Meet the NORCICS PhDs and PostDocs - James G Wright

James W. G Wright is a Postdoctoral researcher working within the NORICIS’ Work Package 2: Foundations. His work focuses on developing security primitives, by creating foundational notions of secure and safe protocol behaviour for devices within industrial control and smart grid (ICS/SG) systems. These notions allow for easier development of secure by design protocols, and can be used to focus the attention of SOCs by providing a formal model of compromised behaviour.

His current focus is using the communication models within the 5G standard to build defense in depth explicitly into the protocols, as the standard’s security has a single point of failure within the Access and Mobility Management Function (AMF). The goal is to use the gNB receivers to interrogate any new receivers in the area, to ensure that there are only authorised gNBs operating in the network. This reduces the risk of IMSI/SUPI catchers on the network compromising and tracking user’s identities.

The development of secure communication protocols has never strayed far from the needs of their original users, the intelligence community. With a presumption that any exploitable flaw in the protocol’s communication model would fail deadly, the formal methods and cryptographic communities have dedicated all their efforts into the prevention of compromise. They have left the detection and response to other security technologies and processes. This core design goal has worked well with IT technologies, where any flaw or deadlock could be resolved with a swift reboot, but this is untenable with ICS/SG systems. The safety requirements, and geographically isolated locations, of devices means the devices must be able to fail safely, even when parts of their communication have been compromised.

The goal of this project is to bridge the gap between the design of security protocols and the needs of ICS/SG systems, which will help facilitate a secure transition into industry 4.0 production.

Currently, the ICS/SG systems are underserved by security protocols, as the view from the security community is to just increase the deployment of cryptographic technologies across the sector to ensure the safety requirements. In some cases, such as sending ‘open the circuit breaker’, the time it requires to encrypt and transmit the message violates the quality of service requirement for safe delivery. In other cases, encryption technologies are incompatible with the kind of determinism required by ICS/SG systems, which don’t only care that the messages arrive in the correct order but that they arrive at the correct time. The project seeks to model the needs of ICS/SG devices to pinpoint the protocol communication models that need compromise contingent states built into them, so the system can fail safely.

This project will produce new secure communication models for protocols that will increase ICS/SG system operators’ trust in their communication networks. These models will incorporate the distributed nature of these systems, the network and control semantics, and the variations in the kinds of devices in the ICS/SG systems to push the limits of security protocols. The work aims to utilise these components as signals and security primitives that can be used to maintain observability and control in and of themselves. This will allow for protocols that can gracefully fail safe when ICS/SG system is compromised.

These properties and techniques will provide boons for both standard writers, and system implementers. The new communications models will allow protocol designers to build defense in depth directly into the standards, as the on the network will be able to monitor its own semantics for possible compromise. These new models can also be incorporated into traditional IT. They will also allow for the development of new and more focused intrusion detection systems, along with providing insight into their optimal position on the infrastructure, which will reduce the amount of data that the ICS/SG SOC will have to manage to detect compromise.