Enhancing Integrity of Modbus TCP Through Covert Channels

CPS-enabled systems form the underlying support infrastructure that impact the efficient delivery of critical goods and services in our modern society. Failure to adequately protect the integrity, confidentiality, and availability of our critical infrastructure systems, like transportation, delivery of energy and water, and healthcare, could introduce vulnerabilities that could be exploited by attackers. CPS networks originated from a number of proprietary protocols, built to operate without connections that extended beyond the plant walls. This "security through obscurity" approach did not reveal widespread security risks until these systems were interconnected with other information technology systems, including vulnerable business operations networks. The characteristics of the communications protocols used in operational technology systems, like Modbus, present a number of barriers to adopting security enhancements. When these systems are exploited, which can be easily demonstrated on a Modbus system, the impact of security failures can be severe. Covert channels have the potential to create an out-of-band communication path that would enable some level of integrity checking between devices. The Modbus Covert Channel Integrity Check is a proposed concept that would demonstrate the use of covert channels as a method of secure communication that would prevent a number of attacks, including man-in-the-middle.