BEGIN:VCALENDAR
VERSION:2.0
PRODID:IEEE vTools.Events//EN
CALSCALE:GREGORIAN
BEGIN:VTIMEZONE
TZID:America/New_York
BEGIN:DAYLIGHT
DTSTART:20210314T030000
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
RRULE:FREQ=YEARLY;BYDAY=2SU;BYMONTH=3
TZNAME:EDT
END:DAYLIGHT
BEGIN:STANDARD
DTSTART:20201101T010000
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=11
TZNAME:EST
END:STANDARD
END:VTIMEZONE
BEGIN:VEVENT
DTSTAMP:20210226T212707Z
UID:F69F754E-1DBC-4C8A-BB84-204E8CDAE30A
DTSTART;TZID=America/New_York:20210226T123000
DTEND;TZID=America/New_York:20210226T133000
DESCRIPTION:We face an existential threat of permanent damage to critical p
 hysical components in our national infrastructure as a result of their poo
 r resilience against cybersecurity attack. A Programmable Logic Controller
  (PLC) commonly provides the control system for such components\, e.g.\, b
 ulk power generators. Our proof-of-concept implementation dramatically mit
 igates threats to such cyber-physical systems (CPS) by specifically levera
 ging what NIST 800-160 calls “highly assured\, kernel-based operating sy
 stems in Programmable Logic Controllers”.\n\nWe dramatically reduce the 
 attack surface visible to potential attackers to be ~1% of the total compa
 red to competing approaches. Our demonstration refactors the common CPS ar
 chitectural approach to data and cooperating processes into hierarchically
  ordered security domains using the widely available OpenPLC project code 
 base. The GEMSOS security kernel verifiably enforces traditional integrity
  mandatory access control (MAC) policy on all cross-domain flows. GEMSOS i
 s designed for wide-spread delivery as a Reusable Trusted Device\, providi
 ng the reference monitor for secure single-board\, multi-board\, and Syste
 m-on-a-Chip systems.\n\nOnly a processing component in the highest integri
 ty domain can directly send/receive control signals\, enforcing “safe re
 gion” operating constraints to prevent physical damage. This very small 
 attack surface protects the critical physical components\, making the over
 all CPS resilient to skilled adversaries’ attacks\, even though much lar
 ger lower integrity software running in other domains on the same Trusted 
 Device hardware and network infrastructure may be thoroughly compromised. 
 We make available our restructured OpenPLC source to encourage control sys
 tem manufacturers to deliver verifiable PLC products to\, as NIST puts it\
 , “achieve a high degree of system integrity and availability” for con
 trol systems. UC Davis is using our demonstration on GEMSOS in their Compu
 ter Security Lab\, today.\n\nVirtual: https://events.vtools.ieee.org/m/258
 933
LOCATION:Virtual: https://events.vtools.ieee.org/m/258933
ORGANIZER:bo.yuan@rit.edu
SEQUENCE:2
SUMMARY:Dramatically Reducing Attack Surface Using Integrity MAC Security K
 ernel for Programmable Logic Controllers
URL;VALUE=URI:https://events.vtools.ieee.org/m/258933
X-ALT-DESC:Description: &lt;br /&gt;&lt;p&gt;We face an existential threat of permanent
  damage to critical physical components in our national infrastructure as 
 a result of their poor resilience against cybersecurity attack. A Programm
 able Logic Controller (PLC) commonly provides the control system for such 
 components\, e.g.\, bulk power generators. Our proof-of-concept implementa
 tion dramatically mitigates threats to such cyber-physical systems (CPS) b
 y specifically leveraging what NIST 800-160 calls &amp;ldquo\;&lt;em&gt;highly assur
 ed\, kernel-based operating systems in Programmable Logic Controllers&lt;/em&gt;
 &amp;rdquo\;.&lt;br /&gt; &lt;br /&gt; We dramatically reduce the attack surface visible t
 o potential attackers to be ~1% of the total compared to competing approac
 hes. Our demonstration refactors the common CPS architectural approach to 
 data and cooperating processes into hierarchically ordered security domain
 s using the widely available OpenPLC project code base. The GEMSOS securit
 y kernel verifiably enforces traditional integrity mandatory access contro
 l (MAC) policy on all cross-domain flows. GEMSOS is designed for wide-spre
 ad delivery as a Reusable Trusted Device\, providing the reference monitor
  for secure single-board\, multi-board\, and System-on-a-Chip systems.&lt;br 
 /&gt; &lt;br /&gt; Only a processing component in the highest integrity domain can 
 directly send/receive control signals\, enforcing &amp;ldquo\;safe region&amp;rdqu
 o\; operating constraints to prevent physical damage. This very small atta
 ck surface protects the critical physical components\, making the overall 
 CPS resilient to skilled adversaries&amp;rsquo\; attacks\, even though much la
 rger lower integrity software running in other domains on the same Trusted
  Device hardware and network infrastructure may be thoroughly compromised.
  We make available our restructured OpenPLC source to encourage control sy
 stem manufacturers to deliver verifiable PLC products to\, as NIST puts it
 \, &amp;ldquo\;&lt;em&gt;achieve a high degree of system integrity and availability&lt;
 /em&gt;&amp;rdquo\; for control systems. UC Davis is using our demonstration on G
 EMSOS in their Computer Security Lab\, today.&lt;/p&gt;
END:VEVENT
END:VCALENDAR

