Formally and practically verifying flow properties in industrial systems. Issue 86 (September 2019)
- Record Type:
- Journal Article
- Title:
- Formally and practically verifying flow properties in industrial systems. Issue 86 (September 2019)
- Main Title:
- Formally and practically verifying flow properties in industrial systems
- Authors:
- Dreier, Jannik
Puys, Maxime
Potet, Marie-Laure
Lafourcade, Pascal
Roch, Jean-Louis - Abstract:
- Highlights: Flow Integrity ensures that all messages are received unaltered and in the correct order. Flow Integrity is crucial in industrial control systems. Flow Integrity can be formally verified using TAMARIN. A version of MODBUS suffers from a weakness, as well as OPC-UA if sequence number overflows appear. The weakness can be reproduced on a real OPC-UA implementation. Abstract: Industrial systems are nowadays regularly the target of cyberattacks, the most famous being Stuxnet. At the same time such systems are increasingly interconnected with other systems and insecure media such as Internet. In contrast to other IT systems, industrial systems often do not only require classical properties like data confidentiality or authentication of the communication, but have special needs due to their interaction with physical world. For example, the reordering or deletion of some commands sent to a machine can cause the system to enter an unsafe state with potentially catastrophic effects. To prevent such attacks, the integrity of the message flow is necessary. We provide a formal definition of Flow Integrity . We apply our definitions to two well-known industrial protocols: OPC-UA and MODBUS. Using Tamarin, a cryptographic protocol verification tool, we confirm that most of the secure modes of these protocols ensure Flow Integrity given a resilient network. However, we also identify weaknesses in a supposedly secure version of MODBUS, as well as subtleties in the handling ofHighlights: Flow Integrity ensures that all messages are received unaltered and in the correct order. Flow Integrity is crucial in industrial control systems. Flow Integrity can be formally verified using TAMARIN. A version of MODBUS suffers from a weakness, as well as OPC-UA if sequence number overflows appear. The weakness can be reproduced on a real OPC-UA implementation. Abstract: Industrial systems are nowadays regularly the target of cyberattacks, the most famous being Stuxnet. At the same time such systems are increasingly interconnected with other systems and insecure media such as Internet. In contrast to other IT systems, industrial systems often do not only require classical properties like data confidentiality or authentication of the communication, but have special needs due to their interaction with physical world. For example, the reordering or deletion of some commands sent to a machine can cause the system to enter an unsafe state with potentially catastrophic effects. To prevent such attacks, the integrity of the message flow is necessary. We provide a formal definition of Flow Integrity . We apply our definitions to two well-known industrial protocols: OPC-UA and MODBUS. Using Tamarin, a cryptographic protocol verification tool, we confirm that most of the secure modes of these protocols ensure Flow Integrity given a resilient network. However, we also identify weaknesses in a supposedly secure version of MODBUS, as well as subtleties in the handling of sequence numbers in OPC-UA. We also practically examine an OPC-UA stack named python-opcua, where some of the subtleties are not handled correctly. … (more)
- Is Part Of:
- Computers & security. Issue 86(2019)
- Journal:
- Computers & security
- Issue:
- Issue 86(2019)
- Issue Display:
- Volume 86, Issue 86 (2019)
- Year:
- 2019
- Volume:
- 86
- Issue:
- 86
- Issue Sort Value:
- 2019-0086-0086-0000
- Page Start:
- 453
- Page End:
- 470
- Publication Date:
- 2019-09
- Subjects:
- Security protocols -- Industrial systems -- SCADA -- Symbolic model -- Automated verification -- Flow integrity
Computer security -- Periodicals
Electronic data processing departments -- Security measures -- Periodicals
005.805 - Journal URLs:
- http://www.sciencedirect.com/science/journal/01674048 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.cose.2018.09.018 ↗
- Languages:
- English
- ISSNs:
- 0167-4048
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3394.781000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 16503.xml