Control-Theoretic Methods for Cyber-Physical Security

Cyber-physical systems integrate physical processes, computational resources, and communication capabilities. Cyber-physical systems have permeated modern society becoming prevalent in many domains including energy production, health care, and telecommunications. Examples of cyber-physical systems include sensor networks, industrial automation systems , and critical infrastructures such as transportation networks , power generation and distribution networks, water and gas distribution networks, and advanced communication systems. The integration of cyber technologies with physical processes increases systems efficiency and, at the same time, introduces vulnerabilities that undermine the reliability of critical infrastructures. As recently highlighted by the Ma-roochy water breach in March 2000 [1], multiple recent power blackouts in Brazil [2], the SQL Slammer worm attack on the Davis-Besse nuclear plant in January 2003 [3], the StuxNet computer worm in June 2010 [4], and various industrial security incidents [5], cyber-physical systems are prone to failures and attacks on their physical infrastructure, and cyber attacks on their data management and communication layer [6], [7]. Concerns about security of systems are not new, as the numerous manuscripts on systems fault detection, isolation, and recovery testify [8], [9]. Cyber-physical systems, however, suffer from specific vulnerabilities that do not affect classical systems, and for which appropriate detection and identification techniques need to be developed. For instance, the reliance of cyber-physical systems on communication networks and standard communication protocols to transmit measurements and control packets increases the possibility of intentional and unforeseen attacks against physical plants. On the other hand, information security methods, such as authentication, access control, and message integrity, appear inadequate for a satisfactory protection of cyber-physical systems. In fact, these information security methods do not exploit the compatibility of the measurements with the underlying physical process or the control mechanism, and they are ineffective, for instance, against insider attacks and attacks targeting the physical dynamics [1]. The analysis of vulnerabilities of cyber-physical systems to external attacks has received increasing attention in the last years. The general approach has been to study the effect of specific attacks against particular systems. For instance, in [10] deception and denial of service attacks against a networked control system are defined, and, for the latter ones, a countermeasure based on semi-definite programming is proposed. Deception attacks refer to the possibility of compromising the integrity of control packets or measurements, and they are cast by altering the behavior of sensors and actuators. Denial of service attacks, instead, compromise the availability of resources by, for …

[1]  J. Pearson Linear multivariable control, a geometric approach , 1977 .

[2]  Andrzej J. Osiadacz Osiadacz,et al.  Simulation and Analysis of Gas Networks , 1987 .

[3]  Kurt Johannes Reinschke,et al.  Multivariable Control a Graph-theoretic Approach , 1988 .

[4]  A. Willsky,et al.  Failure detection and identification , 1989 .

[5]  Hoover Powerplant An Application of Prony Methods in PSS Design for Multimachine Systems , 1991 .

[6]  Ton Geerts Invariant subspaces and invertibility properties for singular systems: The general case , 1993 .

[7]  G. Basile,et al.  Controlled and conditioned invariants in linear system theory , 1992 .

[8]  Michèle Basseville,et al.  Detection of abrupt changes: theory and application , 1993 .

[9]  Prodromos Daoutidis,et al.  Control of Nonlinear Differential-Algebraic-Equation Systems with Disturbances , 1995 .

[10]  C. L. DeMarco,et al.  The potential for malicious control in a competitive power systems environment , 1996, Proceeding of the 1996 IEEE International Conference on Control Applications IEEE International Conference on Control Applications held together with IEEE International Symposium on Intelligent Contro.

[11]  Christian Commault,et al.  Generic properties and control of linear structured systems: a survey , 2003, Autom..

[12]  Ernst Scholtz,et al.  Observer-based monitors and distributed wave controllers for electromechanical disturbances in power systems , 2004 .

[13]  A. G. Expósito,et al.  Power system state estimation : theory and implementation , 2004 .

[14]  Jill Slay,et al.  Lessons Learned from the Maroochy Water Breach , 2007, Critical Infrastructure Protection.

[15]  S. Shankar Sastry,et al.  Research Challenges for the Security of Control Systems , 2008, HotSec.

[16]  Xavier Litrico,et al.  Modeling and Control of Hydrosystems , 2009 .

[17]  Bruno Sinopoli,et al.  Secure control against replay attacks , 2009, 2009 47th Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[18]  Peng Ning,et al.  False data injection attacks against state estimation in electric power grids , 2009, CCS.

[19]  S. Shankar Sastry,et al.  Safe and Secure Networked Control Systems under Denial-of-Service Attacks , 2009, HSCC.

[20]  Marc C. Steinbach,et al.  Optimization models for operative planning in drinking water networks , 2009 .

[21]  Karl Henrik Johansson,et al.  Cyber security analysis of state estimators in electric power systems , 2010, 49th IEEE Conference on Decision and Control (CDC).

[22]  Xavier Litrico,et al.  Stealthy deception attacks on water SCADA systems , 2010, HSCC '10.

[23]  Randy L. Ekl,et al.  Security Technology for Smart Grid Networks , 2010, IEEE Transactions on Smart Grid.

[24]  Marios M. Polycarpou,et al.  A Fault Diagnosis and Security Framework for Water Systems , 2010, IEEE Transactions on Control Systems Technology.

[25]  Juan Pablo Conti,et al.  The day the samba stopped , 2010 .

[26]  Henrik Sandberg,et al.  Stealth Attacks and Protection Schemes for State Estimators in Power Systems , 2010, 2010 First IEEE International Conference on Smart Grid Communications.

[27]  Yilin Mo,et al.  False Data Injection Attacks in Control Systems , 2010 .

[28]  Minghui Zhu,et al.  Stackelberg-game analysis of correlated attacks in cyber-physical systems , 2011, Proceedings of the 2011 American Control Conference.

[29]  Kameshwar Poolla,et al.  Smart grid data integrity attacks: characterizations and countermeasuresπ , 2011, 2011 IEEE International Conference on Smart Grid Communications (SmartGridComm).

[30]  Paulo Tabuada,et al.  Secure state-estimation for dynamical systems under active adversaries , 2011, 2011 49th Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[31]  F. Bullo,et al.  A graph-theoretical characterization of power network vulnerabilities , 2011, Proceedings of the 2011 American Control Conference.

[32]  Rafal Rohozinski,et al.  Stuxnet and the Future of Cyber War , 2011 .

[33]  Florian Dörfler,et al.  Cyber-physical attacks in power networks: Models, fundamental limitations and monitor design , 2011, IEEE Conference on Decision and Control and European Control Conference.

[34]  Shreyas Sundaram,et al.  Distributed Function Calculation via Linear Iterative Strategies in the Presence of Malicious Agents , 2011, IEEE Transactions on Automatic Control.

[35]  Roy S. Smith,et al.  A Decoupled Feedback Structure for Covertly Appropriating Networked Control Systems , 2011 .

[36]  Hamed Mohsenian Rad,et al.  Distributed Internet-Based Load Altering Attacks Against Smart Power Grids , 2011, IEEE Transactions on Smart Grid.

[37]  Florian Dörfler,et al.  Cyber-physical security via geometric control: Distributed monitoring and malicious attacks , 2012, 2012 IEEE 51st IEEE Conference on Decision and Control (CDC).

[38]  Antonio Bicchi,et al.  Consensus Computation in Unreliable Networks: A System Theoretic Approach , 2010, IEEE Transactions on Automatic Control.

[39]  Sonia Martínez,et al.  On Distributed Convex Optimization Under Inequality and Equality Constraints , 2010, IEEE Transactions on Automatic Control.

[40]  Siddharth Sridhar,et al.  Cyber–Physical System Security for the Electric Power Grid , 2012, Proceedings of the IEEE.

[41]  Florian Dörfler,et al.  Attack Detection and Identification in Cyber-Physical Systems -- Part II: Centralized and Distributed Monitor Design , 2012, ArXiv.

[42]  Florian Dörfler,et al.  Continuous-Time Distributed Observers With Discrete Communication , 2013, IEEE Journal of Selected Topics in Signal Processing.

[43]  Karl Henrik Johansson,et al.  A secure control framework for resource-limited adversaries , 2012, Autom..