Verification tool for securing RISC-V FPGA-based process-control systems

Abstract

Industrial Control Systems (ICSs) are a crucial critical infrastructure component and a popular cyberattack target. While most research in this area focuses on the defense of large- scale networks of ICSs, it is critical to also expand research on the small-scale networks of Process Control Systems (PCSs), which attackers may target to remain undetectable from the security of the more extensive network. One potential protection method for PCS networks is the use of verification tools; however, existing research on verification tools focuses solely on detecting attacks without mitigation. This research describes two instantiations of a verification tool for a PCS controlled by a RISC-V computer implemented on an FPGA. An experimental testbed was developed to test the tools, consisting of (1) a circuit to charge a battery, (2) an FPGA controller that controls charge/discharge based on user input, (3) an engineering station that provides control data and updates firmware to the FPGA; and (4) a verification tool that verifies input forwarded by a passive serial tap, connected through the FPGA's hardware. The first version of the verification tool provides passive detection, whereby it detects and informs the engineering station of an attack. The second version provides detection and mitigation against unauthorized command messages and malicious software downloads. The experimental data yielded promising results, with the tool successfully providing mitigation and detection against attacks on the serial communication channel between the engineering station and FPGA. This approach applies to standard ICS computer devices, such as programmable logic controllers (PLCs).