IEEE Transactions on Industrial Electronics, Accepted on June 2020, Early access
Industrial control systems (ICS) include networked control systems (NCS), which use Real-Time Ethernet (RTE protocols since many years, well before the Time Sensitive Networking (TSN) initiative debut. Today, Ethernet based control systems are used all across Industry 4.0, including in critical applications, allowing for straight integration with IT layers. Even if it is known that current RTE protocols do not have strong authentication or ciphering options, it is still very challenging to perform undetected cyber-attacks to these protocols while the NSC is in operation, in particular because such attacks must comply with very strict and small temporal constraints. In this paper, a model based attack is proposed for service degradation of NCS. The attack is carried out in real-time and it can remain undetected for the entire plant life. The attack can be applied to any RTE protocols and, without loss of generality, a detailed analysis of stealth techniques is provided for a specific real use case based on PROFINET. The experimental results demonstrate the feasibility of the proposed attack and its high effectiveness. The paper also points out some possible future investigation directions in order to mitigate the attack.
@article{Sa:20b,
author = {Paolo Ferrari, Emiliano Sisinni, Paolo Bellagente, Stefano Rinaldi, Marco Pasetti, Alan Oliveira de S\'{a}, Raphael C. S. Machado, Luiz F. R. da C. Carmo and António},
title = {Model-Based Stealth Attack to Networked Control System Based on Real-Time Ethernet},
journal = {IEEE Transactions on Industrial Electronics},
volume = {},
number = {Early Access},
pages = {},
year = {2020},
url = {https://doi.org/10.1109/TIE.2020.3001850},
doi = {10.1109/TIE.2020.3001850},
abstractURL = {http://www.di.fc.ul.pt/~casim/papers/tie20/tie20.html},
documentURL = {http://www.di.fc.ul.pt/~casim/papers/tie20/tie20.pdf},
}