Refining Security: Process Control System Proetction, Misuse Detection and Attack Response
Process Control Systems (PCS) are responsible for managing processes that manufacture goods, refine oil, light our streets, and heat our homes. If PCS are not properly configured and protected, they are vulnerable to disruption, potentially leading to business, economic and environmental losses and possibly to the loss of life. Whereas once these systems were purpose-built and isolated, increasingly they are built using commodity hardware and software and becoming connected to the Internet. Organizations are beginning to understand that these systems need to be hardened, but accomplishing this task remains difficult. For every aspect of security -- from making a business case to management, to building security into PCS design and implementation to configuring, running, monitoring, and if necessary restoring systems -- well-designed tools can make a tremendous difference. In this presentation I will discuss some of the threats to these systems, describe how to identify components for "security upgrades", and explain how each device can be made more secure through automated testing of software and hardware configurations, through careful configuration of the network connections, and through monitoring for improper or unauthorized use. The members of the I3P consortium are researching, designing and commercializing some of the first tools in this area. In addition to leading this effort, the authors are developing a software testing tool designed for PCS, so this topic will be covered in detail.
This is joint work with Michael Zhivich.
Bio: Robert K. Cunningham is the associate group leader of the Information Systems Technology Group and is responsible Dr. Robert K. Cunningham is Associate Leader of the Information Systems Technology Group at MIT Lincoln Laboratory. In this position, he pursues research in attack detection algorithms that do not require advance knowledge of the method of the attack, systems that fuse information assurance alerts, and software development tools to prevent vulnerabilities. Prior to joining the group, he was a member of the technical staff of the Machine Intelligence Group, where his research addressed digital image processing and image understanding. While in that group, he also performed research on automated seismic analysis and event discrimination, and developed parallel programming algorithms and support software. Dr. Cunningham has participated in several national panels evaluating and defining research approaches to information operations problems and has received a commendation from the director of the National Security Agency for his efforts. Dr. Cunningham also participates on international program committees in information operations research, including serving as a member of the IEEE Symposium on Security and Privacy and as the general chair for the Symposium on Recent Advances in Intrusion Detection. He is a senior member of the IEEE, has led the Laboratory’s Advanced Concepts Committee, and is a member of the Laboratory’s New Technology Initiatives Board. He holds an Sc.B. degree in computer engineering from Brown University, an M.S. degree in electrical engineering from Boston University, and a Ph.D. degree in cognitive and neural systems from Boston University.