PLC Security Monitor Systems Based On Side-Channel

With the rapid development of information technology and the internet of things, the industrial systems have been connected to the Internet like never before. This trend boosted productivity greatly, yet imposed tremendous security problems in industrial control systems. The ’Stuxnet’ warns us the importance and urgency of strengthening the security of industrial systems. Among all devices, PLC is the key component in the industrial control systems, the ’Stuxnet’ damaged the industrial control system of Iran by modifying the behavior of PLC, yet the traditional security approaches are not applicable to the PLC. Thus, in this paper, we design real-time monitoring systems to oversee the PLC operation via a power-consumption side channel. The feasibility lies in the following observation:PLC always repeat the execution of specific programs, e.g., circle scanning, and its hardware characteristics lead to a strong correlation between-its run-time energy consumption and its internal programs. To validate the idea, we set up a testbed of industrial control system in the laboratory, where we designed three attacks for PLC. Then we analyzed the different characteristics of energy consumption by various types of PLCs, and we chose energy features to capture the difference of various energy consumption patterns and selected SVM for detecting abnormal behaviors (e.g., modified programs). We designed data acquisition devices, which have similar technical specification as commercial data acquisition device yet at a one-thirtieth cost, which makes it suitable for large scale deploying. Validating our monitoring schemes in our testbed, we show that the scheme achieves a detection accuracy above 95%. In addition, our scheme has the following advantages that fit the operation requirement of industrial control systems:the scheme does not require modifying the hardware or software in industrial control systems, and its deployment will not interrupt the normal operation of industrial systems. This innovation security system can help us build up a Solid Defense Architect in industrial control system.