Automatic Verification and Security of Industrial Control Systems
About this project
This project aims to secure the software and protocols controlling industrial control equipment and cyber physical systems (e.g. industrial IoT devices).
Using the digital twin set up in UQ’s Industry 4.0 Energy TestLab and its energy and manufacturing sector equipment, the project will focus on two directions:
Automating detection of known attack techniques and tactics
This PhD will design and build a series of automatic ICS vulnerability assessment and penetration testing (VAPT) testkits to assess new and deployed ICS against known threats published in public repositories (e.g. National Vulnerability Database (NVD)). Our goal is for the developed testkits to be used by ICS asset owners to help to conduct vulnerability testing by themselves, without relying on expensive consulting contracts for more straightforward security vulnerabilities. Threat types and threat vectors are increasingly published on the public MITRE ATT&CK Framework for ICS matrix, and we will be using MITRE ATT&CK as a baseline for automating security assessments. While attacks are well documented and growing in numbers, there is a lack of techniques for real time detection and channel protection against these known threats presenting both challenges and market opportunities. To minimise downtime, the testing will be conducted through experiments on digital twins at UQs Industry 4.0 Energy TestLab.
Automating formal verification and fuzzing of legacy ICS to detect potential/unknown vulnerabilities
Using formal verification and fuzzing techniques, we will develop automated testkits in order to discover previously unknown threats and vulnerabilities. With a vendor-neutral approach assessing across a myriad protocols, software and hardware configurations typical in most ICS environments, our techniques developed will automate the discovery of logical runtime errors which may enable hackers to infiltrate ICS significantly decrease the necessity of depending on formal verification experts but will enable ICS asset owners (e.g. power plants) to achieve high assurance (e.g. Common Criteria certifications).
The project’s outcomes will likely be (but not limited to) methods for automating the detection of known and unknown vulnerabilities:
Automatic detection methods for known attacks listed in the MITRE ATT&CK Framework, focusing on legacy systems and addressing a key gap in the literature.
Toolkits which automatically execute detection methods from (1), addressing a key commercial need.
Toolkits for automatic detection of unknown vulnerabilities through fuzzing and formal verification based on program analysis, model checking and theorem proving, addressing a key gap in the ICS security literature.