In this article, we will explore a potential security solution to increase the cybersecurity of computation performed on industrial edge devices. Edge devices include programmable logic controllers, microcontrollers, on-site servers, routers, and field-programmable gate arrays (FPGA's). These ubiquitous devices are instrumental to the industries that govern our world, including our electricity grids, healthcare systems, water treatment facilities, transportation logistics, and manufacturing chains. Automating and ensuring the security of these devices is essential, and the implications of automatic hardware cybersecurity are large for any organization. By automating security at the edge, organizations can protect their systems without needing constant human intervention and better adapt to dynamic and unpredictable environments.
The application of pre-trained Convolutional Neural Networks (CNNs) on edge devices, for instance, marks a significant leap in the field of decentralized computing. While this shift allows for greater efficiency in industry processes, this practice also raises critical concerns about the security risks associated with computing on edge devices. One primary security challenge is the limited computational resources of microcontrollers, making them susceptible to attacks that exploit their limited memory. Malicious actors can exploit vulnerabilities in the constrained memory and processing power of these devices, compromising their functionality, delaying important tasks, or executing unauthorized code. The low memory and resources available in edge devices also hinders our ability to implement robust security protocols, which leaves these devices more susceptible to data breaches. The distributed nature of edge computing introduces security risks in the data transmission between these devices and the cloud servers they communicate with. Intercepted communication can be manipulated for malicious purposes. The ever-changing nature of edge networks poses challenges in maintaining uniform security standards across a range of devices, potentially leaving weak links in the system that can be exploited. It would be helpful if there were some way to monitor the security of an edge device without using its memory or resources.
Researchers from Rutgers University have pioneered a method for monitoring the security of industry grade programmable logic controllers (PLC) from afar [1]. In a monitoring method named "Zeus", the monitoring procedure works by detecting the patterns in the changing electromagnetic field of the PLC’s circuit board. They particularly focus on the signature left behind by the "control flows" of the PLC, when the PLC switches from executing one program to another. They begin the paper by asserting that each unique instruction on their PLC of choice emanates a unique enough signature to perform this kind of analysis. This allows an observer to place a non-invasive sensor close to the PLC. The printed circuit board (PCB) inside the PLC acts as a collection of antennas that produce the signal detected by Zeus. Zeus then feeds these signals into a neural network, and produces a result using a mean square error loss function. As mentioned before, Zeus pays attention particularly to the transitions when a different program is executed in the PLC, and learns what the electromagnetic signal of a standard transition in the control flow should look like. Zeus’s analysis is done in the frequency domain, which is achieved by taking the Fourier transform of the time-based input from Zeus's on-board sensors. This separates it from its competitors and positions it as a promising cybersecurity solution, because it allows industry leaders to analyze the control flow with increased accuracy and ensure its performance. Its key selling point, however, is that it is contactless: unlike most competition, it does not require an invasive probe to be applied to the PLC at all. It simply acts as an outside observer, meaning that an attacker to Zeus would not be able to cross the “air gap” to the PLC. Additionally, this makes the deployment of Zeus much easier. Zeus’s long term short memory (LSTM) network layer, a type of neural network trained to work on sequential input data, keeps track of the code it analyzes as it learns what the electromagnetic transmissions look like. Called a Hidden State Vector, Zeus uses this to denote where in the code the attack is executed. The code is analyzed at a layer of abstraction (the electromagnetic radiation), but doesn't lose any information - we are still able to return back to the source code to perform more rigorous analysis and correction. Zeus proves itself to be a scalable technology with huge implications for edge-device security. Its analysis is conducted as a black–box, and it can be deployed noninvasively, meaning industry workers across the board would be able to set up such a system without incurring overhead costs from installment and upkeep. Additionally, in-depth knowledge of the fundamental engineering principles behind Zeus is not required for successful deployment.
This method has huge precedents for the future of cybersecurity on the edge. When applied to various types of edge devices, monitoring the electromagnetic emissions of deployed real world systems offers a simple, continuous, and real time solution to the security risks currently faced in industry. Zeus not only addresses immediate security concerns but also sets a lasting precedent for the future of cybersecurity on the edge. As we navigate the increasingly complex landscape of decentralized computing, where edge devices will play a significant role in automating jobs and entire industries, the significance of noninvasive, contactless security solutions is huge. Zeus's scalability makes it a versatile and practical tool for securing real-world systems. The continuous, real-time monitoring of electromagnetic emissions offers a non-invasive solution to edge device security without occupying limited computational resources, and is an easily implementable system with promises of scalability. Additionally, the emphasis on automating security analysis aligns with the broader industry trend of reducing human roles in routine security tasks. This not only enhances the reliability and responsiveness of security measures but also allows industries to shift their focus towards other fields such as design, innovation, and sustainability. By implementing solutions like Zeus, industries can automate edge device security at scale, and with ease. The contactless nature of Zeus offers the opportunity for seamless integration into existing industrial setups. As a result, organizations can redirect the time and energy of their workforce, ultimately paving the way for a more secure, innovative, and resilient industrial landscape. Our technological future will rely on a cohesive harmony between woman and machine, and the automation and advanced cybersecurity techniques exemplified by Zeus are just the start of a more efficient and secure industrial future.