Security Against Network Attacks in Supervisory Control Systems

Abstract Cyber-physical systems (CPSs) integrate computing and communication capabilities to monitor and control physical processes. In order to do so, communication networks are commonly used to connect sensors, actuators, and controllers to monitor and control physical systems. The use of communication networks increases the vulnerability of the CPS to cyber attacks that can drive the system to unsafe states. One of the most powerful cyber attacks is the so-called man-in-the-middle attack, where the intruder can observe, hide, create or replace information in the attacked network channel. We propose in this paper a defense strategy that detects intrusions and prevent damages caused by man-in-the-middle attacks in the sensor and/or control communication channels in supervisory control systems. We also introduce the definition of NA-Safe controllability, and we propose an algorithm to verify this property.

[1]  D. Thorsley,et al.  Intrusion Detection in Controlled Discrete Event Systems , 2006, Proceedings of the 45th IEEE Conference on Decision and Control.

[2]  Christos G. Cassandras,et al.  Introduction to Discrete Event Systems , 1999, The Kluwer International Series on Discrete Event Dynamic Systems.

[3]  Douglas E. Comer Computer networks and lnternets , 1996 .

[4]  Tai C Yang,et al.  Networked control system: a brief survey , 2006 .

[5]  Yvette Ghormley,et al.  Security Policies and Procedures , 2009 .

[6]  Stéphane Lafortune,et al.  Robust diagnosis of discrete-event systems subject to permanent sensor failures , 2010, WODES.

[7]  José E. R. Cury,et al.  Modular Supervisory Control of Large Scale Discrete Event Systems , 2000 .

[8]  Stéphane Lafortune,et al.  Detection and prevention of actuator enablement attacks in supervisory control systems , 2016, 2016 13th International Workshop on Discrete Event Systems (WODES).

[9]  Jiafu Wan,et al.  A survey of Cyber-Physical Systems , 2011, 2011 International Conference on Wireless Communications and Signal Processing (WCSP).

[10]  D.M. Tilbury,et al.  Modular Supervisory Control of Discrete-Event Systems with Abstraction and Incremental Hierarchical Construction , 2006, 2006 8th International Workshop on Discrete Event Systems.

[11]  Ling Shi,et al.  Online Deception Attack against Remote State Estimation , 2014 .

[12]  Raja Sengupta,et al.  Diagnosability of discrete-event systems , 1995, IEEE Trans. Autom. Control..

[13]  Danda B. Rawat,et al.  Cyber security for smart grid systems: Status, challenges and perspectives , 2015, SoutheastCon 2015.

[14]  Roy S. Smith,et al.  A Decoupled Feedback Structure for Covertly Appropriating Networked Control Systems , 2011 .

[15]  João Carlos Basilio,et al.  Polynomial Time Verification of Decentralized Diagnosability of Discrete Event Systems , 2011, IEEE Transactions on Automatic Control.

[16]  Paulo Tabuada,et al.  Secure Estimation and Control for Cyber-Physical Systems Under Adversarial Attacks , 2012, IEEE Transactions on Automatic Control.

[17]  Florian Dörfler,et al.  Attack Detection and Identification in Cyber-Physical Systems -- Part II: Centralized and Distributed Monitor Design , 2012, ArXiv.

[18]  João Carlos Basilio,et al.  Computation of minimal diagnosis bases of Discrete-Event Systems using verifiers , 2017, Autom..

[19]  João Carlos Basilio,et al.  Polynomial Time Verification of Decentralized Diagnosability of Discrete Event Systems , 2011, IEEE Trans. Autom. Control..

[20]  João Carlos Basilio,et al.  A Petri Net Diagnoser for Discrete Event Systems Modeled by Finite State Automata , 2015, IEEE Transactions on Automatic Control.

[21]  Kameshwar Poolla,et al.  Building Efficiency and Sustainability in the Tropics ( SinBerBEST ) , 2012 .

[22]  Paulo Tabuada,et al.  Secure state-estimation for dynamical systems under active adversaries , 2011, 2011 49th Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[23]  Shreyas Sundaram,et al.  Distributed Function Calculation via Linear Iterative Strategies in the Presence of Malicious Agents , 2011, IEEE Transactions on Automatic Control.

[24]  Thomas Moor,et al.  Nonblocking Hierarchical Control of Decentralized Discrete Event Systems , 2008, IEEE Transactions on Automatic Control.

[25]  Jaideep Srivastava,et al.  Managing Cyber Threats , 2005 .

[26]  Heejo Lee,et al.  This article has been accepted for inclusion in a future issue of this journal. Content is final as presented, with the exception of pagination. INVITED PAPER Cyber–Physical Security of a Smart Grid Infrastructure , 2022 .

[27]  Xavier Litrico,et al.  Cyber Security of Water SCADA Systems—Part I: Analysis and Experimentation of Stealthy Deception Attacks , 2013, IEEE Transactions on Control Systems Technology.

[28]  Shahin Hashtrudi-Zad,et al.  Fault diagnosis in discrete-event systems: framework and model reduction , 2003, IEEE Trans. Autom. Control..

[29]  W. M. Wonham,et al.  The control of discrete event systems , 1989 .

[30]  Carsten Rudolph,et al.  Integrity protection in a smart grid environment for wireless access of smart meters , 2014, 2014 2nd International Symposium on Wireless Systems within the Conferences on Intelligent Data Acquisition and Advanced Computing Systems.

[31]  Karl Henrik Johansson,et al.  Cyber security analysis of state estimators in electric power systems , 2010, 49th IEEE Conference on Decision and Control (CDC).

[32]  João Carlos Basilio,et al.  Generalized Robust Diagnosability of Discrete Event Systems , 2011 .

[33]  Mauro Conti,et al.  A Survey of Man In The Middle Attacks , 2016, IEEE Communications Surveys & Tutorials.