Evaluation of physical parameters for detection of attacks in fieldbuses

Type of thesis: Master thesis (Bachelor thesis with reduced scope)

Technical background:

Fieldbuses are used in industrial and building automation systems to connect sensors, actuators and controller modules. They are criminally disregarded in IT security and represent a welcome gateway to other parts of the IT infrastructure.

We are researching new approaches to securing the fieldbus level in automation systems. In this work we want to investigate whether physical / electrical parameters of communication can be used to detect attacks.

Task description:

Within the scope of the work, the signal course is to be recorded on a field bus by means of a digital storage oscilloscope.

The following questions are to be answered:

  • Which physical parameters can be used and what effort does their measurement cause? Examples would be the exact timing of protocol messages, the voltage on the cable and the precise signal course.
  • Which features can be used for the detection of attacks?
  • What types of attacks can be detected? What are the prerequisites for detection?

Possible work steps:

  • View the protocols under investigation at the field level.
  • Test of various measuring devices to record the physical parameters.
  • Calculation of features.
  • Conception of a simple analysis tool for testing (for Bachelor thesis possibly without complex evaluation).
  • Design of classification methods for the detection of attacks.
  • Implementation
  • Testing
  • Appraisal

The exact determination of the topic is made in consultation with the supervisors, taking into account any topics already assigned to other students. It may be possible for several students to work on different sub-themes together. 

Literature and Resources:

  • Amrein, A., et al. "Security intelligence for industrial control systems." IBM Journal of Research and Development 60.4 (2016): 13-1.
  • Aschendorf, Bernd. "Funktionen der Gebäudeautomation." Energiemanagement durch Gebäudeautomation. Springer Fachmedien Wiesbaden, 2014.
  • Merz, Hermann, Thomas Hansemann, and Christof Hübner. "Gebäudeautomation." München: Carl-Hanser-Verlag (2010).
  • Sokollik, Frank; Helm, Peter; Seela Ralph. "KNX für die Gebäudesystemtechnik in Wohn- und Zweckbau" Berlin: VDE-Verlag (2017).

Supervisor: Dr. Thomas Mundt (thomas.mundt@uni-rostock.de)

Prerequisites: No special programming knowledge in a higher programming language and knowledge of simulation are advantageous. A basic understanding of the electrical properties of networks is helpful.