|POGLIANI MARCELLO||Cycle: XXXI |
Section: Computer Science and Engineering
Tutor: DANIEL FLORIAN
Advisor: ZANERO STEFANO Major Research topic
:Security of Industrial Control Systems for ManufacturingAbstract:
Modern manufacturing systems are composed by a plethora of computer-based systems which are interconnected by networks. These systems, although being originally developed as isolated entities, are nowadays highly integrated in the Industry 4.0 vision: They routinely interact with other information systems, remote networks for support and maintenance purposes, and cloud services for data analytics. This landscape opens up a wide attack surface, which can become the avenue for sophisticated attacks. Indeed, various attacks against industrial control systems---the most known sophisticated of which are Suxnet and Triton---demonstrated how sophisticated threat actors are willing to deeply understand and reverse engineer the specific control systems in use by their target to carry out attacks. Although not specifically intended towards manufacturing systems, such attacks serve as a worrying wake up call to the whole manufacturing sector.
In this Thesis, we tackle the challenge of understanding and analyzing the security panorama of manufacturing systems. First, we analyze the existence of threats directed towards industrial control systems used in the manufacturing sector: To this extent, we design and deploy low-interaction honeypots to study the “background noise” traffic (i.e., untargeted probing traffic) directed towards Internet-exposed devices that expose industrial control system protocols, and high-interaction honeypots to study sophisticated attacks targeted at control systems. Then, as manufacturing systems are the target of realistic threats, we analyze their security and their resilience to attacks.
We perform this analysis at three levels. First, we analyze the components of the direct and indirect attack surface of a manufacturing system as a whole, showing the existence of multiple attack vectors that can act as entry points of attacks.
Then, we analyze the security of a specific class of device: an industrial robot, which is an instance of a digitally-controlled manufacturing machine. Specifically, starting from the definition of threat scenarios that can apply to digitally-controlled manufacturing machines, we devise a set of industrial-specific high level attacks that are based on subverting the basic properties (accuracy, integrity, safety) of manufacturing machines. Then, we experimentally analyze the network- and physical- attack surface of two representative models of industrial robots, in order to demonstrate the feasibility of remotely or physically compromising real robot controllers to the extent that is necessary to carry out our attacks. As the third and last level of our analysis, we consider that manufacturing machines are controlled thanks to sophisticated programming languages, such as robot-specific programming languages derived from ALGOL and BASIC for industrial robots, and G-code for CNC and additive manufacturing machines. We analyze the security challenges introduced by the complexity of the languages used to develop “task programs” for industrial robot. After studying the primitives that such languages offer and have a security implication, we implement a static source code analysis tool which is able to analyze task programs written in two of the main robotics programming languages (KRL and RAPID). We use this tool to look for taint-style patterns resulting from unsafe uses of the available primitives, and to quantify their presence in publicly available task programs drawn from online repositories.