TY - GEN
T1 - Attacking supercomputers through targeted alteration of environmental control
T2 - 2016 IEEE Conference on Communications and Network Security, CNS 2016
AU - Chung, Keywhan
AU - Formicola, Valerio
AU - Kalbarczyk, Zbigniew T
AU - Iyer, Ravishankar K
AU - Withers, Alexander
AU - Slagell, Adam J
PY - 2017/2/21
Y1 - 2017/2/21
N2 - In this paper, we show that a malicious user can attack a large computing infrastructure by compromising the environmental control systems in the facilities that host the compute nodes. Such violations cannot be easily recognized by the administrators who manage the cluster, because of limited observation of the events in the cyber-physical systems. We describe real cases of failures due to problems in the cooling system of Blue Waters, the petascale supercomputer of the University of Illinois at Urbana-Champaign. Blue Waters has cooling cabinets that use chilled water provided by the National Petascale Computing Facility (NPCF). We demonstrate, using real data, that the control systems that provide chilled water can be used as entry points by an attacker to indirectly compromise the computing functionality through the orchestration of clever alterations of sensing and control devices. In this way, the attacker does not leave any trace of his or her malicious activity on the nodes of the cluster. Failures of the cooling systems can trigger unrecoverable failure modes that can be recovered only after service interruption and manual intervention.
AB - In this paper, we show that a malicious user can attack a large computing infrastructure by compromising the environmental control systems in the facilities that host the compute nodes. Such violations cannot be easily recognized by the administrators who manage the cluster, because of limited observation of the events in the cyber-physical systems. We describe real cases of failures due to problems in the cooling system of Blue Waters, the petascale supercomputer of the University of Illinois at Urbana-Champaign. Blue Waters has cooling cabinets that use chilled water provided by the National Petascale Computing Facility (NPCF). We demonstrate, using real data, that the control systems that provide chilled water can be used as entry points by an attacker to indirectly compromise the computing functionality through the orchestration of clever alterations of sensing and control devices. In this way, the attacker does not leave any trace of his or her malicious activity on the nodes of the cluster. Failures of the cooling systems can trigger unrecoverable failure modes that can be recovered only after service interruption and manual intervention.
UR - http://www.scopus.com/inward/record.url?scp=85016013602&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85016013602&partnerID=8YFLogxK
U2 - 10.1109/CNS.2016.7860528
DO - 10.1109/CNS.2016.7860528
M3 - Conference contribution
AN - SCOPUS:85016013602
T3 - 2016 IEEE Conference on Communications and Network Security, CNS 2016
SP - 406
EP - 410
BT - 2016 IEEE Conference on Communications and Network Security, CNS 2016
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 17 October 2016 through 19 October 2016
ER -