CYBER-PHYSICAL SYSTEMS Constantinos Xenofontos cxenof02@ucy.ac.cy - - PowerPoint PPT Presentation

cyber physical systems
SMART_READER_LITE
LIVE PREVIEW

CYBER-PHYSICAL SYSTEMS Constantinos Xenofontos cxenof02@ucy.ac.cy - - PowerPoint PPT Presentation

Mar 08, 2023 215 likes •611 views

CYBER-PHYSICAL SYSTEMS Constantinos Xenofontos cxenof02@ucy.ac.cy BEFORE WE START... Security not always means web or mobile etc. What are the Cyber-Physical

slide-1
SLIDE 1

CYBER-PHYSICAL SYSTEMS

Constantinos Xenofontos cxenof02@ucy.ac.cy

Τμήμα Πληροφορικής Πανεπιστημίου Κύπρου​

slide-2
SLIDE 2

BEFORE WE START...

  • Security not always means web or mobile etc.
  • What are the Cyber-Physical Systems (CPS)?

2

slide-3
SLIDE 3

“LOCK IT AND STILL LOSE IT - ON THE (IN)SECURITY OF AUTOMOTIVE REMOTE KEYLESS ENTRY SYSTEMS”

FLAVIO D. GARCIA, DAVID OSWALD, TIMO KASPER AND PIERRE PAVLIDÈS

UNIVERSITY OF BIRMINGHAM, UK KASPER AND OSWALD ,GERMANY

3

slide-4
SLIDE 4

ABSTRACT

  • Most automotive immobilizer systems are insecure, less attention on RKE.
  • Paper closes this gap presenting vulnerabilities in RKE schemes used by major

manufacturers.

  • Case study 1: The VW Group system
  • Case study 2: The Hitag2 system
  • Authors lead to proven conclusions and responsible disclosure for their findings as

well.

4

slide-5
SLIDE 5

CAR KEY OVERVIEW

Two main components: Immobilizer

  • Passive RFID (125 kHz)
  • Systems (Hitag2, Megamos, DST40)

Remote Key Entry (RKE)

  • Active UHF transmitter (up to 868 MHz)
  • To unlock a car from a distance
  • Unidirectional
  • RKE-Immo (integration)

5

slide-6
SLIDE 6

REMOTE KEYLESS ENTRY SYSTEMS (RKE)

Use a very simple procedure: 1) Push a button 2) The remote sends message to the car 3) Car reacts accordingly

6

slide-7
SLIDE 7

PRELIMINARY ANALYSIS OF RKE

  • Bought a variety of RKE remote controls
  • Analyzed their RF outputs using Software

Define Radios (SDR)

  • Arduino SDR Platform
  • Setup costs just $40
  • Majority used Amplitude Shift Keying

(ASK)

  • Others used Frequency Shift Keying (FSK)
  • Manchester Encoding or Pulse-width

Encoding

  • Bitrate: 1-20 kilobits/second

7

slide-8
SLIDE 8

PREVIOUS ATTACKS ON RKE

2007: Cryptanalysis of KeeLog garage door openers (216 plaintext/ciphertext pairs) by Biham et al. 2008: Side-channel aHack on KeeLoq key diversificaGon (Eisenbarth et al.) 2010: Relay aHacks on passive keyless entry systems (Francillon et al.) 2014: Cesare: aHack on 2000 – 05 vehicle 2015: “RollJam” by Spencerwhyte / Kamkar (had been proposed before, does not apply to most modern vehicles since buHon is authenGcated)

8

slide-9
SLIDE 9

VW GROUP SYSTEM

9

slide-10
SLIDE 10
  • Analysed RKE schemes used in most VW Group cars manufactured between 1995

and 2016

  • Utilized personal cars for testing
  • >10% worldwide market share
  • Four main schemes studied

(VW-1…VW-4)

10

slide-11
SLIDE 11

ANALYSIS (CONT.)

Step 1: Eavesdropping & decoding Step 2: Reverse-engineering ECUs assembly (Dump ECU firmware)

11

slide-12
SLIDE 12

VW-1 SCHEME

12

  • Security by Obscurity
  • First four bytes hold XOR and UID
  • Linear Feedback Shift Register (LSFR) – Unencrypted Counter
  • Button pressed
  • Modified Replay Attacks! (Increment Counter)
  • Used until 2005
slide-13
SLIDE 13

VW-2, VW-3 SCHEMES

13

  • Preamble (Used since 2004 and 2006)
  • 8-byte encrypted payload
  • Button pressed
  • AUT64 Encryption – Round-cipher
  • 91.55 bit key size
  • Global master key is reused across every car
slide-14
SLIDE 14

VW-4 SCHEME

  • Same frame format as previous (VW-3)
  • XTEA cipher (secure standard cipher)
  • 64 Round Feistel Structure(64-bit block size and 128 bit-key)
  • Well suited for low-powered remotes
  • Global Master keys… Adversary can clone remote by eavesdropping a

single rolling code

  • Used since 2009

14

slide-15
SLIDE 15

HITAG2 SYSTEM

15

slide-16
SLIDE 16

HITAG2 SYSTEM (CONT.)

  • Designed by NXP Semiconductors
  • RKE scheme example
  • Hybrid key (Immo+RKE) uses same uid but different secret key
  • Improved Rolling code system
  • Author crack after 4-8 button presses
  • *Attack requirements

16

slide-17
SLIDE 17

HITAG2 CIPHER

  • Stream cipher
  • 48-bit LFSR
  • Non-Linear Filter Function
  • Each clock cycle:

➢ 20-bits are put through function → 1 –bit key stream ➢ Feedback polynomial used to generate new bit on right of LSFR

17

REQUIREMENTS:

➢ 4 – 8 button presses ➢ Arduino setup (as it is used previously) ➢ Implement reactive jamming ➢ Speeding up trace collection

slide-18
SLIDE 18

18

slide-19
SLIDE 19

HITAG2 CIPHER (CONT.)

  • Results
  • ~1-Minute Average to crack with typical Laptop
  • Maximum Crack time: ~10-Minutes
  • Issue does arise when guessing the 18-MSBs of counter
  • Not a big deal though. Counter MSBs can be predicted by model year of car
  • Hitag2 RKEs are vulnerable due to flaw in cryptography

(takes 4-8 button presses to crack)

19

slide-20
SLIDE 20

CONCLUSIONS

  • The results of this paper show that major manufacturers have used insecure

schemes over than 20 years.

  • Authors informed

VW Group for their findings in back in December 2015 and NXP Semiconductors in January 2016.

  • RKE systems can be hacked using cheap technical equipment (devices). The

necessary equipment to receive and send rolling codes, are low cost so eavesdropping and cloning are easier.

  • Weaknesses in the Hitag2 cipher known for many years but still used in new

vehicles.

  • Poor crypto is bad, but poor key management is worse.
  • This research may explain several mysterious theft cases without signs of

forced entry.

20

slide-21
SLIDE 21

“AN EXPERIMENTAL SECURITY ANALYSIS OF AN INDUSTRIAL ROBOT CONTROLLER”

DAVIDE QUARTA, MARCELLO POGLIANI, MARIO POLINO, FEDERICO MAGGI, ANDREA MARIA ZANCHETTIN AND STEFANO ZANERO

POLITECNICO DI MILANO, ITALY TREND MICRO INC.

21

slide-22
SLIDE 22

ABSTRACT

  • Authors undertake a systematic analysis of the attack surface and potential impacts of

cyber attacks against industrial robots

  • Model of robot architecture and attack classes
  • Industry specific challenges
  • Case study
  • Their findings show the vulnerabilities
  • Propose future directions

22

slide-23
SLIDE 23

INTRODUCTION

  • What is an industrial robot?
  • IFR forecasts that by 2018
  • approx. 1.3 billion industrial

robot units will be employed in factories globally

  • International market value is
  • approx. 32 billion USD.

23

slide-24
SLIDE 24

MOTIVATIONS

24

Industry 4.0 vision trends

Industrial robots are exposed often interconnected to the

  • n internet, e.g. there are some industrial routers and

these due to the fact that they need to be really flexible just to make the production be more efficient.

slide-25
SLIDE 25

Lack of Awareness (Motivations cont.)

25

Preliminary investigation: Authors sent a survey to 50 domain experts from the academia and the industry. (including representatives of relevant scientific and technical societies) ~ avg. 20 answers

Awareness of cyber security risks deriving from industrial robots…

RESULTS: ➢ 28% users not enforced access control policies ➢ 30% robots directly accessible over the internet ➢ 76% users never perform vulnerability assessment ➢ More than 50% did not think that cyberattack was a realistic threat on industrial robots

slide-26
SLIDE 26

26

slide-27
SLIDE 27

OBSERVATIONS

  • 1. The increased connectivity of computer and robot systems is (and will be)

exposing robots to cyberattacks

  • 2. The safety systems governing robots are increasing implemented in software
  • 3. Awareness of security risks within the robot ecosystem is very low

(confirmed by both a small scale survey undertaken by the authors, and the shocking state of security in practice)

27

slide-28
SLIDE 28

THREAT SCENARIOS

  • Production Outcome Altering
  • Production Plant Halting
  • Unauthorized Access/ Physical Damage
  • Remote Exposure (Shodan and ZoomEye)/ Vendors
  • Network and Physical Attacker

*Attacker has technical capabilities and access to equipment of course.

28

slide-29
SLIDE 29

29

Access over the network?

slide-30
SLIDE 30

5 ROBOT SPECIFIC ATTACKS

30

slide-31
SLIDE 31

REQUIREMENTS

31

These are the simple “Laws of Robotics”…

Accuracy Safety Integrity

slide-32
SLIDE 32

Attack 1: Control Loop Alteration

32

slide-33
SLIDE 33

Attack 2: Calibration parameters tampering

33

slide-34
SLIDE 34

Attack 3: Tampering with the Production Logic

34

slide-35
SLIDE 35

Attack 4&5: (User-perceived) Robot state alteration

35

slide-36
SLIDE 36

VULNERABILITIES

  • Access to interface parameters
  • Software/motor impacts (wireless to control mode, emergency stop)
  • Exposed controller calibration model or data
  • Controller does not enforce end-to-end integrity, file system or authentication by pass
  • Sometimes depends on access to file storing configuration parameters which may

impact robot movements

36

slide-37
SLIDE 37

CASE STUDY

37

slide-38
SLIDE 38

CONCLUSIONS

  • Authors have been developed various robot specific attacks and

they built some threat scenarios.

  • Also, they explored theoretically and experimentally, the challenges

and impacts of the security of modern industrial robots.

  • Showed how an attacker can compromise a robot controller and

gain full control of the robot, altering the production process. (Controller exploitation of an industry robot that mainly used)

  • This research also mentions some future challenges e.g. secure

collοrabative robots (Co-Bots) and Human Robot Interaction and also attack detection will be harder.

38

slide-39
SLIDE 39

THANK YOU FOR YOUR ATTENTION!!!

Q&A

39