Joint Test Action Group Data Acquisition for Cyber-Physical System Security

Jonathan Price; Richard Dill; Stephen Dunlap; Mason Rice

doi:10.1109/SST55530.2022.9954826

Joint Test Action Group Data Acquisition for Cyber-Physical System Security

Jonathan Price
, Richard Dill
, Stephen Dunlap
, Mason Rice

Cyber Resilience and Intelligence Divisi

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

1 Scopus citations

Abstract

It is crucial to secure the cyber-physical systems that automate the industrial processes essential to modern life. A hardware monitor utilizing the JTAG interface supported by most microprocessors could provide an immutable security monitor for industrial controllers. This paper explores the viability of using a commercial off-the-shelf debugger to dynamically extract memory and register data from industrial controllers to detect cyber attacks. We conducted five experiments using the Lauterbach PowerDebug Pro and the Schweitzer Engineering Laboratories RTAC-3505 real-time automation controller to determine access speed for register and memory information. The results show the fastest average downtime for register acquisition to be 8.178ms, with the fastest average downtime for processor pausing being 8.087ms. The fastest average time for reading 1KB of memory information was 24.798ms. The need to pause the microprocessor before data collection is the most significant performance-limiting factor. Based on these results, we conclude that commercial debuggers are not designed for high-speed data collection and are unsuitable for real-time cyber-attack detection. In the future, a custom tool may be designed to optimize data collection, reduce cost, and minimize the performance impact to the target device.

Original language	English
Title of host publication	Proceedings of International Conference on Smart Systems and Technologies, SST 2022
Editors	Emmanuel Karlo Nyarko, Tomislav Matic, Robert Cupec, Mario Vranjes
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	179-186
Number of pages	8
ISBN (Electronic)	9781665482158
DOIs	https://doi.org/10.1109/SST55530.2022.9954826
State	Published - 2022
Event	5th IEEE International Conference on Smart Systems and Technologies, SST 2022 - Osijek, Croatia Duration: Oct 19 2022 → Oct 21 2022

Publication series

Name	Proceedings of International Conference on Smart Systems and Technologies, SST 2022

Conference

Conference	5th IEEE International Conference on Smart Systems and Technologies, SST 2022
Country/Territory	Croatia
City	Osijek
Period	10/19/22 → 10/21/22

Funding

This manuscript has been funded and authored in part by UT-Battelle, LLC, under contract DE-AC05-00OR22725 with the US Department of Energy (DOE). The publisher acknowledges the US government license to provide public access under the DOE Public Access Plan (https://energy.gov/downloads/doe-public-access-plan).

Keywords

critical infrastructure
cyber
jtag
security

Access to Document

10.1109/SST55530.2022.9954826

Cite this

Price, J., Dill, R., Dunlap, S., & Rice, M. (2022). Joint Test Action Group Data Acquisition for Cyber-Physical System Security. In E. K. Nyarko, T. Matic, R. Cupec, & M. Vranjes (Eds.), Proceedings of International Conference on Smart Systems and Technologies, SST 2022 (pp. 179-186). (Proceedings of International Conference on Smart Systems and Technologies, SST 2022). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/SST55530.2022.9954826

Price, Jonathan ; Dill, Richard ; Dunlap, Stephen et al. / Joint Test Action Group Data Acquisition for Cyber-Physical System Security. Proceedings of International Conference on Smart Systems and Technologies, SST 2022. editor / Emmanuel Karlo Nyarko ; Tomislav Matic ; Robert Cupec ; Mario Vranjes. Institute of Electrical and Electronics Engineers Inc., 2022. pp. 179-186 (Proceedings of International Conference on Smart Systems and Technologies, SST 2022).

@inproceedings{703ca2a50ab24c73a72ce9c944eba94a,

title = "Joint Test Action Group Data Acquisition for Cyber-Physical System Security",

abstract = "It is crucial to secure the cyber-physical systems that automate the industrial processes essential to modern life. A hardware monitor utilizing the JTAG interface supported by most microprocessors could provide an immutable security monitor for industrial controllers. This paper explores the viability of using a commercial off-the-shelf debugger to dynamically extract memory and register data from industrial controllers to detect cyber attacks. We conducted five experiments using the Lauterbach PowerDebug Pro and the Schweitzer Engineering Laboratories RTAC-3505 real-time automation controller to determine access speed for register and memory information. The results show the fastest average downtime for register acquisition to be 8.178ms, with the fastest average downtime for processor pausing being 8.087ms. The fastest average time for reading 1KB of memory information was 24.798ms. The need to pause the microprocessor before data collection is the most significant performance-limiting factor. Based on these results, we conclude that commercial debuggers are not designed for high-speed data collection and are unsuitable for real-time cyber-attack detection. In the future, a custom tool may be designed to optimize data collection, reduce cost, and minimize the performance impact to the target device.",

keywords = "critical infrastructure, cyber, jtag, security",

author = "Jonathan Price and Richard Dill and Stephen Dunlap and Mason Rice",

note = "Publisher Copyright: {\textcopyright} 2022 IEEE.; 5th IEEE International Conference on Smart Systems and Technologies, SST 2022 ; Conference date: 19-10-2022 Through 21-10-2022",

year = "2022",

doi = "10.1109/SST55530.2022.9954826",

language = "English",

series = "Proceedings of International Conference on Smart Systems and Technologies, SST 2022",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "179--186",

editor = "Nyarko, \{Emmanuel Karlo\} and Tomislav Matic and Robert Cupec and Mario Vranjes",

booktitle = "Proceedings of International Conference on Smart Systems and Technologies, SST 2022",

}

Price, J, Dill, R, Dunlap, S & Rice, M 2022, Joint Test Action Group Data Acquisition for Cyber-Physical System Security. in EK Nyarko, T Matic, R Cupec & M Vranjes (eds), Proceedings of International Conference on Smart Systems and Technologies, SST 2022. Proceedings of International Conference on Smart Systems and Technologies, SST 2022, Institute of Electrical and Electronics Engineers Inc., pp. 179-186, 5th IEEE International Conference on Smart Systems and Technologies, SST 2022, Osijek, Croatia, 10/19/22. https://doi.org/10.1109/SST55530.2022.9954826

Joint Test Action Group Data Acquisition for Cyber-Physical System Security. / Price, Jonathan; Dill, Richard; Dunlap, Stephen et al.
Proceedings of International Conference on Smart Systems and Technologies, SST 2022. ed. / Emmanuel Karlo Nyarko; Tomislav Matic; Robert Cupec; Mario Vranjes. Institute of Electrical and Electronics Engineers Inc., 2022. p. 179-186 (Proceedings of International Conference on Smart Systems and Technologies, SST 2022).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Joint Test Action Group Data Acquisition for Cyber-Physical System Security

AU - Price, Jonathan

AU - Dill, Richard

AU - Dunlap, Stephen

AU - Rice, Mason

PY - 2022

Y1 - 2022

N2 - It is crucial to secure the cyber-physical systems that automate the industrial processes essential to modern life. A hardware monitor utilizing the JTAG interface supported by most microprocessors could provide an immutable security monitor for industrial controllers. This paper explores the viability of using a commercial off-the-shelf debugger to dynamically extract memory and register data from industrial controllers to detect cyber attacks. We conducted five experiments using the Lauterbach PowerDebug Pro and the Schweitzer Engineering Laboratories RTAC-3505 real-time automation controller to determine access speed for register and memory information. The results show the fastest average downtime for register acquisition to be 8.178ms, with the fastest average downtime for processor pausing being 8.087ms. The fastest average time for reading 1KB of memory information was 24.798ms. The need to pause the microprocessor before data collection is the most significant performance-limiting factor. Based on these results, we conclude that commercial debuggers are not designed for high-speed data collection and are unsuitable for real-time cyber-attack detection. In the future, a custom tool may be designed to optimize data collection, reduce cost, and minimize the performance impact to the target device.

AB - It is crucial to secure the cyber-physical systems that automate the industrial processes essential to modern life. A hardware monitor utilizing the JTAG interface supported by most microprocessors could provide an immutable security monitor for industrial controllers. This paper explores the viability of using a commercial off-the-shelf debugger to dynamically extract memory and register data from industrial controllers to detect cyber attacks. We conducted five experiments using the Lauterbach PowerDebug Pro and the Schweitzer Engineering Laboratories RTAC-3505 real-time automation controller to determine access speed for register and memory information. The results show the fastest average downtime for register acquisition to be 8.178ms, with the fastest average downtime for processor pausing being 8.087ms. The fastest average time for reading 1KB of memory information was 24.798ms. The need to pause the microprocessor before data collection is the most significant performance-limiting factor. Based on these results, we conclude that commercial debuggers are not designed for high-speed data collection and are unsuitable for real-time cyber-attack detection. In the future, a custom tool may be designed to optimize data collection, reduce cost, and minimize the performance impact to the target device.

KW - critical infrastructure

KW - cyber

KW - jtag

KW - security

UR - https://www.scopus.com/pages/publications/85143965396

U2 - 10.1109/SST55530.2022.9954826

DO - 10.1109/SST55530.2022.9954826

M3 - Conference contribution

AN - SCOPUS:85143965396

T3 - Proceedings of International Conference on Smart Systems and Technologies, SST 2022

SP - 179

EP - 186

BT - Proceedings of International Conference on Smart Systems and Technologies, SST 2022

A2 - Nyarko, Emmanuel Karlo

A2 - Matic, Tomislav

A2 - Cupec, Robert

A2 - Vranjes, Mario

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 5th IEEE International Conference on Smart Systems and Technologies, SST 2022

Y2 - 19 October 2022 through 21 October 2022

ER -

Price J, Dill R, Dunlap S, Rice M. Joint Test Action Group Data Acquisition for Cyber-Physical System Security. In Nyarko EK, Matic T, Cupec R, Vranjes M, editors, Proceedings of International Conference on Smart Systems and Technologies, SST 2022. Institute of Electrical and Electronics Engineers Inc. 2022. p. 179-186. (Proceedings of International Conference on Smart Systems and Technologies, SST 2022). doi: 10.1109/SST55530.2022.9954826

Joint Test Action Group Data Acquisition for Cyber-Physical System Security

Abstract

Publication series

Conference

Funding

Keywords

Access to Document

Other files and links

Fingerprint

Cite this