TY - GEN
T1 - IFFSET
T2 - 2020 Design, Automation and Test in Europe Conference and Exhibition, DATE 2020
AU - Tychalas, Dimitrios
AU - Maniatakos, Michail
N1 - Funding Information:
ACKNOWLEDGMENT & RESOURCES This work was supported by the NYU Abu Dhabi Global PhD Fellowship program. Our platform can be found at https://github.com/momalab/IFFSET.
Publisher Copyright:
© 2020 EDAA.
PY - 2020/3
Y1 - 2020/3
N2 - Industrial Control Systems (ICS) have evolved in the last decade, shifting from proprietary software/hardware to contemporary embedded architectures paired with open-source operating systems. In contrast to the IT world, where continuous updates and patches are expected, decommissioning always-on ICS for security assessment can incur prohibitive costs to their owner. Thus, a solution for routinely assessing the cybersecurity posture of diverse ICS without affecting their operation is essential. Therefore, in this paper we introduce IFFSET, a platform that leverages full system emulation of Linux-based ICS firmware and utilizes fuzzing for security evaluation. Our platform extracts the file system and kernel information from a live ICS device, building an image which is emulated on a desktop system through QEMU. We employ fuzzing as a security assessment tool to analyze ICS specific libraries and find potential security threatening conditions. We test our platform with commercial PLCs, showcasing potential threats with no interruption to the control process.
AB - Industrial Control Systems (ICS) have evolved in the last decade, shifting from proprietary software/hardware to contemporary embedded architectures paired with open-source operating systems. In contrast to the IT world, where continuous updates and patches are expected, decommissioning always-on ICS for security assessment can incur prohibitive costs to their owner. Thus, a solution for routinely assessing the cybersecurity posture of diverse ICS without affecting their operation is essential. Therefore, in this paper we introduce IFFSET, a platform that leverages full system emulation of Linux-based ICS firmware and utilizes fuzzing for security evaluation. Our platform extracts the file system and kernel information from a live ICS device, building an image which is emulated on a desktop system through QEMU. We employ fuzzing as a security assessment tool to analyze ICS specific libraries and find potential security threatening conditions. We test our platform with commercial PLCs, showcasing potential threats with no interruption to the control process.
KW - Emulation
KW - Fuzzing
KW - Industrial Control
UR - http://www.scopus.com/inward/record.url?scp=85087410679&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85087410679&partnerID=8YFLogxK
U2 - 10.23919/DATE48585.2020.9116365
DO - 10.23919/DATE48585.2020.9116365
M3 - Conference contribution
AN - SCOPUS:85087410679
T3 - Proceedings of the 2020 Design, Automation and Test in Europe Conference and Exhibition, DATE 2020
SP - 662
EP - 665
BT - Proceedings of the 2020 Design, Automation and Test in Europe Conference and Exhibition, DATE 2020
A2 - Di Natale, Giorgio
A2 - Bolchini, Cristiana
A2 - Vatajelu, Elena-Ioana
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 9 March 2020 through 13 March 2020
ER -