Cyber-Physical Systems (CPS) are being widely adopted in critical infrastructures, such as smart grids, nuclear plants, water systems, transportation systems, manufacturing and healthcare services, among others. However, the increasing prevalence of cyberattacks targeting them raises a growing security concern in the domain. In particular, memory-safety attacks, that exploit memory-safety vulnerabilities, constitute a major attack vector against real-time control devices in CPS. Traditional IT countermeasures against such attacks have limitations when applied to the CPS context: they typically incur in high runtime overheads; which conflicts with real-time constraints in CPS and they often abort the program when an attack is detected, thus harming availability of the system, which in turn can potentially result in damage to the physical world. In this work, we propose to enforce a full-stack memory-safety (covering user-space and kernel-space attack surfaces) based on secure compiling of PLCs to detect memory-safety attacks in CPS. Furthermore, to ensure availability, we enforce a resilient mitigation technique that bypasses illegal memory access instructions at runtime by dynamically instrumenting low-level code. We empirically measure the computational overhead caused by our approach on two experimental settings based on real CPS. The experimental results show that our approach effectively and efficiently detects and mitigates memory-safety attacks in realistic CPS.

网络物理系统（CPS）在关键基础设施中被广泛采用，例如智能电网，核电站，水系统，运输系统，制造和医疗保健服务等。但是，针对它们的网络攻击的日益普及引起了该域中日益增长的安全问题。特别是，利用内存安全漏洞的内存安全攻击构成了针对CPS中实时控制设备的主要攻击媒介。传统的针对此类攻击的IT对策在应用于CPS上下文时具有局限性：它们通常会导致运行时开销过大；这与CPS中的实时约束相冲突，并且在检测到攻击时它们经常中止程序，从而损害了系统的可用性，进而有可能导致对物理世界的破坏。基于PLC的安全编译以检测CPS中的内存安全攻击的全栈内存安全（覆盖用户空间和内核空间攻击面）。此外，为了确保可用性，我们实施了弹性缓解技术，该技术通过动态检测低级代码来在运行时绕过非法内存访问指令。我们以实测CPS为基础，在两个实验设置上经验性地测量了由我们的方法引起的计算开销。实验结果表明，我们的方法有效，高效地检测和减轻了实际CPS中的内存安全攻击。