An effective intrusion-resilient mechanism for programmable logic controllers against data tampering attacks

Abstract

Programmable Logic Controllers (PLCs) play a prominent role in critical infrastructures, such as power grid, transportation, and petrochemical industry. Suffering from data tampering attacks, PLCs are fragile as the forged data could cause significant damage to industrial machines and human safety. However, less attention has been paid to develop resilience mechanisms for automatically recovering PLCs systems from anomalous states under malicious attacks. In this work, we present the first resilience approach for protecting PLCs against data tampering attacks. The key observation we leverage is that the programmable characteristic of a PLC enables a defender to ensure its data integrity by embedding security mechanism into its control logic. In particular, we design a novel data authentication mechanism to generate and authenticate the message digest of the communication data between PLCs. An anomaly alert will be triggered if the data authentication fails. The execution on received malicious commands is disabled to avoid detrimental effect and keep the system stable. Furthermore, to recover real data from malicious modifications, a data sender is required to encrypt data using the proposed RC5-based data recovery algorithm and re-transmit it. The data authentication and recovery approaches can be implemented on the programmable logic circuit of PLCs through code updating, which requires no alterations to its current hardware architecture. We present the prototype of our resilience scheme and conduct real-world experiments to validate its efficacy under 12 typical attack scenarios. Our results show that our approach achieves 97.4% of accuracy in data authentication and 98.1% of success rate in abnormal state recovery. Finally, we assess the practicality of the proposed mechanism in terms of execution delay.