Hacker News new | past | comments | ask | show | jobs | submit login

> Injecting false values for a sensor reading is a very good way to hide your tracks as an attacker - just inject a bunch of "0" values, and then uninstall whatever malware did it, and probably nobody will ever find out why that sensor randomly acted up.

That may be for legacy machinery control systems (MCSs), but modern MSCs and increasingly wise to such threats as they monitor and archive all critical control system signals at the subsecond sample rates, such that sensor anomalies are detected in near real time and logged for future anaysis. You would not only need to hack the individual sensor signal, but you'd need to also know how to disrupt the MCS ladder logic that knows how to bypass a sensor putting out bad signals to keep the machinery system stable. Not an easy feat.

Personally, I mainly get involved in this data after the fact for energy optimization. However, the folks that design the systems complete Failure Mode and Effects Analysis (FMEA) in attempts to thwart failures and attacks at any concievable level. Still further, greater protection in terms of first line of defense firewalls and PKI certs between subsystems and components, making getting access to these bits int he first place increasingly difficult whereas these systems used to be virtually unprotected for any ding dong to tap into.

Sure, there are still holes, and probably always will be, but the efforts of MCS designers to protect their systems grows and the automation intelligence being developed to govern these control systems will provide an additional level of protection (and a known point of vulnerability).




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: