Attack induced common-mode failures on PLC-based safety system in a nuclear power plant: Practical experience report

Bernard Lim, Daniel Chen, Yongkyu An, Zbigniew Kalbarczyk, Ravishankar Iyer

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

This paper demonstrates attack induced common-mode failures on an industrial-grade (Tricon) Triple-Modular-Redundant PLC (programmable logic controller) and its impact in a Nuclear Power Plant settings. The attack exploits the fact that during the configuration phase the same control logic is downloaded to all three redundant modules. We describe how an attacker can exploit this vulnerability to embed malicious control logic and how to trigger the attack. The feasibility and the attack impact are evaluated on a testbed, which includes the Tricon PLC as part of a safety protection system in a simulated nuclear power plant.

Original languageEnglish (US)
Title of host publicationProceedings - 2017 IEEE 22nd Pacific Rim International Symposium on Dependable Computing, PRDC 2017
EditorsMasato Kitakami, Dong Seong Kim, Vijay Varadharajan
PublisherIEEE Computer Society
Pages205-210
Number of pages6
ISBN (Electronic)9781509056514
DOIs
StatePublished - May 5 2017
Event22nd IEEE Pacific Rim International Symposium on Dependable Computing, PRDC 2017 - Christchurch, New Zealand
Duration: Jan 22 2017Jan 25 2017

Publication series

NameProceedings of IEEE Pacific Rim International Symposium on Dependable Computing, PRDC
ISSN (Print)1541-0110

Other

Other22nd IEEE Pacific Rim International Symposium on Dependable Computing, PRDC 2017
CountryNew Zealand
CityChristchurch
Period1/22/171/25/17

    Fingerprint

Keywords

  • Attack/fault injection
  • Common-mode failures
  • Critical infrastructure
  • Malicious attacks
  • PLC-based control

ASJC Scopus subject areas

  • Computational Theory and Mathematics
  • Computer Science Applications
  • Hardware and Architecture
  • Software

Cite this

Lim, B., Chen, D., An, Y., Kalbarczyk, Z., & Iyer, R. (2017). Attack induced common-mode failures on PLC-based safety system in a nuclear power plant: Practical experience report. In M. Kitakami, D. S. Kim, & V. Varadharajan (Eds.), Proceedings - 2017 IEEE 22nd Pacific Rim International Symposium on Dependable Computing, PRDC 2017 (pp. 205-210). [7920614] (Proceedings of IEEE Pacific Rim International Symposium on Dependable Computing, PRDC). IEEE Computer Society. https://doi.org/10.1109/PRDC.2017.34