南方科技大学知识苑(SUSTech KC): A Heterogeneous Redundant Architecture for Industrial Control System Security

题名	A Heterogeneous Redundant Architecture for Industrial Control System Security
作者	Zhihao Dai 1; Matthew Leeke 1; Yulong Ding2 ; Shuang-hua Yang2
DOI	10.1109/PRDC55274.2022.00023
发表日期	2022-11-28
ISSN	1555-094X
ISBN	978-1-6654-8556-2
会议录名称	2022 IEEE 27th Pacific Rim International Symposium on Dependable Computing (PRDC)
页码	89-97
会议日期	28 Nov.-1 Dec. 2022
会议地点	Beijing, China
摘要	Component-level heterogeneous redundancy is gaining popularity as an approach for preventing single-point security breaches in Industrial Control Systems (ICSs), especially with regard to core components such as Programmable Logic Controllers (PLCs). To take control of a system with component-level heterogeneous redundancy, an adversary must uncover and concurrently exploit vulnerabilities across multiple versions of hardened components. As such, attackers incur increased costs and delays when seeking to launch a successful attack. Existing approaches advocate attack resilience via pairwise comparison among outputs from multiple PLCs. These approaches incur increased resource costs due to them having a high degree of redundancy and do not address concurrent attacks. In this paper we address both issues, demonstrating a data-driven component selection approach that achieves a trade-off between resources cost and security. In particular, we propose (i) a novel dual-PLC ICS architecture with native pairwise comparison which can offer limited yet comparable defence against single-point breaches, (ii) a machine-learning based selection mechanisms which can deliver resilience against non-concurrent attacks under resource constraints, (iii) a scaled up variant of the proposed architecture to counteract concurrent attacks with modest resource implications.
关键词	Industrial Control System Security Redundancy Programmable Logic Controller Machine Learning
学校署名	其他
相关链接	[IEEE记录]
来源库	IEEE
全文链接	https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=10027842
引用统计	被引频次[WOS]：0
成果类型	会议论文
条目标识符	http://sustech.caswiz.com/handle/2SGJ60CL/426897
专题	工学院_计算机科学与工程系
作者单位	1.Department of Computer Science, University of Warwick, Coventry, UK 2.Department of Computer Science and Engineering, Shenzhen Key Laboratory of Safety and Security for Next Generation of Industrial Internet, Southern University of Science and Technology, Shenzhen, China
推荐引用方式 GB/T 7714	Zhihao Dai,Matthew Leeke,Yulong Ding,et al. A Heterogeneous Redundant Architecture for Industrial Control System Security[C],2022:89-97.