Embedding Encryption and Machine Learning Intrusion Prevention Systems on Programmable Logic Controllers

摘要

During its nascent stages, programmable logic controllers (PLCs) were made robust to sustain tough industrial environments, but little care was taken to raise defenses against potential cyberthreats. The recent interconnectivity of legacy PLCs and supervisory control and data acquisition (SCADA) systems with corporate networks and the Internet has significantly increased the threats to critical infrastructure. To counter these threats, researchers have put their efforts in finding defense mechanisms that can protect the SCADA network and the PLCs. Encryption and intrusion prevention systems (IPSs) have been used by many organizations to protect data and the network against cyber-attacks. However, since PLC vendors do not make available information about their hardware or software, it becomes challenging for researchers to embed security mechanisms into their devices. This letter describes an alternative design using an open source PLC that was modified to encrypt all data it sends over the network, independently of the protocol used. Additionally, a machine learning-based IPS was added to the PLC network stack providing a secure mechanism against network flood attacks like denial of service (DoS). Experimental results indicated that the encryption layer and the IPS increased the security of the link between the PLC and the supervisory software, preventing interception, injection, and DoS attacks.