Investigation of control theoretic cyber attacks on controllers

National critical infrastructures like power plants, power grids, industrial process plants, water distribution systems employ a hierarchy of controllers designed to control the physical/chemical processes safely and optimally. They deploy sophisticated control algorithms implemented in software and exchange control commands and information over networks. Various researches have examined attack scenarios in such embedded control systems from control theoretic perspectives. This paper revisits the theoretical aspects of these attacks and postulates that such attacks can be detected by statistical techniques like sequential probability ratio test SPRT, cumulative sum CUSUM, multiple model Kalman filter etc. The proposed techniques are studied closely for their effectiveness by extensive simulations.

[1]  Rossouw von Solms,et al.  From information security to cyber security , 2013, Comput. Secur..

[2]  Michèle Basseville,et al.  Early warning of slight changes in systems , 1994, Autom..

[3]  Deepa Kundur,et al.  Cyber attack detection in PMU measurements via the expectation-maximization algorithm , 2014, 2014 IEEE Global Conference on Signal and Information Processing (GlobalSIP).

[4]  A. K. Bhattacharjee,et al.  Online Monitoring of a Cyber Physical System Against Control Aware Cyber Attacks , 2015 .

[5]  Bruno Sinopoli,et al.  Secure control against replay attacks , 2009, 2009 47th Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[6]  Béla Genge,et al.  Experimental assessment of network design approaches for protecting industrial control systems , 2015, Int. J. Crit. Infrastructure Prot..

[7]  R. K. Shyamasundar,et al.  Security and protection of SCADA: a bigdata algorithmic approach , 2013, SIN.

[8]  Béla Genge,et al.  A system dynamics approach for assessing the impact of cyber attacks on critical infrastructures , 2015, Int. J. Crit. Infrastructure Prot..

[9]  Piroska Haller,et al.  Data clustering-based anomaly detection in industrial control systems , 2014, 2014 IEEE 10th International Conference on Intelligent Computer Communication and Processing (ICCP).

[10]  Béla Genge,et al.  Cyber-Security-Aware Network Design of Industrial Control Systems , 2017, IEEE Systems Journal.

[11]  Alvaro A. Cárdenas,et al.  Attacks against process control systems: risk assessment, detection, and response , 2011, ASIACCS '11.

[12]  Dennis Shasha,et al.  StatStream: Statistical Monitoring of Thousands of Data Streams in Real Time , 2002, VLDB.

[13]  Michèle Basseville,et al.  Detecting changes in signals and systems - A survey , 1988, Autom..

[14]  Katsuhiko Ogata,et al.  Modern Control Engineering , 1970 .

[15]  Ernesto Damiani,et al.  Composite Intrusion Detection in Process Control Networks , 2008 .

[16]  Alan S. Willsky,et al.  A survey of design methods for failure detection in dynamic systems , 1976, Autom..

[17]  Manuel Mazo Espinosa,et al.  Contributions to the control of networked cyber-physical systems , 2010 .

[18]  Alwyn E. Goodloe,et al.  Monitoring Distributed Real-Time Systems: A Survey and Future Directions , 2010 .

[19]  Peter S. Maybeck,et al.  Stochastic Models, Estimation And Control , 2012 .

[20]  A. K. Bhattacharjee,et al.  Confirmation of Theoretical Results Regarding Control Theoretic Cyber Attacks on Controllers , 2013 .

[21]  Béla Genge,et al.  A clustering-based approach to detect cyber attacks in process control systems , 2015, 2015 IEEE 13th International Conference on Industrial Informatics (INDIN).

[22]  Daniel Perez Huertas Cyber-security and safety analysis of interconnected water tank control systems , 2013 .

[23]  S. Shankar Sastry,et al.  Secure Control: Towards Survivable Cyber-Physical Systems , 2008, 2008 The 28th International Conference on Distributed Computing Systems Workshops.

[24]  S. Shankar Sastry,et al.  Understanding the physical and economic consequences of attacks on control systems , 2009, Int. J. Crit. Infrastructure Prot..

[25]  Jill Slay,et al.  Lessons Learned from the Maroochy Water Breach , 2007, Critical Infrastructure Protection.

[26]  Peng Ning,et al.  False data injection attacks against state estimation in electric power grids , 2009, CCS.

[27]  M. Basseville,et al.  Edge detection using sequential methods for change in level--Part II: Sequential detection of change in mean , 1981 .