Discipline: Technology and Engineering
Subcategory: Computer Engineering
Faisal Ismail Gedi - Georgia Institute of Technology
Co-Author(s): Faisal Gedi, David Formby, and Raheem Beyah, Georgia Institute of Technology, Atlanta, GA
Programmable Logic Controllers (PLCs) are industrial computers that control the automation of many electromechanical processes. The usage of automation is what makes a PLC such a driving force in the industrial setting. A PLC can constantly monitor the state of inputs to make decisions on outputs. This leads PLCs to play an integral role in the processes of managing critical infrastructure. PLCs have a hand in many of society’s most vital areas such as Water Dams, Power Plants, Weapon Systems, and many more. Having a PLC be compromised and execute malicious functions would create disasters on a catastrophic scale. Thus, there must be an initiative to validate message authentication for PLCs. The problem surrounding PLCs are the fact that they have practically little to no security built into the device. This creates room for concern when considering a PLCs role in critical infrastructure. The goal of our research is to develop a message authentication algorithm that will enable a PLC to confirm that the commands it has received are from a trusted source. The first step in creating a message authentication code is to find an efficient algorithm that can run on the PLCs minimal processors. After finding an 8-bit algorithm, the process is to then port this algorithm in a language format that a PLC can compile. Once the Message Authentication Code (MAC) is successfully checking for authenticity and integrity in the PLC, the next step is to create a threat model. In this research’s threat model, it is assumed that the network has already been compromised. Now that the assumption is made we can test to see if messages being sent to the PLC holds authenticity and integrity. This test is shown through a traffic light simulation, where if the MAC algorithm isn’t in place a hacker can control a traffic light and vice versa, when the MAC algorithm is in place, the traffic light will not execute the PLC commands. The results of this research is a working message authentication algorithm for Programmable Logic Controllers, the first of its kind. To conclude, because a PLC’s operating threshold is so small, the algorithm could not be as secure as preferred. Therefore future works are to incrementally build up the algorithm to become more and more secure while still maintaining the PLC’s efficiency.
Funder Acknowledgement(s): National Science Foundation; Intel; Louis Stoke Alliance for Minority Participation; Georgia Tech Center for Engineering Education and Diversity.
Faculty Advisor: Raheem Beyah, firstname.lastname@example.org
Role: I did a majority of this research, the project was completed during an REU over the summer. The assistance I required was in receiving the actual message authentication code. My job was to then port this code in order to where a PLC will be able to directly compile and run the message authentication algorithm.