False Logic Attacks on SCADA Control System

A cyber security incident in SCADA systems can cause the disruption of physical process, and may result in significant economic loss, environmental disasters or even human casualties. To exploit the feature of the physical process and find the potential attacks, this paper presents and analyzes a new class of cyber-physical attacks, named false logic attacks, against the logic of control process in SCADA systems. In addition, it proposes a model for false logic attacks, which is useful for analyzing how attacks can affect the physical system. An experiment is performed to illustrate the concepts, and the effect of false logic attacks are also discussed.

[1]  Ing-Ray Chen,et al.  Behavior Rule Based Intrusion Detection for Supporting Secure Medical Cyber Physical Systems , 2012, 2012 21st International Conference on Computer Communications and Networks (ICCCN).

[2]  Alvaro A. Cárdenas,et al.  Attacks against process control systems: risk assessment, detection, and response , 2011, ASIACCS '11.

[3]  Ing-Ray Chen,et al.  Adaptive Intrusion Detection of Malicious Unmanned Air Vehicles Using Behavior Rule Specifications , 2014, IEEE Transactions on Systems, Man, and Cybernetics: Systems.

[4]  Igor Nai Fovino,et al.  A Multidimensional Critical State Analysis for Detecting Intrusions in SCADA Systems , 2011, IEEE Transactions on Industrial Informatics.

[5]  Vinay M. Igure,et al.  Security issues in SCADA networks , 2006, Comput. Secur..

[6]  Igor Nai Fovino,et al.  State-Based Network Intrusion Detection Systems for SCADA Protocols: A Proof of Concept , 2009, CRITIS.

[7]  Martin Naedele,et al.  Security for Process Control Systems: An Overview , 2008, IEEE Security & Privacy Magazine.

[8]  G. Manimaran,et al.  Cybersecurity for Critical Infrastructures: Attack and Defense Modeling , 2010, IEEE Transactions on Systems, Man, and Cybernetics - Part A: Systems and Humans.

[9]  G. Manimaran,et al.  Data integrity attacks and their impacts on SCADA control system , 2010, IEEE PES General Meeting.

[10]  Bruno Sinopoli,et al.  Detecting Integrity Attacks on SCADA Systems , 2014, IEEE Transactions on Control Systems Technology.

[11]  Igor Nai Fovino,et al.  Modbus/DNP3 State-Based Intrusion Detection System , 2010, 2010 24th IEEE International Conference on Advanced Information Networking and Applications.

[12]  Zahir Tari,et al.  SCADASim—A Framework for Building SCADA Simulations , 2011, IEEE Transactions on Smart Grid.

[13]  Peng Ning,et al.  False data injection attacks against state estimation in electric power grids , 2009, CCS.

[14]  Ing-Ray Chen,et al.  Behavior-Rule Based Intrusion Detection Systems for Safety Critical Smart Grid Applications , 2013, IEEE Transactions on Smart Grid.

[15]  S. Shankar Sastry,et al.  A Taxonomy of Cyber Attacks on SCADA Systems , 2011, 2011 International Conference on Internet of Things and 4th International Conference on Cyber, Physical and Social Computing.

[16]  K. McLaughlin,et al.  Multiattribute SCADA-Specific Intrusion Detection System for Power Networks , 2014, IEEE Transactions on Power Delivery.

[17]  Dale C. Rowe,et al.  A survey SCADA of and critical infrastructure incidents , 2012, RIIT '12.

[18]  G. Manimaran,et al.  Data integrity attack and its impacts on voltage control loop in power grid , 2011, 2011 IEEE Power and Energy Society General Meeting.

[19]  Aiko Pras,et al.  Intrusion Detection in SCADA Networks , 2010, AIMS.

[20]  Roberto Uribeetxeberria,et al.  A Review of SCADA Anomaly Detection Systems , 2011, SOCO.

[21]  Yoohwan Kim,et al.  Application of NTRU Cryptographic Algorithm for SCADA Security , 2014, 2014 11th International Conference on Information Technology: New Generations.

[22]  Ning Lu,et al.  Safeguarding SCADA Systems with Anomaly Detection , 2003, MMM-ACNS.

[23]  S. Shankar Sastry,et al.  Understanding the physical and economic consequences of attacks on control systems , 2009, Int. J. Crit. Infrastructure Prot..

[24]  Karl Henrik Johansson,et al.  Attack models and scenarios for networked control systems , 2012, HiCoNS '12.