| Title | (Invited Paper) Enabling Multi-Layer Cyber-Security Assessment of Industrial Control Systems through Hardware-in-the-Loop Testbeds |
| Author | Anastasis Keliris, Charalambos Konstantinou, Nektarios Georgios Tsoutsos (New York University, U.S.A.), Raghad Baiad, *Michail Maniatakos (New York University Abu Dhabi, United Arab Emirates) |
| Page | pp. 511 - 518 |
| Keyword | security, industrial control systems, testbed, firmware |
| Abstract | Industrial Control Systems (ICS) are under modernization towards increasing efficiency, reliability, and controllability. Despite the numerous benefits of interconnecting ICS components, the wide adoption of Information Technologies (IT) has introduced new security challenges and vulnerabilities to industrial processes, previously obscured by the systems' custom designs. Towards securing the backbone of critical infrastructure, selection of the proper assessment environment for performing cyber-security assessments is crucial. In this paper, we present a layered analysis of vulnerabilities and threats in ICS components, that identifies the need for including real hardware components in the assessment environment. Moreover, we advocate the suitability of Hardware-In-The-Loop testbeds for ICS cyber-security assessment and present their advantages over other assessment environments. |
| Slides |
| Title | (Invited Paper) Security Analysis on Consumer and Industrial IoT Devices |
| Author | Jacob Wurm, Khoa Hoang, Orlando Arias (University of Central Florida, U.S.A.), Ahmad-Reza Sadeghi (TU Darmstadt, Germany), *Yier Jin (University of Central Florida, U.S.A.) |
| Page | pp. 519 - 524 |
| Keyword | IoT Security, Hardware Security, IoT Devices |
| Abstract | The fast development of Internet of Things (IoT) and cyber-physical systems (CPS) has triggered a large demand of smart devices which are loaded with sensors collecting information from their surroundings, processing it and relaying it to remote locations for further analysis. The wide deployment of IoT devices and the pressure of time to market of device development have raised security and privacy concerns. In order to help better understand the security vulnerabilities of existing IoT devices and promote the development of low-cost IoT security methods, in this paper, we use both commercial and industrial IoT devices as examples from which the security of hardware, software, and networks are analyzed and backdoors are identified. A detailed security analysis procedure will be elaborated on a home automation system and a smart meter proving that security vulnerabilities are a common problem for most devices. Security solutions and mitigation methods will also be discussed to help IoT manufacturers secure their products. |
| Title | (Invited Paper) Covert Channels Using Mobile Device’s Magnetic Field Sensors |
| Author | Nikolay Matyunin (Technische Universität Darmstadt, Germany), *Jakub Szefer (Yale University, U.S.A.), Sebastian Biedermann, Stefan Katzenbeisser (Technische Universität Darmstadt, Germany) |
| Page | pp. 525 - 532 |
| Keyword | Hardware Security, Side-Channel, Covert-Channel, Magnetic |
| Abstract | This paper presents a new covert channel using smartphone magnetic sensors. We show that modern smartphones are capable to detect the magnetic field changes induced by different computer components during I/O operations. In particular, we are able to create a covert channel between a laptop and a mobile device without any additional equipment, firmware modifications or privileged access on either of the devices. We present two encoding schemes for the covert channel communication and evaluate their effectiveness. |
| Slides |
| Title | (Invited Paper) Multi-valued Arbiters for Quality Enhancement of PUF Responses on FPGA Implementation |
| Author | *Siarhei S. Zalivaka (Nanyang Technological University, Singapore), Alexander V. Puchkov, Vladimir P. Klybik, Alexander A. Ivaniuk (Belarusian State University of Informatics and Radioelectronics, Belarus), Chip-Hong Chang (Nanyang Technological University, Singapore) |
| Page | pp. 533 - 538 |
| Keyword | Physical Unclonable Function, Arbiter, Hardware security |
| Abstract | One main problem encountered in the FPGA implementation of Arbiter based Physical Unclonable Function (A-PUF) is the response instability caused by the metastability of delay flip-flop. This paper presents a new multi-arbiter approach to extract more entropy to extend the number of response bits to a single challenge. New multi-arbiter schemes based on the insertion of either a four-flip-flop arbiter or SR latch arbiter after each pair of multiplexers in the configurable paths are proposed to detect the metastable state when two copies of test pulse arrive at the arbiter inputs almost simultaneously. The detected metastable states are distinguishable by the encoded multiple valued outputs of the arbiter. The codes corresponding to the metastable states collectively form a deterministic ternary state that can be recoded to one of the stable states to improve the uniqueness and reliability of the PUF. Our analysis shows that the proposed design can generate robust and reliable challenge-response pairs with a uniqueness of 0.4982 and a reliability of 0.9985 at the expense of
a relatively small FPGA resource overhead. |
| Slides |