Abstract

The recently discovered 'W32.Stuxnet' worm has drastically changed the perception that systems managing critical infrastructure are invulnerable to software security attacks. Here we present an architecture that enhances the security of safety-critical cyber-physical systems despite the presence of such malware. Our architecture uses the property that control systems have deterministic real-time) execution behavior to detect an intrusion within 0.6 μs while still guaranteeing the safety of the plant. We also show that even if an attacker is successful (or gains access to the operating system's administrative privileges), the overall state of the physical system still remains safe.