Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

slides - Stanley Bak

advertisement 
Hardware Control Flow Protection
for Cyber-Physical Systems
Stanley Bak
University of Illinois at Urbana-Champaign
(Some slides from Joel Van Der Woude)
Problem
• Cyber-physical systems
are vulnerable to cyber
attack.
• Attacks on critical
infrastructure bring
physical consequences.
Typical Attacks
• Remote code execution
– Buffer overflows
– Return into libc
– String format
vulnerabilities
– Code injection
• Network attacks
– Denial of service
– MITM
• Social Engineering
Secure System Simplex
Architecture (S3A)
What Side Channels?
•
•
•
•
•
Timing of Multiple Task Executions
Statistical Timing of Blocks of Code
I/O Access
Memory Access Patterns
Program Control Flow
What Side Channels?
•
•
•
•
•
Timing of Multiple Task Executions
Statistical Timing of Blocks of Code
I/O Access
Memory Access
Program Control Flow
Control Flow Monitoring
• Control flow possible paths a
program may take to execute
• Enumerates
jumps/calls/branches to create
a “map” of possible “routes”
through a program
• Does not guarantee that the
proper instructions were
executed, only that blocks were
executed in a plausible order
Our Approach
• Detect unexpected changes
in control flow
– Implement secure coprocessor to limit overhead
– Create tool to generate a
control flow graph that can
be read by the co-processor
– Fail safely using a trusted
Simplex controller
– Restore complex controller
and return control
CFG Info
• We watch for changes
in “blocks”
• Each block represents
a set of instructions
–
–
–
–
Address of block
Number of instructions
Taken block
Not taken block
Detection
• If PC is outside the
“block”
– Is it the address of
taken?
– Is it the address of not
taken?
• If not we have
detected a problem
• Could be caused by an
attacker overwriting a
return address
Current Issues
• Large code
• Multiple processes
– Operating system (do
we trust?)
• Polymorphic code
• More general purpose
computing
– How do we ensure that
each program has a
control flow graph?
Conclusion
•
•
•
•
CPS Security
Hardware Control Flow Protection
Currently Implementing
Questions?
Related documents
ES485C- Cyber Physical Systems
ES485C- Cyber Physical Systems
2014 Seminar Series Department of Mechanical Engineering Sokwoo Rhee, Ph.D.
2014 Seminar Series Department of Mechanical Engineering Sokwoo Rhee, Ph.D.
Cryptography and Network Security Chapter 1
Cryptography and Network Security Chapter 1
Revenge-Seeking Behaviors
Revenge-Seeking Behaviors
Download PDF - Echo Photo Agency
Download PDF - Echo Photo Agency
sequence authentication
sequence authentication
Department of Electrical & Computer Engineering 323 Martin Luther
Department of Electrical & Computer Engineering 323 Martin Luther
544 Computer and Network Security
544 Computer and Network Security
Computer Security: Principles and Practice, 1/e
Computer Security: Principles and Practice, 1/e
dos_nanog
dos_nanog
U&: A cyber-physical system concept for cross
U&: A cyber-physical system concept for cross
abstract here - Columbia Law School
abstract here - Columbia Law School
Download
advertisement