaCCS.

[8]  M. Tahar Kechadi,et al.  Forensics in Industrial Control System: A Case Study , 2015, CyberICS/WOS-CPS@ESORICS.

[9]  Edward A. Lee Cyber Physical Systems: Design Challenges , 2008, 2008 11th IEEE International Symposium on Object and Component-Oriented Real-Time Distributed Computing (ISORC).

[10]  Michael Devetsikiotis,et al.  Blockchains and Smart Contracts for the Internet of Things , 2016, IEEE Access.

[11]  Karen A. Scarfone,et al.  Guide to Industrial Control Systems (ICS) Security , 2015 .

[12]  John A. Stankovic,et al.  Research Directions for Cyber Physical Systems in Wireless and Mobile Healthcare , 2016, ACM Trans. Cyber Phys. Syst..

[13]  Sridhar Adepu,et al.  Distributed Attack Detection in a Water Treatment Plant: Method and Case Study , 2018, IEEE Transactions on Dependable and Secure Computing.

[14]  Paolo Tasca,et al.  Blockchain Technologies: The Foreseeable Impact on Society and Industry , 2017, Computer.

[15]  Hassan Farhangi,et al.  A Field Study of Digital Forensics of Intrusions in the Electrical Power Grid , 2015, CPS-SPC@CCS.

[16]  Mark Stamp,et al.  Information security - principles and practice , 2005 .

[17]  Jiafu Wan,et al.  A Blockchain-Based Solution for Enhancing Security and Privacy in Smart Factory , 2019, IEEE Transactions on Industrial Informatics.

[18]  Zhao Yang Dong,et al.  Distributed Blockchain-Based Data Protection Framework for Modern Power Systems Against Cyber Attacks , 2019, IEEE Transactions on Smart Grid.

[19]  Ralph Langner,et al.  Stuxnet: Dissecting a Cyberwarfare Weapon , 2011, IEEE Security & Privacy.

[20]  Sridhar Adepu,et al.  Generalized Attacker and Attack Models for Cyber Physical Systems , 2016, 2016 IEEE 40th Annual Computer Software and Applications Conference (COMPSAC).