Trust, But Verify? Perspectives On Industrial Device Security

Industrial Control System (ICS) host devices such as Programable Logic Controllers (PLCs) are widely using proprietary realtime operating systems with little or no support for Cybersecurity features. Even security solutions widely used in mainstream operating systems since 20+ years are missing, such as process isolation, root of trust, hardware support for cryptographic functions. In this talk, we discuss reasons for this situation, and how to realistically introduce basic security features into such an environment. We provide an overview on recent offensive and defensive work for embedded realtime operating systems, their constraints on opportunities, and propose complementary approaches focusing on realtime monitoring of legacy host systems.