Modern Industrial Control Systems (ICS) interconnect, monitor, and control processes in a variety of industries such as electric power generation, transmission and distribution, chemical production, oil and gas, refining, and water desalination. The security of ICS is receiving increased attention, due to the importance of national critical infrastructure. As modern ICS include more commercial-off-the-shelf software and hardware components, vulnerabilities from the IT world can be easily ported to the ICS world. In this research directions, we develop security assessment solutions tailored for ICS.
Relevant projects can be found at the lab’s Github page. Some sample projects:
[1] A. Keliris and M. Maniatakos. “ICSREF: A Framework for Automated Reverse Engineering of Industrial Control Systems Binaries”. In: Network and Distributed System Security Symposium (NDSS). 2019
Github: https://github.com/momalab/ICSREF
[2] D. Tychalas and M. Maniatakos. “IFFSET: in-field fuzzing of industrial control systems using system emulation”. In: IEEE Design, Automation & Test in Europe Conference & Exhibition (DATE). 2020, pp. 662–665
Video: https://youtu.be/nKaYiaFM440
Github: https://github.com/momalab/iffset
[3] D. Tychalas, H. Benkraouda, and M. Maniatakos. “ICSFuzz: Manipulating I/Os and Repurposing Binary Code to Enable Instrumented Fuzzing in ICS Control Applications”. In: USENIX Security. 2021
Video: https://youtu.be/SImfKq9oVbQ
Github: https://github.com/momalab/ICSFuzz
[4] Rajput, P. H. N., Doumanidis, C., & Maniatakos, M. “ICSPatch: Automated Vulnerability Localization and Non-Intrusive Hotpatching in Industrial Control Systems using Data Dependence Graphs.”. In: USENIX Security. 2023