[go: up one dir, main page]
More Web Proxy on the site http://driver.im/ skip to main content
10.1145/3678890.3678896acmotherconferencesArticle/Chapter ViewAbstractPublication PagesraidConference Proceedingsconference-collections
research-article
Open access

Deception-Resistant Stochastic Manufacturing for Automated Production Lines

Published: 30 September 2024 Publication History

Abstract

The advancement of Industrial Internet-of-Things (IIoT) magnifies the cyber risk of automated production lines, especially to deception attacks that tamper with the monitoring data to prevent the manipulated operation of production lines from being detected. To address this issue, we propose Stochastic Manufacturing (StoM), a new paradigm of manufacturing that is resistant to deception by design. StoM voids the foundation of deception attacks — i.e., the highly predictable operation data due to the cyclical manufacturing process — by injecting controlled stochasticity into the operation of production lines without degrading manufacturing efficiency or quality. StoM then examines if this stochasticity can be observed from the operation data and triggers an alarm of deception attack if not. We have experimentally evaluated StoM on two production line platforms, showing StoM to detect deception attacks with a detection rate exceeding 99.1%, a false alarm rate below 0.1%, and a latency of less than 1.2 manufacturing cycles. Our empirical analysis also shows that it is highly impractical for attackers to spoof the controlled stochasticity.

References

[1]
ABB. 2023. Detailed information for: RobotStudio. https://new.abb.com/products/3HAC031177-001/robotstudio. [Online; Accessed May 2023].
[2]
ABB. 2023. How do we implement Robotic Process Automation?https://new.abb.com/news/detail/101946/how-do-we-implement-robotic-process-automation. [Online; Accessed June 2023].
[3]
Sridhar Adepu and Aditya Mathur. 2018. Distributed Attack Detection in a Water Treatment Plant: Method and Case Study. IEEE Transactions on Dependable and Secure Computing 18, 1 (2018), 86–99.
[4]
ICS Advisory. 2022. APT Cyber Tools Targeting ICS/SCADA Devices. https://www.cisa.gov/uscert/ncas/alerts/aa22-103a. [Online; Accessed June 2023].
[5]
Airbus AG. 2019. Airbus inaugurates new A320 structure assembly line in Hamburg. https://www.airbus.com/en/newsroom/press-releases/2019-10-airbus-inaugurates-new-a320-structure-assembly-line-in-hamburg. [Online; Accessed June 2023].
[6]
KUKA AG. 2019. Hier sind die Industrie-4.0-Roboter: Intelligente Automatisierung im KUKA Werk. https://www.youtube.com/watch?v=-PGrqcNtB7M. [Online; Accessed June 2023].
[7]
Siemens AG. 2017. Programming with STEP 7. https://cache.industry.siemens.com/dl/files/825/109751825/att_933142/v1/STEP_7_-_Programming_with_STEP_7.pdf. [Online; Accessed June 2023].
[8]
Homa Alemzadeh, Daniel Chen, Xiao Li, Thenkurussi Kesavadas, Zbigniew T Kalbarczyk, and Ravishankar K Iyer. 2016. Targeted Attacks on Teleoperated Surgical Robots: Dynamic Model-Based Detection and Mitigation. In International Conference on Dependable Systems and Networks (DSN). IEEE, 395–406.
[9]
Anonymous. 2023. Demo: Mounting Deception Attacks to Automated Production Lines. https://youtu.be/zgOkaqLvPyE. [Online; Accessed May 2023].
[10]
Wissam Aoudi, Mikel Iturbe, and Magnus Almgren. 2018. Truth Will Out: Departure-Based Process-Level Detection of Stealthy Attacks on Control Systems. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (CCS). 817–831.
[11]
Dillon Beresford. 2011. Exploiting Siemens Simatic S7 PLCs. Black Hat USA 16, 2 (2011), 723–733.
[12]
Eli Biham, Sara Bitan, Aviad Carmel, Alon Dankner, Uriel Malin, and Avishai Wool. 2019. Rogue7: Rogue Engineering Station Attacks on S7 Simatic PLCs. In BlackHat USA.
[13]
Nathan Brubaker, Keith Lunden, Ken Proska, Muhammad Umair, Daniel Kapellmann Zafra, Corey Hildebrandt, and Rob Caldwell. 2022. INCONTROLLER: New State-Sponsored Cyber Attack Tools Target Multiple Industrial Control Systems. https://www.mandiant.com/resources/blog/incontroller-state-sponsored-ics-tool. [Online; Accessed June 2023].
[14]
Siemens Security Advisory by Siemens ProductCERT. 2020. SSA-381684: Improper Password Protection during Authentication in SIMATIC S7-300 and S7-400 CPUs and Derived Products. https://cert-portal.siemens.com/productcert/pdf/ssa-381684.pdf. [Online; Accessed June 2023].
[15]
Defense Use Case. 2016. Analysis of the Cyber Attack on the Ukrainian Power Grid. Electricity Information Sharing and Analysis Center (2016).
[16]
Cesar Cerrudo and Lucas Apa. 2017. Hacking Robots Before Skynet. IOActive Website (2017), 1–17.
[17]
Hongjun Choi, Wen-Chuan Lee, Yousra Aafer, Fan Fei, Zhan Tu, Xiangyu Zhang, Dongyan Xu, and Xinyan Xinyan. 2018. Detecting Attacks Against Robotic Vehicles: A Control Invariant Approach. In ACM SIGSAC Conference on Computer and Communications Security (CCS). 801–816.
[18]
Keywhan Chung, Xiao Li, Peicheng Tang, Zeran Zhu, Zbigniew T Kalbarczyk, Ravishankar K Iyer, and Thenkurussi Kesavadas. 2019. Smart Malware that Uses Leaked Control Data of Robotic Applications: The Case of Raven-II Surgical Robots. In International Symposium on Research in Attacks, Intrusions and Defenses (RAID). 337–351.
[19]
Kevin Collier. 2021. In Florida, a near-miss with a cybersecurity worst-case scenario. https://www.nbcnews.com/tech/security/florida-near-miss-cybersecurity-worst-case-scenario-n1257091. [Online; Accessed May 2023].
[20]
Cybersecurity and Infrastructure Security Agency. 2020. Rockwell Automation MicroLogix Controllers and RSLogix 500 Software. https://us-cert.cisa.gov/ics/advisories/icsa-20-070-06. [Online; Accessed June 2023].
[21]
Nicholas DeMarinis, Stefanie Tellex, Vasileios P Kemerlis, George Konidaris, and Rodrigo Fonseca. 2019. Scanning the Internet for ROS: A View of Security in Robotics Research. In 2019 International Conference on Robotics and Automation (ICRA). IEEE, 8514–8521.
[22]
FANUC Europe. 2017. FANUC Industrial Robots at AUDI. https://www.youtube.com/watch?v=rbki4HR41-4. [Online; Accessed June 2023].
[23]
Nicolas Falliere, Liam O Murchu, and Eric Chien. 2011. W32. Stuxnet Dossier. White paper, Symantec Corp., Security Response 5, 6 (2011), 29.
[24]
Chongrong Fang, Yifei Qi, Peng Cheng, and Wei Xing Zheng. 2020. Optimal periodic watermarking schedule for replay attack detection in cyber–physical systems. Automatica 112 (2020), 108698.
[25]
Cheng Feng, Venkata Reddy Palleti, Aditya Mathur, and Deeph Chana. 2019. A Systematic Framework to Generate Invariants for Anomaly Detection in Industrial Control Systems. Symposium on Network and Distributed System Security (NDSS) (2019).
[26]
David Formby, Preethi Srinivasan, Andrew Leonard, Jonathan Rogers, and Raheem A Beyah. 2016. Who’s in Control of Your Control System? Device Fingerprinting for Cyber-Physical Systems. In Symposium on Network and Distributed System Security (NDSS).
[27]
Matthew Fox. 2023. Python bindings for libnetfilter_queue. https://pypi.org/project/NetfilterQueue. [Online; Accessed May 2023].
[28]
Luis Garcia, Ferdinand Brasser, Mehmet Hazar Cintuglu, Ahmad-Reza Sadeghi, Osama A Mohammed, and Saman A Zonouz. 2017. Hey, My Malware Knows Physics! Attacking PLCs with Physical Model Aware Rootkit. In Symposium on Network and Distributed System Security (NDSS).
[29]
Hamid Reza Ghaeini, Matthew Chan, Raad Bahmani, Ferdinand Brasser, Luis Garcia, Jianying Zhou, Ahmad-Reza Sadeghi, Nils Ole Tippenhauer, and Saman Zonouz. 2019. PAtt: Physics-based Attestation of Control Systems. In 22nd International Symposium on Research in Attacks, Intrusions and Defenses (RAID). 165–180.
[30]
Mikell P. Groover. 2016. Automation, Production Systems, and Computer-Integrated Manufacturing.
[31]
Equation Group. 2018. MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption. https://www.rapid7.com/db/modules/exploit/windows/smb/ms17_010_eternalblue. [Online; Accessed May 2023].
[32]
Damodar N. Gujarati and Dawn C. Porter. 2009. Basic Econometrics.
[33]
Dragos Inc. 2022. CHERNOVITE’s PIPEDREAM Malware Targeting Industrial Control Systems (ICS). https://www.dragos.com/blog/industry-news/chernovite-pipedream-malware-targeting-industrial-control-systems/. [Online; Accessed June 2023].
[34]
Leon Johnson. 2020. Exploitable vulnerabilities #1 (MS08-067). https://www.rapid7.com/blog/post/2014/02/03/new-ms08-067. [Online; Accessed May 2023].
[35]
Takeaki Kariya and Hiroshi Kurata. 2004. Generalized Least Squares.
[36]
David Kennedy, Jim O’gorman, Devon Kearns, and Mati Aharoni. 2011. Metasploit: The Penetration Tester’s Guide.
[37]
Ali Keshvarparast, Daria Battini, Olga Battaia, and Amir Pirayesh. 2023. Collaborative robots in manufacturing and assembly systems: literature review and future research agenda. Journal of Intelligent Manufacturing (2023), 1–54.
[38]
Qiang Li, Xuan Feng, Haining Wang, and Limin Sun. 2018. Understanding the Usage of Industrial Control System Devices on the Internet. IEEE Internet of Things Journal 5, 3 (2018), 2178–2189.
[39]
Efrén López-Morales, Ulysse Planta, Carlos Rubio-Medrano, Ali Abbasi, and Alvaro A Cardenas. 2024. SoK: Security of Programmable Logic Controllers. In 33rd USENIX Security Symposium (USENIX Security).
[40]
Reeco Automation Ltd. 2019. Electronics Assembly - Nidec. https://www.youtube.com/watch?v=jdL_2Y5Q6S4&t=10s. [Online; Accessed June 2023].
[41]
Daniele Marrone. 2022. The implementation of collaborative robots in production environments: a review of academic literature and industrial applications. (2022).
[42]
Jeremy A Marvel, Roger Bostelman, and Joe Falco. 2018. Multi-Robot Assembly Strategies and Metrics. ACM Computing Surveys (CSUR) 51, 1 (2018), 1–32.
[43]
InGear Media. 2022. BMW iFactory — iX1 Production. https://www.youtube.com/watch?v=bML5ZUyEiQw. [Online; Accessed June 2023].
[44]
Douglas C. Montgomery. 2007. Introduction to Statistical Quality Control.
[45]
Vedanth Narayanan and Rakesh B. Bobba. 2018. Learning Based Anomaly Detection for Industrial Arm Applications. In Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCy. 13–23.
[46]
Emma Newburger. 2021. Ransomware attack forces shutdown of largest fuel pipeline in the U.S.https://www.cnbc.com/2021/05/08/colonial-pipeline-shuts-pipeline-operations-after-cyberattack.html. [Online; Accessed June 2023].
[47]
Schneider Electric Security Notification. 2021. Security Notification - Modicon M100/M200/M221 Programmable Logic Controller (V3.0). https://www.se.com/ww/en/download/document/SEVD-2020-315-05/. [Online; Accessed June 2023].
[48]
Alberto Ornaghi and Marco Valleri. 2020. Ettercap Home Page. https://www.ettercap-project.org. [Online; Accessed May 2023].
[49]
Hongyi Pu, Liang He, Peng Cheng, Jiming Chen, and Youxian Sun. 2023. CORMAND2: A Deception Attack Against Industrial Robots. Engineering (2023).
[50]
Hongyi Pu, Liang He, Peng Cheng, Mingyang Sun, and Jiming Chen. 2022. Security of Industrial Robots: Vulnerabilities, Attacks, and Mitigations. IEEE Network 37, 1 (2022), 111–117.
[51]
Hongyi Pu, Liang He, Chengcheng Zhao, David KY Yau, Peng Cheng, and Jiming Chen. 2020. Detecting Replay Attacks against Industrial Robots via Power Fingerprinting. In Proceedings of the 18th Conference on Embedded Networked Sensor Systems (SenSys). 285–297.
[52]
Davide Quarta, Marcello Pogliani, Mario Polino, Federico Maggi, Andrea Maria Zanchettin, and Stefano Zanero. 2017. An Experimental Security Analysis of an Industrial Robot Controller. In Symposium on Security and Privacy (S&P). 268–286.
[53]
Raul Quinonez, Jairo Giraldo, Luis Salazar, Erick Bauman, Alvaro Cardenas, and Zhiqiang Lin. 2020. SAVIOR: Securing Autonomous Vehicles with Robust Physical Invariants. In 29th USENIX Security Symposium (USENIX Security). 895–912.
[54]
Ravi Rao. 2023. What are Robotic Assembly Lines? History, Components, Advantages, Limitations, Applications, and Future. https://www.wevolver.com/article/what-are-robotic-assembly-lines-history-components-advantages-limitations-applications-and-future. [Online; Accessed June 2023].
[55]
ABB Robotics. 2015. Application Manual PC SDK. ABB AB Robotic products (2015), 204–217.
[56]
ABB Robotics. 2019. Product specification - IRB 120. https://library.e.abb.com/public/6aed5e91083f4fceb358eea2fe4c1bab/3HAC035960%20PS%20IRB%20120-en.pdf?x-sign=edIex5StIjpgmJBJJ95tak9NHdyuuut6mzzJHESGKt5i1JG8dhLRBdvggKptgBJn. [Online; Accessed May 2023].
[57]
Nabil Sayfayn and Stuart Madnick. 2017. Cybersafety Analysis of the Maroochy Shire Sewage Spill (Preliminary Draft). (2017).
[58]
Dimitrios Serpanos and Marilyn Wolf. 2018. Internet-of-Things (IoT) Systems Architectures, Algorithms, Methodologies.
[59]
Suresh P Sethi and Qing Zhang. 2012. Hierarchical Decision Making in Stochastic Manufacturing Systems.
[60]
Dug Song. 2000. dsniff. https://www.monkey.org/ dugsong/dsniff. [Online; Accessed May 2023].
[61]
Catherine Stupp. 2021. Energy Tech Firm Hit in Ransomware Attack: Oslo-based Volue is working to restore systems and customer software after incident. https://www.wsj.com/articles/energy-tech-firm-hit-in-ransomware-attack-11620764034. [Online; Accessed June 2023].
[62]
Zhichuang Sun, Bo Feng, Long Lu, and Somesh Jha. 2020. OAT: Attesting Operation Integrity of Embedded Devices. In 2020 IEEE Symposium on Security and Privacy (S&P). IEEE, 1433–1449.
[63]
David I Urbina, Jairo A Giraldo, Alvaro A Cardenas, Nils Ole Tippenhauer, Junia Valente, Mustafa Faisal, Justin Ruths, Richard Candell, and Henrik Sandberg. 2016. Limiting the Impact of Stealthy Attacks on Industrial Control Systems. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS).
[64]
Alfred Wehrl. 1978. General Properties of Entropy. Reviews of Modern Physics 50, 2 (1978), 221.
[65]
Marilyn Wolf and Dimitrios Serpanos. 2020. Safe and Secure Cyber-Physical Systems and Internet-of-Things Systems.
[66]
Zeyu Yang, Liang He, Peng Cheng, and Jiming Chen. 2024. Mismatched Control and Monitoring Frequencies: Vulnerability, Attack, and Mitigation. IEEE Transactions on Dependable and Secure Computing (2024), 1–18. https://doi.org/10.1109/TDSC.2024.3384146
[67]
Zeyu Yang, Liang He, Peng Cheng, Jiming Chen, David KY Yau, and Linkang Du. 2020. PLC-Sleuth: Detecting and Localizing PLC Intrusions Using Control Invariants. In 23rd International Symposium on Research in Attacks, Intrusions and Defenses (RAID). 333–348.
[68]
Zeyu Yang, Liang He, Yucheng Ruan, Peng Cheng, and Jiming Chen. 2024. Unveiling Physical Semantics of PLC Variables Using Control Invariants. IEEE Transactions on Dependable and Secure Computing (2024), 1–18.
[69]
Mu Zhang, James Moyne, Z Morley Mao, Chien-Ying Chen, Bin-Chou Kao, Yassine Qamsane, Yuru Shao, Yikai Lin, Elaine Shi, Sibin Mohan, 2019. Towards Automated Safety Vetting of PLC Code in Real-World Plants. In Symposium on Security and Privacy (S&P).
[70]
Zhenyong Zhang, Ruilong Deng, David KY Yau, Peng Cheng, and Jiming Chen. 2019. Analysis of Moving Target Defense Against False Data Injection Attacks on Power Grid. IEEE Transactions on Information Forensics and Security 15 (2019), 2320–2335.

Index Terms

  1. Deception-Resistant Stochastic Manufacturing for Automated Production Lines

    Recommendations

    Comments

    Please enable JavaScript to view thecomments powered by Disqus.

    Information & Contributors

    Information

    Published In

    cover image ACM Other conferences
    RAID '24: Proceedings of the 27th International Symposium on Research in Attacks, Intrusions and Defenses
    September 2024
    719 pages
    This work is licensed under a Creative Commons Attribution International 4.0 License.

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 30 September 2024

    Check for updates

    Author Tags

    1. Controlled Stochasticity
    2. Deception Attacks
    3. Production Line Manufacturing

    Qualifiers

    • Research-article
    • Research
    • Refereed limited

    Conference

    RAID '24

    Acceptance Rates

    RAID '24 Paper Acceptance Rate 43 of 173 submissions, 25%;
    Overall Acceptance Rate 43 of 173 submissions, 25%

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • 0
      Total Citations
    • 241
      Total Downloads
    • Downloads (Last 12 months)241
    • Downloads (Last 6 weeks)173
    Reflects downloads up to 13 Dec 2024

    Other Metrics

    Citations

    View Options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    HTML Format

    View this article in HTML Format.

    HTML Format

    Login options

    Media

    Figures

    Other

    Tables

    Share

    Share

    Share this Publication link

    Share on social media