论文信息 - Stealthy deception attacks on water SCADA systems

Stealthy deception attacks on water SCADA systems

This article investigates the vulnerabilities of Supervisory Control and Data Acquisition (SCADA) systems which monitor and control the modern day irrigation canal systems. This type of monitoring and control infrastructure is also common for many other water distribution systems. We present a linearized shallow water partial differential equation (PDE) system that can model water flow in a network of canal pools which are equipped with lateral offtakes for water withdrawal and are connected by automated gates. The knowledge of the system dynamics enables us to develop a deception attack scheme based on switching the PDE parameters and proportional (P) boundary control actions, to withdraw water from the pools through offtakes. We briefly discuss the limits on detectability of such attacks. We use a known formulation based on low frequency approximation of the PDE model and an associated proportional integral (PI) controller, to create a stealthy deception scheme capable of compromising the performance of the closed-loop system. We test the proposed attack scheme in simulation, using a shallow water solver; and show that the attack is indeed realizable in practice by implementing it on a physical canal in Southern France: the Gignac canal. A successful field experiment shows that the attack scheme enables us to steal water stealthily from the canal until the end of the attack.

[1] Xavier Litrico,et al. Automatic Tuning of PI Controllers for an Irrigation Canal Pool , 2007 .

[2] Karl Johan Åström,et al. PID Controllers: Theory, Design, and Tuning , 1995 .

[3] A link between Riemann invariants and frequency domain approaches for boundary control of open channel flow , 2008, 2008 47th IEEE Conference on Decision and Control.

[4] Xavier Litrico,et al. Analytical approximation of open-channel flow for controller design , 2004 .

[5] Xavier Litrico,et al. Boundary control of hyperbolic conservation laws using a frequency domain approach , 2006, Proceedings of the 45th IEEE Conference on Decision and Control.

[6] Jonathan de Halleux,et al. Boundary feedback control in networks of open channels , 2003, Autom..

[7] Alexandre M. Bayen,et al. On Stability of Switched Linear Hyperbolic Conservation Laws with Reflecting Boundaries , 2008, HSCC.

[8] S. Shankar Sastry,et al. Research Challenges for the Security of Control Systems , 2008, HotSec.

[9] Xavier Litrico,et al. Modeling and Control of Hydrosystems , 2009 .

[10] Georges Bastin,et al. Methods for the localization of a leak in open water channels , 2009, Networks Heterog. Media.

[11] Pierre-Olivier Malaterre,et al. SCADA INTERFACE OF THE SIC SOFTWARE FOR EASY REAL TIME APPLICATION OF ADVANCED REGULATION ALGORITHMS , 2007 .