Analysis of Industrial Device Architectures for Real-Time Operations under Denial of Service Attacks
More and more industrial devices are connected to IP-based networks, as this is essential for the success of Industry 4.0. However, this interconnection also results in an increased attack surface for various network-based attacks. One of the easiest attacks to carry out are DoS attacks, in which the attacked target is overloaded due to high network traffic and corresponding CPU load. Therefore, the attacked device can no longer provide its regular services. This is especially critical for devices, which perform real-time operations in industrial processes. To protect against DoS attacks, there is the possibility of throttling network traffic at the perimeter, e.g. by a firewall, to develop robust device architectures. In this paper, we analyze various concepts for secure device architectures and compare them with regard to their robustness against DoS attacks. Here, special attention is paid to how the control process of an industrial controller behaves during the attack. For this purpose, we compare different schedulers on single-core and dual-core Linux-based systems, as well as a heterogeneous multi-core architecture under various network loads and additional system stress.
READ FULL TEXT