Successful attacks against industrial control systems (ICS) often exploited the insufficiency of security checking mechanisms — e.g., control commands are largely executed without checking whether they are issued by the legitimate source and whether they are transmitted through the right network path and hence undergone all necessary mediations and scrutinizes. While adding such enhanced security checking into ICS will significantly raise the bar for attackers, there are two key challenges: 1) the need for real-time, and 2) the need for flexibility — i.e., the scheme needs to be applicable to different deployment settings/communication models and counter various types of attacks. Our technology offers a transparent, bump-in-the-wire solution for a fast and flexible message authentication scheme that addresses both challenges. Specifically, by using a lightweight hash-chaining-based scheme that supports provenance verification, our technology achieves less than 2 milliseconds end-to-end proving and verifying delay for typical, multi-hop communication in ICS, when implemented on a low-cost BeagleBoard-X15 platform.
Our solution is implemented as a software that can be run on a low-cost embedded platform, and our devices are deployed in a bump-in-the-wire manner, which allows the solution to be completely transparent and thus does not require any major modification or upgrade in an existing, legacy industrial control system architecture. The devices at the sender device (e.g., supervisory control and data acquisition (SCADA) master workstation) intercept the outgoing message and add security metadata, which, at each hop, is updated by the device associated with an ICS device or security appliance en routes, such as protocol translation gateway and firewall, and finally cryptographically verified by the device at the destination. The provenance of the message, which is verified through the security metadata, can be further utilized for security policy enforcement. Because of the use of light-weight cryptographic primitives, the end-to-end latency can be as low as 2ms in typical ICS settings, which fits well in a time-critical environment, such as a power grid. Our devices can be deployed for all ICS devices or can be strategically deployed to protect only ICS devices of high criticality.
Our technology is a lightweight, protocol-agnostic security solution to offer extensive, provenance-aware message authentication. Thus, any industrial control system that requires time stringent communication, including but not limited to a smart power grid, smart manufacturing, smart transportation, and robotics, will benefit from the solution. It is a self-contained product, which comes in the form of a set of embedded devices. The bump-in-the-wire installation requires expertise, but the security is transparent to the legacy devices deployed in the infrastructure. Our technology works autonomously without deliberate input from the protected system.
Several schemes employ public key infrastructure and ameliorate it for the path authentication with aggregate signatures. Aggregate signature enables multiple senders to sign different messages without increasing the signature size. To reduce computation and communication complexity, techniques such as signature amortization and the space-efficient techniques of aggregate signatures have been proposed. However, under stringent latency constraints in ICS, they are no longer options. Path verification in the smart grid context was explored, but it focused on demand response services, which are less latency stringent. Our solution allows a message to securely gather and carry cryptographically verifiable evidence about its source and the path it travels, which can then be checked at the destination before the message is processed by the destination device. This lightweight hash-chaining-based scheme achieves end-to-end provenance verification with only sub-2 milliseconds delay.