Estimating the Impact of Cyber-Attack Strategies for Stochastic Networked Control Systems

Risk assessment is an inevitable step in implementation of a cyber-defense strategy. An important part of this assessment is to reason about the impact of possible attacks. In this paper, we study the problem of estimating the impact of cyber-attacks in stochastic linear networked control systems. For the stealthiness constraint, we adopt the Kullback–Leibler divergence between attacked and nonattacked residual sequences. Two impact metrics are considered: the probability that some of the critical states leave a safety region and the expected value of the infinity norm of the critical states. For the first metric, we prove that the optimal value of the impact estimation problem can be calculated by solving a set of convex problems. For the second, we derive efficiency to calculate lower and upper bounds. Finally, we show compatibility of our framework with a number of attack strategies proposed in the literature and demonstrate how it can be used for risk assessment in an example.

[1]  Karl Henrik Johansson,et al.  Voltage control for interconnected microgrids under adversarial actions , 2015, 2015 IEEE 20th Conference on Emerging Technologies & Factory Automation (ETFA).

[2]  S. Shankar Sastry,et al.  Research Challenges for the Security of Control Systems , 2008, HotSec.

[3]  D. Kushner,et al.  The real story of stuxnet , 2013, IEEE Spectrum.

[4]  Charles W. Champ,et al.  A multivariate exponentially weighted moving average control chart , 1992 .

[5]  Soummya Kar,et al.  Information flow for security in control systems , 2016, 2016 IEEE 55th Conference on Decision and Control (CDC).

[6]  S. Shankar Sastry,et al.  Safe and Secure Networked Control Systems under Denial-of-Service Attacks , 2009, HSCC.

[7]  Hossein Hassani,et al.  On the Folded Normal Distribution , 2014, 1402.3559.

[8]  Soummya Kar,et al.  Optimal Attack Strategies Subject to Detection Constraints Against Cyber-Physical Systems , 2016, IEEE Transactions on Control of Network Systems.

[9]  Bruno Sinopoli,et al.  Detecting Integrity Attacks on SCADA Systems , 2011 .

[10]  Vijay Gupta,et al.  On Kalman Filtering with Compromised Sensors: Attack Stealthiness and Performance Bounds , 2017, IEEE Transactions on Automatic Control.

[11]  Peter Palensky,et al.  Combined data integrity and availability attacks on state estimation in cyber-physical power grids , 2016, 2016 IEEE International Conference on Smart Grid Communications (SmartGridComm).

[12]  Anguluri Rajasekhar,et al.  Periodic coordinated attacks against cyber-physical systems: Detectability and performance bounds , 2016, 2016 IEEE 55th Conference on Decision and Control (CDC).

[13]  Karen A. Scarfone,et al.  SP 800-82. Guide to Industrial Control Systems (ICS) Security: Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS), and other control system configurations such as Programmable Logic Controllers (PLC) , 2011 .

[14]  Gary Stoneburner,et al.  SP 800-30. Risk Management Guide for Information Technology Systems , 2002 .

[15]  Carlos Murguia,et al.  Model-based Attack Detection Scheme for Smart Water Distribution Networks , 2017, AsiaCCS.

[16]  Thomas M. Cover,et al.  Elements of Information Theory , 2005 .

[17]  Henrik Sandberg,et al.  Security analysis of control system anomaly detectors , 2017, 2017 American Control Conference (ACC).

[18]  Karl Henrik Johansson,et al.  Reduced-order predictive outage compensators for networked systems , 2009, Proceedings of the 48h IEEE Conference on Decision and Control (CDC) held jointly with 2009 28th Chinese Control Conference.

[19]  Dragan Nesic,et al.  Security Metrics of Networked Control Systems under Sensor Attacks (extended preprint) , 2018, ArXiv.

[20]  Michèle Basseville,et al.  Detection of abrupt changes: theory and application , 1993 .

[21]  Luca Schenato,et al.  To Zero or to Hold Control Inputs With Lossy Links? , 2009, IEEE Transactions on Automatic Control.

[22]  Stephen P. Boyd,et al.  Antagonistic control , 2016, Syst. Control. Lett..

[23]  Karl Henrik Johansson,et al.  Exploiting Submodularity in Security Measure Allocation for Industrial Control Systems , 2017, SafeThings@SenSys.

[24]  Bruno Sinopoli,et al.  Modeling impact of attacks, recovery, and attackability conditions for situational awareness , 2014, 2014 IEEE International Inter-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support (CogSIMA).

[25]  Florian Dörfler,et al.  Attack Detection and Identification in Cyber-Physical Systems -- Part II: Centralized and Distributed Monitor Design , 2012, ArXiv.

[26]  Bruno Sinopoli,et al.  A Graph-Theoretic Characterization of Perfect Attackability for Secure Design of Distributed Control Systems , 2017, IEEE Transactions on Control of Network Systems.

[27]  M. Perlman Jensen's inequality for a convex vector-valued function on an infinite-dimensional space , 1974 .

[28]  Riccardo M. G. Ferrari,et al.  Detection and isolation of routing attacks through sensor watermarking , 2017, 2017 American Control Conference (ACC).

[29]  Carlos Murguia,et al.  Tuning Windowed Chi-Squared Detectors for Sensor Attacks , 2017, 2018 Annual American Control Conference (ACC).

[30]  Karl Henrik Johansson,et al.  Analysis and Mitigation of Bias Injection Attacks Against a Kalman Filter , 2017 .

[31]  Henrik Sandberg,et al.  Limiting the Impact of Stealthy Attacks on Industrial Control Systems , 2016, CCS.

[32]  Karl Henrik Johansson,et al.  A secure control framework for resource-limited adversaries , 2012, Autom..

[33]  Bruno Sinopoli,et al.  On the Performance Degradation of Cyber-Physical Systems Under Stealthy Integrity Attacks , 2016, IEEE Transactions on Automatic Control.

[34]  Ling Shi,et al.  Worst-case stealthy innovation-based linear attack on remote state estimation , 2018, Autom..

[35]  Petros G. Voulgaris,et al.  On the Computation of Worst Attacks: a LP Framework , 2018, 2018 Annual American Control Conference (ACC).

[36]  Ling Shi,et al.  The Performance and Limitations of $\epsilon$- Stealthy Attacks on Higher Order Systems , 2017, IEEE Transactions on Automatic Control.

[37]  B. Brumback,et al.  A Chi-square test for fault-detection in Kalman filters , 1987 .

[38]  Ling Shi,et al.  Optimal Linear Cyber-Attack on Remote State Estimation , 2017, IEEE Transactions on Control of Network Systems.

[39]  Karen A. Scarfone,et al.  Guide to Industrial Control Systems (ICS) Security , 2015 .

[40]  Nathan van de Wouw,et al.  Reachable Sets of Hidden CPS Sensor Attacks: Analysis and Synthesis Tools , 2017 .

[41]  Ilija Jovanov,et al.  Sporadic data integrity for secure state estimation , 2017, 2017 IEEE 56th Annual Conference on Decision and Control (CDC).

[42]  Vijay Gupta,et al.  On Kalman filtering in the presence of a compromised sensor: Fundamental performance bounds , 2014, 2014 American Control Conference.

[43]  Michel Kinnaert,et al.  Diagnosis and Fault-Tolerant Control , 2004, IEEE Transactions on Automatic Control.

[44]  Karl Henrik Johansson,et al.  Quantifying the Impact of Cyber-Attack Strategies for Control Systems Equipped With an Anomaly Detector , 2018, 2018 European Control Conference (ECC).

[45]  Jill Slay,et al.  Lessons Learned from the Maroochy Water Breach , 2007, Critical Infrastructure Protection.

[46]  Alvaro A. Cárdenas,et al.  Attacks against process control systems: risk assessment, detection, and response , 2011, ASIACCS '11.

[47]  Emanuele Garone,et al.  False data injection attacks against state estimation in wireless sensor networks , 2010, 49th IEEE Conference on Decision and Control (CDC).

[48]  Petros G. Voulgaris,et al.  On optimal ℓ∞ to ℓ∞ filtering , 1995, Autom..