Monitoring system reaction in cyber-physical testbed under cyber-attacks

Abstract In this paper, we exploit the cyber-physical testbed developed within the EU Project FACIES to analyze how monitor systems, typically used in Industrial Control Systems, may be prone to fail when facing cyber-attacks. Specifically, through several experimental trials, we test the poor ability of a Fault Diagnosis module to correctly manage cyber-attacks, which generally turn to be considered physical faults, forcing operators to perform erroneous countermeasures. To conclude, we outline how the presence of a cyber Intrusion Detection System improves the effectiveness and the reliability of the protection schema. The experimental validation has been carried out on an emulated water distribution system.

[1]  Alvaro A. Cárdenas,et al.  Attacks against process control systems: risk assessment, detection, and response , 2011, ASIACCS '11.

[2]  Francesco Bullo,et al.  Control-Theoretic Methods for Cyberphysical Security: Geometric Principles for Optimal Cross-Layer Resilient Control Systems , 2015, IEEE Control Systems.

[3]  Stephen D. Wolthusen,et al.  Critical Infrastructure Protection , 2012, Lecture Notes in Computer Science.

[4]  Karen A. Scarfone,et al.  Guide to Intrusion Detection and Prevention Systems (IDPS) , 2007 .

[5]  Sherali Zeadally,et al.  Critical infrastructure protection: Requirements and challenges for the 21st century , 2015, Int. J. Crit. Infrastructure Prot..

[6]  Jill Slay,et al.  Lessons Learned from the Maroochy Water Breach , 2007, Critical Infrastructure Protection.

[7]  R. Setola,et al.  The need to improve local self-awareness in CIP/CIIP , 2005, First IEEE International Workshop on Critical Infrastructure Protection (IWCIP'05).

[8]  Eric D. Knapp,et al.  Industrial Network Security: Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems , 2011 .

[9]  Federica Pascucci,et al.  Communications network analysis in a SCADA system testbed under cyber-attacks , 2015, 2015 23rd Telecommunications Forum Telfor (TELFOR).

[10]  S. Shankar Sastry,et al.  Secure Control: Towards Survivable Cyber-Physical Systems , 2008, 2008 The 28th International Conference on Distributed Computing Systems Workshops.

[11]  Xavier Litrico,et al.  Stealthy deception attacks on water SCADA systems , 2010, HSCC '10.

[12]  Cristina Alcaraz,et al.  Cyber Stealth Attacks in Critical Information Infrastructures , 2018, IEEE Systems Journal.

[13]  Cristina Alcaraz,et al.  Security Aspects of SCADA and DCS Environments , 2012, Critical Infrastructure Protection.

[14]  Karl Henrik Johansson,et al.  Cyber security analysis of state estimators in electric power systems , 2010, 49th IEEE Conference on Decision and Control (CDC).

[15]  Steven X. Ding,et al.  Model-based Fault Diagnosis Techniques: Design Schemes, Algorithms, and Tools , 2008 .

[16]  Marios M. Polycarpou,et al.  Critical Infrastructure Online Fault Detection: Application in Water Supply Systems , 2014, CRITIS.

[17]  H. Luiijf SCADA Security Good Practices for the Drinking Water Sector , 2008 .