Publications

Mulder, John M.; King, Michael A.; Urrea, Jorge M.; Clements, Abraham A.; Learn, Mark W.; Van Houten, Jonathan R.

Abstract not provided.

Mulder, John M.; Schwartz, Moses D.; Berg, Michael J.; Van Houten, Jonathan R.; Urrea, Jorge M.; Clements, Abraham A.; Depoy, Jennifer M.; Jacob, Joshua J.

Critical infrastructures, such as electrical power plants and oil refineries, rely on programmable logic controllers (PLCs) to control essential processes. State of the art security cannot detect attacks on PLCs at the hardware or firmware level. This renders critical infrastructure control systems vulnerable to costly and dangerous attacks. WeaselBoard is a PLC backplane analysis system that connects directly to the PLC backplane to capture backplane communications between modules. WeaselBoard forwards inter-module traffic to an external analysis system that detects changes to process control settings, sensor values, module configuration information, firmware updates, and process control program (logic) updates. WeaselBoard provides zero-day exploit detection for PLCs by detecting changes in the PLC and the process. This approach to PLC monitoring is protected under U.S. Patent Application 13/947,887.

Smith, Tyler B.; Urrea, Jorge M.

The aim of the Authenticating Cache architecture is to ensure that machine instructions in a Read Only Memory (ROM) are legitimate from the time the ROM image is signed (immediately after compilation) to the time they are placed in the cache for the processor to consume. The proposed architecture allows the detection of ROM image modifications during distribution or when it is loaded into memory. It also ensures that modified instructions will not execute in the processor-as the cache will not be loaded with a page that fails an integrity check. The authenticity of the instruction stream can also be verified in this architecture. The combination of integrity and authenticity assurance greatly improves the security profile of a system.

Mulder, John M.; Schwartz, Moses D.; Berg, Michael J.; Van Houten, Jonathan R.; Urrea, Jorge M.; Pease, Alex N.

Abstract not provided.

Mulder, John M.; Schwartz, Moses D.; Berg, Michael J.; Van Houten, Jonathan R.; Urrea, Jorge M.; Pease, Alex N.

Abstract not provided.

McDonald, Michael J.; Atkins, William D.; Mulder, John M.; Richardson, Bryan T.; Cassidy, Regis H.; Chavez, Adrian R.; Pattengale, Nicholas D.; Pollock, Guylaine M.; Urrea, Jorge M.; Schwartz, Moses D.

This paper describes a new hybrid modeling and simulation architecture developed at Sandia for understanding and developing protections against and mitigations for cyber threats upon control systems. It first outlines the challenges to PCS security that can be addressed using these technologies. The paper then describes Virtual Control System Environments (VCSE) that use this approach and briefly discusses security research that Sandia has performed using VCSE. It closes with recommendations to the control systems security community for applying this valuable technology.