Annual Computer Security Applications Conference (ACSAC) 2017

Full Program »

ECFI: Asynchronous Control Flow Integrity for Programmable Logic Controllers

Programmable Logic Controllers (PLCs) are a family of embedded devices that are being used to control physical processes in critical infrastructures. Similar to other embedded devices, PLCs are vulnerable to memory corruption and control-flow hijacking attacks. Because PLCs are being used for critical control applications, compromised PLCs constitute a significant security and safety risk. In this paper, we introduce a novel, PLC-compatible control-flow integrity (CFI) mechanism named ECFI to protect such devices from control-flow hijacking attacks. Our CFI approach is the first system for real-time PLCs and considers the runtime operation of the PLC as the highest priority. We implemented a prototype of ECFI and tested it in a real-world industrial PLC against different kinds of attacks. Our performance evaluation demonstrates that ECFI is an efficient, non-intrusive CFI solution that does not impose notable performance overhead and maintains the timeliness of PLC runtime operations, a critical property for this kind of embedded systems.

Ali Abbasi
University of Twente
Netherlands

Thorsten Holz
Ruhr University Bochum
Germany

Emmanuele Zambon
SecurityMatters B.V
Netherlands

Sandro Etalle
Eindhoven University of Techology
Netherlands

 

Powered by OpenConf®
Copyright©2002-2017 Zakon Group LLC