ICS VILLAGE - Side-Channel Analysis for Protecting Critical Infrastructure

Video thumbnail (Frame 0) Video thumbnail (Frame 4369) Video thumbnail (Frame 7747) Video thumbnail (Frame 10702) Video thumbnail (Frame 18492) Video thumbnail (Frame 25279) Video thumbnail (Frame 29551) Video thumbnail (Frame 30749) Video thumbnail (Frame 33265) Video thumbnail (Frame 35413) Video thumbnail (Frame 38219) Video thumbnail (Frame 40737) Video thumbnail (Frame 41878) Video thumbnail (Frame 42824)
Video in TIB AV-Portal: ICS VILLAGE - Side-Channel Analysis for Protecting Critical Infrastructure

Formal Metadata

ICS VILLAGE - Side-Channel Analysis for Protecting Critical Infrastructure
Alternative Title
Securing Critical Infrastructure through Side-Channel Monitoring
Title of Series
CC Attribution 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Release Date

Content Metadata

Subject Area
Divisor INTEGRAL Decision theory Similarity (geometry) Mathematical analysis Mereology IP address Side channel attack Event horizon Information technology consulting Goodness of fit Mechanism design Term (mathematics) Different (Kate Ryan album) Information security Address space Physical system Cybersex Focus (optics) Structural load Mathematical analysis Bit Division (mathematics) Type theory Process (computing) Software Personal digital assistant Sinc function Spacetime
Context awareness Group action Serial port Decision theory Multiplication sign IP address Machine learning Pressure volume diagram Set (mathematics) Information security Physical system Vulnerability (computing) Boss Corporation Decision theory Moment (mathematics) Bit Connected space Order (biology) System programming Right angle Fundamental theorem of algebra Electric current Point (geometry) Programming paradigm Variety (linguistics) Patch (Unix) Virtual machine Paradox Product (business) Wave packet Goodness of fit Internetworking Operator (mathematics) Integrated development environment Communications protocol Computing platform Rule of inference Context awareness Operations research Addition Information Paradox Field (computer science) Line (geometry) Limit (category theory) Software Computing platform Fingerprint Window
State of matter Multiplication sign 1 (number) Median Disk read-and-write head Mereology Side channel attack Food energy Public key certificate Medical imaging Machine learning Different (Kate Ryan album) Forest Process (computing) Information Endliche Modelltheorie Physical system Thumbnail Point cloud Area Machine learning Algorithm Touchscreen Structural load Digitizing Software developer Fitness function Physicalism Bit Determinism Price index Flow separation Entire function Connected space Hand fan Type theory Wave Process (computing) Sample (statistics) Telecommunication Website Right angle Pattern language Cycle (graph theory) Fundamental theorem of algebra Resultant Spacetime Point (geometry) Slide rule Firewall (computing) Connectivity (graph theory) Virtual machine Microcontroller Mathematical analysis Distance Coprocessor Field (computer science) Wave packet Power (physics) Frequency Internetworking Term (mathematics) Operator (mathematics) Computer hardware Energy level Utility software Firmware Fingerprint Noise (electronics) Support vector machine Wavelet Information Key (cryptography) Demo (music) Artificial neural network Projective plane Mathematical analysis Planning Cartesian coordinate system Power (physics) Signal processing Word Embedded system Radius Software Finite difference Personal digital assistant Logic System on a chip
Point (geometry) Suite (music) Transformation (genetics) Confidence interval State of matter INTEGRAL Multiplication sign Virtual machine Online help Mereology Distance Side channel attack Field (computer science) Spektrum <Mathematik> Mathematics Operator (mathematics) Software testing Information Endliche Modelltheorie Physical system Condition number Noise (electronics) Matching (graph theory) Information Moment (mathematics) Bit Integrated development environment Personal digital assistant Right angle Pattern language Musical ensemble
Injektivität Computer file State of matter Code Multiplication sign Limit (category theory) Mereology Complex analysis Event horizon Wave packet Frequency Bit rate Different (Kate Ryan album) Energy level Flag Software testing Computing platform Position operator Task (computing) Complex analysis Noise (electronics) Curve Line (geometry) Instance (computer science) Unsupervised learning Cartesian coordinate system Performance appraisal Type theory Message passing Supervised learning Personal digital assistant Computing platform output Quicksort Library (computing)
Point (geometry) Code State of matter Multiplication sign Firewall (computing) Covering space Black box Side channel attack Public key certificate Rule of inference Number Mathematics Computer hardware Cuboid Integrated development environment Software testing Information security Physical system Vulnerability (computing) Area Addition Turtle graphics Line (geometry) Funktionalanalysis Limit (category theory) Sequence Type theory Process (computing) Vector space System programming Right angle Physical system Sinc function
Run time (program lifecycle phase) Run time (program lifecycle phase) Multiplication sign Projective plane Analogy Chain Computer configuration Computer configuration Computer hardware Different (Kate Ryan album) Logic Design by contract Video game Software testing Energy level Calculus of variations Physical system ARPANET
Slide rule Demo (music) Multiplication sign Computer network Software testing Cartesian coordinate system Router (computing) Backup Computing platform Number
good morning everybody my name is Jim Harris from PFP we're going to talk today I'm here with Carlos our CTO we're going to talk a little bit about side channel analysis for critical infrastructure protection and since we're kind of early we're starting a little bit early feel free to interrupt with questions whatever is we're going along and hopefully this will be an informative session so yeah okay I hate standing behind a podium normally I like walk around when I'm talking so this is gonna dry he's gonna walk and I'll talk a little bit and then we'll switch do think oh great okay all right this is a little bit easier for me because I have to pay some little ADHD so what we're talking about is essentially using we're trying to take a technology that basically developed for the US government US military and our first commercial targets were in the ICS space and the reason is because it's a similar use case you have absolutely critical infrastructure that absolutely has to be protected you have some things that cannot go down and you can't load software on them and you can't look at the network traffic and you can't do any of those things because we have a lot of this big divide between the focus of the OT which is safety and security and availability of the system and the focus of IT which is trying to prevent compromises and breaches and after so I have a long weird history I won't get the whole thing but I spent all that sorted as an engineer back in the 1990s I took a detour through the FBI for 11 years as a special agent working mostly in cyber division and that type of stuff and then I became a consultant mostly back to the government and did a lot of critical infrastructure protection cyber events in an effort to help people talk more intelligently about risk decisions and i T&O t divide was a big part of my consulting business back in the day because this difference between how people view things I mean there's lots of different things you can go into about the psychological differences of how IT folks tend to think abstractly in terms of things like IP addresses and MAC addresses ot guys tend to think concretely and things like mechanical processes and switches and all the way through to the difference between a focus heavily on confidentiality and a focus almost entirely on availability and integrity right so doing go to the next one so the problem is of course
there's a shared deployment and the old days of OT and the IT didn't mate there's ot was on you know my boss serial ports things like that and I T was IP address Ethernet and they just didn't have a big connection but now everything including the Modbus has gone to eat they're not as well and there's even you know wireless products it can be IP based as well and we had this problem essentially of we have to make some decisions about systems that the folks who traditionally do IT technology don't necessarily understand what the system is doing or how to judge it the context in which it's operating so yeah let me let me give to the last point that Jim was talking about so this is a lot of emphasis on using machine learning for security and one of the main problems we have with machine learning is that you know that is the ground truth which is when you're training your machine learning you have to make sure while you whatever you claim it's good it's actually good whatever you claim is malicious is actually malicious and there is a very blurry line between the two so having coming up with that ground truth at the first place is very very difficult and the last one when we talk about the endpoint paradox is that most of the endpoint protection relies on installing agents of the devices themselves and of course that you know you you need that end point information for context you're just looking at the network you see a packet going through you don't know what you don't know what it did you no did it deploy did it do something back to it you don't know you need to you need to have that endpoint context to really understand what's going on with your network or your whole system but in order to get that context you need usually you need to install an agent in the endpoint itself which means that it's a little bit like asking you know the Fox 7 chickens are in the henhouse because the moment somebody compromises at endpoint you know that they can make the agents lie to you so we have that paradox that we call it because you need to rely on the endpoint but you cannot trust it all right so a
lot of the things that people do today which are trying to separate the systems from the Internet good patching good but difficult if you've separated the system from the internet using these kind of traditional IT systems they're all you know things that are necessary but not complete right they don't actually solve the essential problem they also don't necessarily solve the fundamental insider problem that everybody kind of understands they now phase with this you know sorry sorry I mean what I never read back to Carlos because he was something about the right of limited operations I didn't that he put in here it wasn't sure about right yeah so like Jim said ITT very different most of the time when you talk about security you bring the things that we learn in the IT world with trying to jam them into the OT world in they're very different worlds there's one quick example that you know for Windows updates the best time to do it is on a Sunday at 2:00 a.m. in the morning when it's not disrupting anybody that would be the absolute worst time to do it in an OT system because if something goes wrong you want to have everybody looking at it so they can take action so they're very very different and and when you tries to jam the security a solution from IT into the OT you leave some systems vulnerable because none of them can be deployed so you have in addition to that a lot of the operational requirements that are very strict a very different from ot system you have embedded system you have legacy devices you have a broad variety of platforms that have to interact and where reliability is king so it makes it really difficult to use the the the things that we have learned in the in the IT world did I directly just apply them on the or in the OT so yeah that's what we were trying to say in this work
yeah and to that end I can't remember I sort of blank there for a second but I had a an interesting two different and consulting engagements and of course I can't mention the companies involved but both of them were utilities and one of the utility proudly said we solve all of our problems with air gaps and then they went on to describe there I said okay so it's truly air gapped and they said yeah absolutely air gap this is a power supply system I said okay so your billing of the energy right how does that get to your your billing department they said oh but just you know it goes through the firewall in the MPLS to the business system something but that's not an air gap no it's like an air gap but it's not an air gap and it was just kind of funny that we as we were having this discussion they they really genuinely truly thought they had air gap the system by putting a firewall in MPLS through that firewall I had another company that really truly said they were as far as I could tell air gap right they had completely severed any IP connection into the system cool how do you update the firmware oh we go over to the internet machine download the firmware put it on thumb drive walk over to the machine and load it okay technically an air gap but obviously another vector and since I had no other software on the system to protect it or any other device to protect it because hey we're air gap to what could possibly go wrong they were doing that which post Stuxnet everybody knows doesn't work so what we're looking at instead is something a little bit different so the challenge here of course is to put something that doesn't require a loading software interrupting the network or it could possibly become a point of failure for the entire system so P fps wait what we've been researching and doing for quite some time in the government space is looking at side channel analysis now everybody the conference has probably heard somebody talk about side channel analysis talking about reading RSA keys or breaking or doing bad things to a system that we're kind of the other side of this which is we want to use the same process we want to look at tiny fluctuations on either the power or the e/m emissions to determine what the state of the system is if it's in a known good state a known bad state or an unknown state which and this type of application should be considered bad so if you think about the power plane inside of an electrical device right like our badges and everything like that each time a processor microcontroller whatever has to make an operation has to do something at a clock cycle even if it's negligible it has to reach in that power plane it has to pull some power out so if you think about that as a very still crystal still lake right like Lake Tahoe in the summer you know looks really clear you almost don't want to touch it because as soon as you touch it you know you're gonna create ripples those ripples are gonna go on smaller and smaller but indefinitely if you think about a deterministic process like an industrial control system reaching and dipping into that power plane over and over again it creates very pattern this pattern istic is not a word i'm sure but deterministic patterns of waves on that plane so we're using usually in em in these cases and we'll talk about why we're using that along with some signal processing and machine learning to basically identify in time and frequency space what are those things are important between the different operating States and then outputting a statistical fit of what state you're in the machine thinks you're in and how confident is in that state is anything you want to add no no that's that's really it no there's a lot of signal processing involved so when we start talking to people about you know site channels and and transforms and wavelet transforms and things like that often they don't the the traditional silent people they have a little hard time wrapping their heads around it but in principle is very very straightforward you know when you have a digital device you're flipping bait from 1 0 0 to 1 and the more bits they flip and every clock cycle the more energy you need to flip those bits so as you can execute in your logic your flipping more or less bits I give you this very tiny but very unique pattern that depends about the heart on the software and that's the one we're going the people doing such an attacks they go after that to steal information we're flipping around and we're using it to make sure that nobody has modified the logic in your device and oh yeah this is the slide the next slide and you will see in a minute is one that for some reason takes a long time to load this computer but let me talk about it a little bit well these were loads oh yeah sure so the training right now and actually the our current setup is actually based so I should probably have them talking about it more but the machine learning training we got a couple of different paths one is the original machine
learning algorithms at Carlos as part of his PhD work developed sometime back and that has been developed into what we're currently using I'm also doing some work now and deep learning convolutional neural networks to do the same thing so less signal processing upfront more deep learning which obviously takes more processing power but can give better separation in some odd cases some you know difficult cases but that's still kind of under development but Carl's can talk more about the work because yeah so so this was my backers in Polish communications I used to work with self-defined radius and the origin of the technology it was looking at how to help regulatory bodies satisfy some defined radius and enforce certifications when the FCC tests a new radio and put the stamp for approval that can be sold they certify a specific hardware but a specific software it's a pair and if you change either one of them you have to go getting retested to get recertified but they never said how they were going to enforce that so that was part of the work that we were doing and figuring out how can we help how can we detect that either one of them has changed of course we look at such an as they worked and and application for cybersecurity was you know straight forward in terms of the training we have a battery like Jim was saying we have a battery of different machine learning algorithms and and they go from the traditional the the support vector machines in a random forests this based classifiers and we're doing a lot of work lately with with deep learning is just giving really good results and all of them work in different cases so we have a battery of them we do a lot of feature extraction ahead of time but a single processing to clean the signals synchronize them and and and clean them up and then you know we pass them to the classifiers a lot of our work is part of a DARPA project on using AI to classify signals in different areas has fed this so we're kind of finding what are the best things to work on different use cases because different machine models have different accuracies depending upon the signal you know different parts of the signal in fact we still don't fundamentally understand why some things work better and that's part of what we're doing now as fundamental research is can we figure out why certain machine learning algorithms work better on certain types of signals and not on others and you know that's there's still a lot of fundamental questions to be answered about that so when finally loaded this life and and one of the things that when we tell people that we look at side channels you shall have PSP found for power fingerprinting we often look at power consumption of the devices people often think oh let me see the the level of power it might be like my cell phone and like the battery indicator and that's that's not what we look at we look at tiny tiny patterns this is what they look like that's one of a tracer from a PLC actually this is what they actually looked like and and if you see the picture of the chip the the emissions radiating directly from the from the silicon this is part of the fundamental physics of the semiconductor state as you're moving electrons around to generate those fields and and we're the ones those are the ones who are we picking off cuz we tell people often I'll be looking at power I just looking at how much you know what if I turn mine what if I turn my battery my screen on what if I turn a fan does it in our mess you know we're looking at the images directly from the processor that it's executing your logic so it's a it's a different concept no packets no system calls yeah and one of the things about this pearl right here so if you go see our demo and the next area you'll see that we have a very tiny little loop antenna that little loop antenna is mostly going to pick up because the question commonly comes up well isn't that subject to a whole lot of noise but the type of probe that you'll see there as mostly picking up the magnetic component of the of the e/m emissions right so it doesn't that drops off very rapidly with distance so it's much you know more accurate when we use a.m. we also have a some demos where there were some installed on the wall where you see it's using DC power which is also pretty good not always in an ICS if it's inline because then potentially we could become a point of failure for the system but the e/m is really really good and works well in a noisy environment because we're mostly measuring that the beak of the magnetic field component of the e/m field so we talked already about such an
attacks and The Tempest you probably guys are familiar where the tempest was designed specifically for those side channels so when we you know if you're familiar with those you know they you know that they haven't used for decades to extract that information which is using in a slightly different way and if you see the racks and stuff across in there for a tempest system that's what you have to do to prevents the signal from leaking out go ahead right well it's nice or not that's right so so basically that will be the case of jamming right if somebody would be jamming you with a with a with a magnet or with what anything else so we would see it you would see how this just at this big jam and and we will flog it and somebody would have to go look at it but it would be very obvious that's your being jammed in the signal that's true that's true they could be just working with magnets right it is possible but it's very unlikely so we actually were doing some tests on that in a substation they have this big massive massive transformers right next to it and you can see that you know there's this huge electromagnetic field surrounded and actually when you go there they they ask you they know metal you have to you have to put your suit to be able together and in these no work just fine because you know at that point it becomes increase a little bit the noise and in the there the signals come at different spectral bands so you can filter those fairly easily and and if somebody doesn't say if somebody weren't going to be playing with a magnet right next to your device and doing this one you know several kilohertz moving it that could probably you know impact us but very unlikely yeah a static magnet the Delta of the or the change for a moment moment of the magnetic field isn't going to really register it's the Delta so if like you're moving the magnet rapidly in and out if you do it you know ten thousand times a second and it would definitely make a field and a lot of the magnetic fields we would be around might be static yeah yeah I mean in exactly it is potentially there this part of the reason when you're doing the baseline the machine learning you should do it and as much as possible in the environment in which it's going to be deployed so as close to that environment as possible so that the machine can already learn what the ambient noise that it might pick up looks like
integrity assessments again what we're essentially doing is trying to look at once we have built a model of it we're looking through those item patterns we have our baseline we measure a distance from the baseline to what we're seeing right now and then give you a confidence level out of this is the state I'm in this is my confidence level if the confidence level gets too far outside of what is acceptable then and it doesn't match any other state then it's an anomaly and I don't know what it is I can't help you figure that out but I can absolutely tell you that it's not operating exactly the same way it could be because an electrical failure could be because somebody's doing something with electromagnetic fields nearby I don't know what it is I just know I'm not in the right operating condition that you expect me to be in okay this
one I have to turn get an alchemist so there's two ways in which we normally do do the training the way that we prefer do we prefer is when we do the supervised learning and which means is that you grab your device that you're going to be monitoring and you bring it to your testing evaluation room and you make it go through all if the different paces all the differences go through all the different states this is the exact same type of assessment that you would do to do code coverage on your traditional functional tests so you wanna you want to exercise those different passes I mean you have to do some sort of different inputs you have to exercise all the different execution paths and that way you can come up with a complete you know library of what the normal the the real states are and then if anything were to come in we will we will flag it of course that requires you to have a test an evaluation room and then you can able to monitor the for the execution of different states the other one is unsupervised learning where you simply observe device for a period of time and whatever you have servant that time you make it you may be part of your library and they might anything you don't see you can match it you flag it but in that case we can have more false positives because you know we haven't seen all the states and people offering people of an ass's well how about complex flap platforms you know you have a really you know complex about some PLC's are actually fairly complex and what we tell is we limit the scope of those we either force them to execute a specific task and we make sure that that task hasn't been compromised or we go low level make sure that the firmware and in the initial execution the bias hasn't been tampered with so let me go to the next
one so one of the things people asked about the performance is how well it does this is one of the early work we did with DARPA and it shows the RLC receiver operating characteristic curve basically said you know how good detector is a how well a detector works and so vertical axis is probably of affection when you have an anomaly something else do you detect it but is it false positive which is when you have a real legitimate event that you've mistaken flag it as an anomaly and in this case you see that for the blue line for over 80 percent of the probability of detection you have a 10 to the minus 15 false positive rate and the reason why we can do that you see the three lines is because you you with PFP works differently if you want to send a file to virustotal and get your assessment it will tell you malicious no malicious whatever if you send the same packet a thousand times or the same file a thousand times you get the same answer a thousand times would be a speed you have set one execution instance and you give you an assessment which is a black line if you you can observe another execution instance of the same new code you can put it together in and start integrating the noise out so you get a cleaner signal the more you observe the cleaner the signal it gets so that's what we can come up with this such low priority of false positives works differently
so one of the reasons people doing assessment using side channels in secular sermons in such analyst is much harder than just asking the device hey you know are you ok but there's a lot of advantages of doing it this way and the main one is that we do no harm so in normally like we've talked before we have that line between the OT and the IT the safety critical side you have to make sure you do no harm to those systems and with PHP because you can be physically separated from them we can physically air-gap from it you care until you do no harm there's no latency or reliability impact on your network or on your device itself are you literally just putting a probe right next to it you can't because we look at them as a signal we don't care what the the box that generate them there so we look at them as black boxes you can support it better legacy devices can be real-time systems and we have no latency to them so there's no need to recertification a lot of critical infrastructure plants they have to be going through a very rigorous certification process to make sure that they don't you know explode and kill people so every time you're going to this a change in any of those systems it can be very expensive to good go through the whole recertification with PHP since you're not changing any of that by using side channels and you're not changing any of the system you avoid all that complex process and very importantly it does not introduce additional vulnerabilities something like 30% of attack vectors don't remember the actual numbers come from actually you know security solutions with PHP again you're separate from it so you introduce no additional vulnerabilities to your system and you can detect the test very quickly in the last one that we have
here is very robust against evasion technically it's possible for somebody to generate a sequence of code that matches perfectly what the other code was doing but it's very very difficult a little possible but it's very very difficult and also covers accidental fall so if for some reason you have this gamma-ray the hits your system and it starts behaving rule that as well and and it's not a malicious attack but it's something that you need to know because you're dealing with critical infrastructure it integrates with any other solution so if you can you don't have to modify any of your system including your security solutions that you have in place you can have your access controls you can have firewalls anything else you want we just put an additional layer of protection and because we're air-gap from it if you compromised the device the target device that we're monitoring you cannot get from there to us and if you compromise us you cannot get to them yeah and again to this point about adding a layer so we're obviously not sitting here saying that you know this is the only way you should monitor the device there are lots of other things you should be doing this is just an additional checkpoint when you get to the idea of what we can detect again at the end of the day if the function gets weird which could be because it's failing or it could be because somebody's attacking it all we can tell you is that it's weird we can't tell you that it's you know malicious or we can't you know in some limited circumstances with other types of devices we have categorized things like Moriah on on cameras and things like that so we have known bad state so we can characterize but there's too many of those and there's enough people in that area doing that type of stuff we we focus more on making sure that the hardware is what you expect it to be so
it's time okay well this was a very interesting life but we spent too much time at the beginning so we'll keep it let's just wrap it up
there's DARPA project that is funding us to do this work and there's basically
two deployment options you can deploy the technology runtime or you can deploy the technology as a screening so if you create an infrastructure you want to make sure that your devices haven't been the hard hasn't been compromised you can tell her the tools to do that or you want to make sure continuous monitoring and what we say continuous you know we really mean 24/7 you know every second making sure that the execution of your system hasn't been compromised so we have those two deployment options we've done tests with plcs you can come to our next door to
our demo we've done tests with Cisco routers never give instructor a number of platforms so with that Jim you know wrap it up yeah so again we'll wrap up quickly we don't want to go over time and you know respectful the next speakers that are going up but please come see it think about this and other applications of this we're still you know kind of in that transition stage between research and government and DOD research and like practical applications so love to hear your ideas thoughts you might have on it and look forward to talk to all of you thanks very much