• Skip to main content
  • Skip to after header navigation
  • Skip to site footer
ERN: Emerging Researchers National Conference in STEM

ERN: Emerging Researchers National Conference in STEM

  • About
    • About AAAS
    • About the NSF
    • About the Conference
    • Partners/Supporters
    • Project Team
  • Conference
  • Abstracts
    • Undergraduate Abstract Locator
    • Graduate Abstract Locator
    • Abstract Submission Process
    • Presentation Schedules
    • Abstract Submission Guidelines
    • Presentation Guidelines
  • Travel Awards
  • Resources
    • Award Winners
    • Code of Conduct-AAAS Meetings
    • Code of Conduct-ERN Conference
    • Conference Agenda
    • Conference Materials
    • Conference Program Books
    • ERN Photo Galleries
    • Events | Opportunities
    • Exhibitor Info
    • HBCU-UP/CREST PI/PD Meeting
    • In the News
    • NSF Harassment Policy
    • Plenary Session Videos
    • Professional Development
    • Science Careers Handbook
    • Additional Resources
    • Archives
  • Engage
    • Webinars
    • ERN 10-Year Anniversary Videos
    • Plenary Session Videos
  • Contact Us
  • Login

Who's There? Developing Message Authentication for Programmable Logic Controllers

Undergraduate #407
Discipline: Technology and Engineering
Subcategory: Computer Engineering

Faisal Ismail Gedi - Georgia Institute of Technology
Co-Author(s): Faisal Gedi, David Formby, and Raheem Beyah, Georgia Institute of Technology, Atlanta, GA



Programmable Logic Controllers (PLCs) are industrial computers that control the automation of many electromechanical processes. The usage of automation is what makes a PLC such a driving force in the industrial setting. A PLC can constantly monitor the state of inputs to make decisions on outputs. This leads PLCs to play an integral role in the processes of managing critical infrastructure. PLCs have a hand in many of society’s most vital areas such as Water Dams, Power Plants, Weapon Systems, and many more. Having a PLC be compromised and execute malicious functions would create disasters on a catastrophic scale. Thus, there must be an initiative to validate message authentication for PLCs. The problem surrounding PLCs are the fact that they have practically little to no security built into the device. This creates room for concern when considering a PLCs role in critical infrastructure. The goal of our research is to develop a message authentication algorithm that will enable a PLC to confirm that the commands it has received are from a trusted source. The first step in creating a message authentication code is to find an efficient algorithm that can run on the PLCs minimal processors. After finding an 8-bit algorithm, the process is to then port this algorithm in a language format that a PLC can compile. Once the Message Authentication Code (MAC) is successfully checking for authenticity and integrity in the PLC, the next step is to create a threat model. In this research’s threat model, it is assumed that the network has already been compromised. Now that the assumption is made we can test to see if messages being sent to the PLC holds authenticity and integrity. This test is shown through a traffic light simulation, where if the MAC algorithm isn’t in place a hacker can control a traffic light and vice versa, when the MAC algorithm is in place, the traffic light will not execute the PLC commands. The results of this research is a working message authentication algorithm for Programmable Logic Controllers, the first of its kind. To conclude, because a PLC’s operating threshold is so small, the algorithm could not be as secure as preferred. Therefore future works are to incrementally build up the algorithm to become more and more secure while still maintaining the PLC’s efficiency.

Funder Acknowledgement(s): National Science Foundation; Intel; Louis Stoke Alliance for Minority Participation; Georgia Tech Center for Engineering Education and Diversity.

Faculty Advisor: Raheem Beyah, rbeyah@ece.gatech.edu

Role: I did a majority of this research, the project was completed during an REU over the summer. The assistance I required was in receiving the actual message authentication code. My job was to then port this code in order to where a PLC will be able to directly compile and run the message authentication algorithm.

Sidebar

Abstract Locators

  • Undergraduate Abstract Locator
  • Graduate Abstract Locator

This material is based upon work supported by the National Science Foundation (NSF) under Grant No. DUE-1930047. Any opinions, findings, interpretations, conclusions or recommendations expressed in this material are those of its authors and do not represent the views of the AAAS Board of Directors, the Council of AAAS, AAAS’ membership or the National Science Foundation.

AAAS

1200 New York Ave, NW
Washington,DC 20005
202-326-6400
Contact Us
About Us

  • LinkedIn
  • Facebook
  • Instagram
  • Twitter
  • YouTube

The World’s Largest General Scientific Society

Useful Links

  • Membership
  • Careers at AAAS
  • Privacy Policy
  • Terms of Use

Focus Areas

  • Science Education
  • Science Diplomacy
  • Public Engagement
  • Careers in STEM

Focus Areas

  • Shaping Science Policy
  • Advocacy for Evidence
  • R&D Budget Analysis
  • Human Rights, Ethics & Law

© 2023 American Association for the Advancement of Science