Finite energy and bounded actuator attacks on cyber-physical systems

As control system networks are being connected to enterprise level networks for remote monitoring, operation, and system-wide performance optimization, these same connections are providing vulnerabilities that can be exploited by malicious actors for attack, financial gain, and theft of intellectual property. Much effort in cyber-physical system (CPS) protection has focused on protecting the borders of the system through traditional information security techniques. Less effort has been applied to the protection of cyber-physical systems from intelligent attacks launched after an attacker has defeated the information security protections to gain access to the control system. In this paper, attacks on actuator signals are analyzed from a system theoretic context. The threat surface is classified into finite energy and bounded attacks. These two broad classes encompass a large range of potential attacks. The effect of theses attacks on a linear quadratic (LQ) control are analyzed, and the optimal actuator attacks for both finite and infinite horizon LQ control are derived, therefore the worst case attack signals are obtained. The closed-loop system under the optimal attack signals is given and a numerical example illustrating the effect of an optimal bounded attack is provided.

[1]  S. Shankar Sastry,et al.  Safe and Secure Networked Control Systems under Denial-of-Service Attacks , 2009, HSCC.

[2]  Minghui Zhu,et al.  Stackelberg-game analysis of correlated attacks in cyber-physical systems , 2011, Proceedings of the 2011 American Control Conference.

[3]  Hassan Nafaa Cracks in the System , 2006 .

[4]  Francesco Borrelli,et al.  Distributed LQR Design for Identical Dynamically Decoupled Systems , 2008, IEEE Transactions on Automatic Control.

[5]  Kevin Fu,et al.  Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[6]  Jill Slay,et al.  Lessons Learned from the Maroochy Water Breach , 2007, Critical Infrastructure Protection.

[7]  Jin Dong,et al.  Finite energy and bounded attacks on control system sensor signals , 2014, 2014 American Control Conference.

[8]  Karl Henrik Johansson,et al.  Cyber security analysis of state estimators in electric power systems , 2010, 49th IEEE Conference on Decision and Control (CDC).

[9]  S. Shankar Sastry,et al.  Research Challenges for the Security of Control Systems , 2008, HotSec.

[10]  David J. N. Limebeer,et al.  Linear Robust Control , 1994 .

[11]  Bruno Sinopoli,et al.  Secure control against replay attacks , 2009, 2009 47th Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[12]  Bruno Sinopoli,et al.  Challenges for Securing Cyber Physical Systems , 2009 .

[13]  Peng Ning,et al.  False data injection attacks against state estimation in electric power grids , 2011, TSEC.

[14]  Xiao Ma,et al.  Key establishment via common state information in networked control systems , 2011, Proceedings of the 2011 American Control Conference.

[15]  E. Poster,et al.  Cracks in the system: professional and continuing education under scrutiny. , 2003, Journal of child and adolescent psychiatric nursing : official publication of the Association of Child and Adolescent Psychiatric Nurses, Inc.

[16]  Florian Dörfler,et al.  Attack Detection and Identification in Cyber-Physical Systems -- Part II: Centralized and Distributed Monitor Design , 2012, ArXiv.

[17]  J. Doyle,et al.  Robust and optimal control , 1995, Proceedings of 35th IEEE Conference on Decision and Control.

[18]  Quanyan Zhu,et al.  Robust and resilient control design for cyber-physical systems with an application to power systems , 2011, IEEE Conference on Decision and Control and European Control Conference.

[19]  John S. Baras,et al.  Robust State Estimation under False Data Injection in Distributed Sensor Networks , 2010, 2010 IEEE Global Telecommunications Conference GLOBECOM 2010.