Power Fingerprinting Monitor: Protecting Critical Infrastructure from Cyber Attack

Carlos R. Aguayo Gonzalez, Jeffrey H. Reed, and Steven Chen
Power Fingerprinting, Inc.,
Blacksburg, VA

A cyber attack to a critical infrastructure can have devastating consequences to national security. Yet, solutions capable of monitoring the execution of Industrial Control Systems (ICSs) are absent or deficient. Current cyber security solutions for ICSs focus on patching, peripheral defenses (firewalls, access control, air gaps), network monitoring, and signature-based detection on peripheral hosts (antivirus).

Power Fingerprinting Monitor

Power Fingerprinting (PFP) is a cyber security solution capable of directly detecting malicious intrusions in critical infrastructure and ICS. PFP allows the monitoring of platforms with limited computational resources and memory, which would not have the resources to support traditional security monitoring approaches.

PFP performs fine-grained anomaly detection on the processor’s power consumption to determine whether it has deviated from expected operation. A PFP monitor uses a physical sensor to capture fine-grained power consumption signals, also known as “side channels,” which contain tiny patterns or fingerprints that emerge during the transitions from one instruction to another. In PFP, power traces are processed using signal detection and classification techniques using an external device. The observed traces are compared against trusted references to assess whether the execution has deviated from its expected behavior, e.g. when an attack has managed to install malicious software. Because actual monitoring is performed by an external device, the memory and processing overhead on the target systems is greatly reduced or totally eliminated.

A future application will be to monitor devices that compose the Internet of Things — simple devices addressable over the Internet.

Watch a video demonstrating PFP on Tech Briefs TV. For more information, visit the entry

Honorable Mentions

Line-Wise Snap-On Identifier

Line-Wise Snap-On Identifier

Alan Sherman and Neil Koenig,
Olivette, MO

The Line-Wise identifier is a simple, inexpensive, snap-on information display that can be readily written on to provide information about the function, application, and any cautionary issues concerning the line to which it is attached. They help resolve problems that exist where complex arrays of optic cables, electric wires, and fluid/gas tubes are employed. Line-Wise can be quickly installed anywhere along the length of a line, even in multiples, so persons in any area along the length of the line know that the line installations are correct, properly maintained, and that any cautionary matters are readily known.

For more information, visit the entry

Electronic Aerial Emergency Flare

Electronic Aerial Emergency Flare

Harry Wainwright,
HLeeWainwright Tech Consulting,
Bethlehem, PA

The Flash Sphere emergency flare solves many problems inherent in flares that lie on the ground. It gives off no heat, and it can be seen over hills, around curves, above trees, and from great distances to warn of upcoming traffic hazards and serve as a beacon for search and rescue teams. It consists of five highintensity red, white, and blue LEDs mounted in a 1"-diameter lightweight sphere hung from the bottom of a Mylar inflatable balloon The Sphere is activated by pulling an insulated tab to light the LEDs. When released to the sky, it will remain up to 200 feet in altitude, 24/7, flashing for a week or more.

For more information, visit the entry

The U.S. Government does not endorse any commercial product, process, or activity identified on this web site.