Message Security for Automation and Control Applications based on IEC61131-3

Abstract

-Cyber-Physical Systems are integration ofcomputer-based equipment used in industrial automation,embedded systems, control systems and etc. Computer-basedequipment needs to be protected against unauthorized access andcontrol. The widely accepted approach to computer security isbased on security in depth, meaning that the computer system isviewed as a layered structure and security is introduced at eachof the layers. In this paper, we propose a method of addingsecurity at what is commonly viewed as the lowest level of controlthe PLC. The approach is based on hashing the process variablesor called signals. In this approach an attacking virus is not ableto interpret the variables being addressed by the control logic,and therefore inhibiting targeted attacks by a virus wishing tosubtly change the controlled system operation without actuallydestroying the controlled plant. The approach is focused towardsDCS whose operation is based on maintaining all variables in anRTDB that exist in the RTOS and used by IEC61131-3 basedapplication.