Investigation of Cyber Attacks on a Water Distribution System

A Cyber Physical System (CPS) consists of cyber components for computation and communication, and physical components such as sensors and actuators for process control. These components are networked and interact in a feedback loop. CPS are found in critical infrastructure such as water distribution, power grid, and mass transportation. Often these systems are vulnerable to attacks as the cyber components such as Supervisory Control and Data Acquisition workstations, Human Machine Interface and Programmable Logic Controllers are potential targets for attackers. In this work, we report a study to investigate the impact of cyber attacks on a water distribution (WADI) system. Attacks were designed to meet attacker objectives and launched on WADI using a specially designed tool. This tool enables the launch of single and multi-point attacks where the latter are designed to specifically hide one or more attacks. The outcome of the experiments led to a better understanding of attack propagation and behavior of WADI in response to the attacks as well as to the design of an attack detection mechanism for water distribution system.

[1]  Aditya P. Mathur,et al.  WADI: a water distribution testbed for research in the design of secure cyber physical systems , 2017, CySWATER@CPSWeek.

[2]  Nils Ole Tippenhauer,et al.  Gamifying ICS Security Training and Research: Design, Implementation, and Results of S3 , 2017, CPS-SPC@CCS.

[3]  Sylvain Frey,et al.  The Good, the Bad and the Ugly: A Study of Security Decisions in a Cyber-Physical Systems Game , 2018, IEEE Transactions on Software Engineering.

[4]  Avi Ostfeld,et al.  Characterizing Cyber-Physical Attacks on Water Distribution Systems , 2017 .

[5]  Sridhar Adepu,et al.  Introducing Cyber Security at the Design Stage of Public Infrastructures: A Procedure and Case Study , 2016, CSDM Asia.

[6]  Mathias Ekstedt,et al.  Cyber Security Risks Assessment with Bayesian Defense Graphs and Architectural Models , 2009, 2009 42nd Hawaii International Conference on System Sciences.

[7]  Nils Ole Tippenhauer,et al.  On Attacker Models and Profiles for Cyber-Physical Systems , 2016, ESORICS.

[8]  Gerhard P Hancke,et al.  Introduction to Industrial Control Networks , 2013, IEEE Communications Surveys & Tutorials.

[9]  Amin Kharraz,et al.  Techniques and solutions for addressing ransomware attacks , 2017 .

[10]  Ing-Ray Chen,et al.  A survey of intrusion detection techniques for cyber-physical systems , 2014, ACM Comput. Surv..

[11]  Bradley R. Schmerl,et al.  View Consistency in Architectures for Cyber-Physical Systems , 2011, 2011 IEEE/ACM Second International Conference on Cyber-Physical Systems.

[12]  Sridhar Adepu,et al.  Integrating Six-Step Model with Information Flow Diagrams for Comprehensive Analysis of Cyber-Physical System Safety and Security , 2017, 2017 IEEE 18th International Symposium on High Assurance Systems Engineering (HASE).

[13]  Sridhar Adepu,et al.  Distributed Attack Detection in a Water Treatment Plant: Method and Case Study , 2018, IEEE Transactions on Dependable and Secure Computing.

[14]  Xavier Litrico,et al.  Cyber Security of Water SCADA Systems—Part II: Attack Detection Using Enhanced Hydrodynamic Models , 2013, IEEE Transactions on Control Systems Technology.

[15]  William H. Sanders,et al.  Go with the flow: toward workflow-oriented security assessment , 2013, NSPW '13.

[16]  Zubair A. Baig,et al.  Detecting Intrusive Activity in the Smart Grid Communications Infrastructure Using Self-Organizing Maps , 2013, 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications.

[17]  Sridhar Adepu,et al.  Distributed Detection of Single-Stage Multipoint Cyber Attacks in a Water Treatment Plant , 2016, AsiaCCS.

[18]  Sridhar Adepu,et al.  Anomaly Detection in Cyber Physical Systems Using Recurrent Neural Networks , 2017, 2017 IEEE 18th International Symposium on High Assurance Systems Engineering (HASE).

[19]  Stefan Rass,et al.  Decision and Game Theory for Security , 2017, Lecture Notes in Computer Science.

[20]  Sridhar Adepu,et al.  An Investigation into the Response of a Water Treatment System to Cyber Attacks , 2016, 2016 IEEE 17th International Symposium on High Assurance Systems Engineering (HASE).

[21]  Weiyi Liu,et al.  Security analysis for Cyber-Physical Systems against stealthy deception attacks , 2013, 2013 American Control Conference.

[22]  Xavier Litrico,et al.  Cyber Security of Water SCADA Systems—Part I: Analysis and Experimentation of Stealthy Deception Attacks , 2013, IEEE Transactions on Control Systems Technology.

[23]  Sridhar Adepu,et al.  An Approach for Formal Analysis of the Security of a Water Treatment Testbed , 2018, 2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing (PRDC).

[24]  Edward A. Lee Cyber Physical Systems: Design Challenges , 2008, 2008 11th IEEE International Symposium on Object and Component-Oriented Real-Time Distributed Computing (ISORC).

[25]  Sridhar Adepu,et al.  Assessing the Effectiveness of Attack Detection at a Hackfest on Industrial Control Systems , 2018, IEEE Transactions on Sustainable Computing.

[26]  Joseph Mendola,et al.  From the Good , 2014 .

[27]  Karen A. Scarfone,et al.  Guide to Industrial Control Systems (ICS) Security , 2015 .

[28]  Daniel Jackson,et al.  Model-Based Security Analysis of a Water Treatment System , 2016, 2016 IEEE/ACM 2nd International Workshop on Software Engineering for Smart Cyber-Physical Systems (SEsCPS).

[29]  Sharon Weinberger,et al.  Computer security: Is this the start of cyberwarfare? , 2011, Nature.

[30]  Hongsong Chen,et al.  Multi-stage crypto ransomware attacks: A new emerging cyber threat to critical infrastructure and industrial control systems , 2018, ICT Express.

[31]  Haider Abbas,et al.  Cloud-Assisted IoT-Based SCADA Systems Security: A Review of the State of the Art and Future Challenges , 2016, IEEE Access.

[32]  S. Shankar Sastry,et al.  Secure Control: Towards Survivable Cyber-Physical Systems , 2008, 2008 The 28th International Conference on Distributed Computing Systems Workshops.

[33]  Sridhar Adepu,et al.  Access Control in Water Distribution Networks: A Case Study , 2017, 2017 IEEE International Conference on Software Quality, Reliability and Security (QRS).

[34]  Craig Valli,et al.  The convergence of IT and OT in critical infrastructure , 2017 .

[35]  Tsuyoshi Murata,et al.  {m , 1934, ACML.

[36]  Qin Lin,et al.  TABOR: A Graphical Model-based Approach for Anomaly Detection in Industrial Control Systems , 2018, AsiaCCS.

[37]  Threat Landscape for Industrial Automation Systems in H 2 , 2017 .

[38]  Jun Sun,et al.  Learning from Mutants: Using Code Mutation to Learn and Monitor Invariants of a Cyber-Physical System , 2018, 2018 IEEE Symposium on Security and Privacy (SP).

[39]  Fengjun Li,et al.  Cyber-Physical Systems Security—A Survey , 2017, IEEE Internet of Things Journal.

[40]  Sridhar Adepu,et al.  Generalized Attacker and Attack Models for Cyber Physical Systems , 2016, 2016 IEEE 40th Annual Computer Software and Applications Conference (COMPSAC).

[41]  Marion Kee,et al.  Analysis , 2004, Machine Translation.

[42]  Raghunathan Rengaswamy,et al.  Sensor network design for contaminant detection and identification in water distribution networks , 2016, Comput. Chem. Eng..

[43]  Alvaro A. Cárdenas,et al.  Attacks against process control systems: risk assessment, detection, and response , 2011, ASIACCS '11.

[44]  Avi Ostfeld,et al.  Battle of the Attack Detection Algorithms: Disclosing Cyber Attacks on Water Distribution Networks , 2018, Journal of Water Resources Planning and Management.