Covert Attacks in Cyber-Physical Control Systems

The advantages of using communication networks to interconnect controllers and physical plants motivate the increasing number of networked control systems in industrial and critical infrastructure facilities. However, this integration also exposes such control systems to new threats, typical of the cyber domain. In this context, studies have been conducted, aiming to explore vulnerabilities and propose security solutions for cyber-physical systems. In this paper, a covert attack for service degradation is proposed, which is planned based on the intelligence gathered by another attack, herein proposed, referred as system identification attack. The simulation results demonstrate that the joint operation of the two attacks is capable to affect, in a covert and accurate way, the physical behavior of a system.

[1]  Y. Tipsuwan,et al.  An implementation of a networked PI controller over IP network , 2003, IECON'03. 29th Annual Conference of the IEEE Industrial Electronics Society (IEEE Cat. No.03CH37468).

[2]  B. Goswami,et al.  Network Control System Applied to a Large Pressurized Heavy Water Reactor , 2006, IEEE Transactions on Nuclear Science.

[3]  Manoj Kumar,et al.  Networked Control of a Large Pressurized Heavy Water Reactor (PHWR) With Discrete Proportional-Integral-Derivative (PID) Controllers , 2013, IEEE Transactions on Nuclear Science.

[4]  J. Schmee Applied Statistics—A Handbook of Techniques , 1984 .

[5]  Ahmed Serhrouchni,et al.  Taxonomy of attacks on industrial control protocols , 2015, 2015 International Conference on Protocol Engineering (ICPE) and International Conference on New Technologies of Distributed Systems (NTDS).

[6]  Adam Hahn Operational Technology and Information Technology in Industrial Control Systems , 2016 .

[7]  Guo-Ping Liu,et al.  Design and Implementation of Secure Networked Predictive Control Systems Under Deception Attacks , 2012, IEEE Transactions on Control Systems Technology.

[8]  Tang Ming . Wei Lian. Si Tuo Lin Si,et al.  Cryptography and Network Security - Principles and Practice , 2015 .

[9]  Xavier Litrico,et al.  Cyber Security of Water SCADA Systems—Part II: Attack Detection Using Enhanced Hydrodynamic Models , 2013, IEEE Transactions on Control Systems Technology.

[10]  G. Padmavathi,et al.  A Survey on Various Cyber Attacks and their Classification , 2013, Int. J. Netw. Secur..

[11]  Xavier Litrico,et al.  Cyber Security of Water SCADA Systems—Part I: Analysis and Experimentation of Stealthy Deception Attacks , 2013, IEEE Transactions on Control Systems Technology.

[12]  Hyunuk Hwang,et al.  A Study on MITM (Man in the Middle) Vulnerability in Wireless Network Using 802.1X and EAP , 2008, 2008 International Conference on Information Science and Security (ICISS 2008).

[13]  张聪,et al.  Informative Property of the Data Set in a Single-input Single-output (SISO) Closed-loop System with a Switching Controller* , 2012 .

[14]  Pinar Çivicioglu,et al.  Backtracking Search Optimization Algorithm for numerical optimization problems , 2013, Appl. Math. Comput..

[15]  Zita A. Vale,et al.  Cyber-Physical Intelligence in the Context of Power Systems , 2011, FGIT.

[16]  M. El-Sharkawi,et al.  Variable Structure Tracking of DC Motor for High Performance Applications , 1989, IEEE Power Engineering Review.

[17]  Emiliano Sisinni,et al.  Improving simulation of wireless networked control systems based on WirelessHART , 2013, Comput. Stand. Interfaces.

[18]  Mohamed A. El-Sharkawi,et al.  Variable structure tracking of DC motor for high performance applications , 1989 .

[19]  Sameer Qazi,et al.  Cyber Security Backdrop: A SCADA testbed , 2014, 2014 IEEE Computers, Communications and IT Applications Conference.

[20]  Naima Kaabouch,et al.  Cyber security in the Smart Grid: Survey and challenges , 2013, Comput. Networks.

[21]  Nadia Nedjah,et al.  Distributed efficient localization in swarm robotic systems using swarm intelligence algorithms , 2016, Neurocomputing.

[22]  Punit Sharma,et al.  A Taxonomy of Physical Layer Attacks in MANET , 2015 .

[23]  Huijun Gao,et al.  Network-Induced Constraints in Networked Control Systems—A Survey , 2013, IEEE Transactions on Industrial Informatics.

[24]  Karen A. Scarfone,et al.  Guide to Industrial Control Systems (ICS) Security , 2015 .

[25]  Roy S. Smith,et al.  Covert Misappropriation of Networked Control Systems: Presenting a Feedback Structure , 2015, IEEE Control Systems.

[26]  John S. Heidemann,et al.  A framework for classifying denial of service attacks , 2003, SIGCOMM '03.

[27]  Gongpu Wang,et al.  Intercept Behavior Analysis of Industrial Wireless Sensor Networks in the Presence of Eavesdropping Attack , 2015, IEEE Transactions on Industrial Informatics.

[28]  Zhuo Lu,et al.  Cyber security in the Smart Grid: Survey and challenges , 2013, Comput. Networks.

[29]  Karl Henrik Johansson,et al.  A secure control framework for resource-limited adversaries , 2012, Autom..

[30]  Ralph Langner,et al.  Stuxnet: Dissecting a Cyberwarfare Weapon , 2011, IEEE Security & Privacy.

[31]  Zhiliang Wang,et al.  Security Solutions for Networked Control Systems Based on DES Algorithm and Improved Grey Prediction Model , 2013 .

[32]  Mo-Yuen Chow,et al.  Networked Control System: Overview and Research Trends , 2010, IEEE Transactions on Industrial Electronics.

[33]  Roy S. Smith,et al.  A Decoupled Feedback Structure for Covertly Appropriating Networked Control Systems , 2011 .

[34]  Quang Phuc Ha,et al.  Robust Non-Overshoot Time Responses Using Cascade Sliding Mode-PID Control , 2007, J. Adv. Comput. Intell. Intell. Informatics.

[35]  Y. Tipsuwan,et al.  Network-based control systems: a tutorial , 2001, IECON'01. 27th Annual Conference of the IEEE Industrial Electronics Society (Cat. No.37243).

[36]  John Y. Hung,et al.  Denial of service attacks on network-based control systems: impact and mitigation , 2005, IEEE Transactions on Industrial Informatics.

[37]  Sinem Coleri Ergen,et al.  Minimum Energy Data Transmission for Wireless Networked Control Systems , 2014, IEEE Transactions on Wireless Communications.

[38]  Craig Partridge,et al.  Single-packet IP traceback , 2002, TNET.