André Teixeira
ABSTRACT
Cyber-secure networked control is modeled, analyzed, and experimentally illustrated in this paper. An attack space defined by the adversary's system knowledge, disclosure, and disruption resources is introduced. Adversaries constrained by these resources are modeled for a networked control system architecture. It is shown that attack scenarios corresponding to replay, zero dynamics, and bias injection attacks can be analyzed using this framework. An experimental setup based on a quadruple-tank process controlled over a wireless network is used to illustrate the attack scenarios, their consequences, and potential counter-measures.
- S. Amin, A. Cárdenas, and S. Sastry. Safe and secure networked control systems under denial-of-service attacks. In Hybrid Systems: Computation and Control, pages 31--45. Lecture Notes in Computer Science. Springer Berlin / Heidelberg, April 2009. Google Scholar
Digital Library
- S. Amin, X. Litrico, S. S. Sastry, and A. M. Bayen. Stealthy deception attacks on water scada systems. In Proc. of the 13th ACM Int. Conf. on Hybrid systems: computation and control, HSCC '10, New York, NY, USA, 2010. ACM. Google ScholarDigital Library
- M. Bishop. Computer Security: Art and Science. Addison-Wesley Professional, 2002.Google ScholarDigital Library
- A. Cárdenas, S. Amin, and S. Sastry. Research challenges for the security of control systems. In Proc. 3rd USENIX Workshop on Hot topics in security, July 2008. Google ScholarDigital Library
- J. Chen and R. J. Patton. Robust Model-Based Fault Diagnosis for Dynamic Systems. Kluwer Academic Publishers, 1999. Google ScholarDigital Library
- S. X. Ding. Model-based Fault Diagnosis Techniques: Design Schemes. Springer Verlag, 2008. Google ScholarDigital Library
- A. Giani, S. Sastry, K. H. Johansson, and H. Sandberg. The VIKING project: an initiative on resilient control of power networks. In Proc. 2nd Int. Symp. on Resilient Control Systems, Idaho Falls, ID, USA, Aug. 2009.Google ScholarCross Ref
- S. Gorman. Electricity grid in U.S. penetrated by spies. The Wall Street Journal, page A1, April 8th 2009.Google Scholar
- A. Gupta, C. Langbort, and T. Başar. Optimal control in the presence of an intelligent jammer with limited actions. In Proc. of the 49th IEEE Conf. on Decision and Control (CDC), Dec. 2010.Google ScholarCross Ref
- I. Hwang, S. Kim, Y. Kim, and C. E. Seah. A survey of fault detection, isolation, and reconfiguration methods. IEEE Transactions on Control Systems Technology, 18(3):636--653, May 2010.Google ScholarCross Ref
- K. Johansson. The quadruple-tank process: a multivariable laboratory process with an adjustable zero. IEEE Transactions on Control Systems Technology, 8(3):456--465, May 2000.Google ScholarCross Ref
- O. Kosut, L. Jia, R. Thomas, and L. Tong. Malicious data attacks on smart grid state estimation: Attack strategies and countermeasures. In Proc. of IEEE SmartGridComm, Oct. 2010.Google ScholarCross Ref
- Y. Liu, M. K. Reiter, and P. Ning. False data injection attacks against state estimation in electric power grids. In Proc. 16th ACM Conf. on Computer and Communications Security, pages 21--32, New York, NY, USA, 2009. Google ScholarDigital Library
- Y. Mo and B. Sinopoli. Secure control against replay attack. In 47th Annual Allerton Conference on Communication, Control, and Computing, Oct. 2009. Google ScholarDigital Library
- F. Pasqualetti, F. Dorfler, and F. Bullo. Cyber-physical attacks in power networks: Models, fundamental limitations and monitor design. In Proc. of the 50th IEEE Conf. on Decision and Control and European Control Conference, Orlando, FL, USA, Dec. 2011.Google ScholarCross Ref
- H. Sandberg, A. Teixeira, and K. H. Johansson. On security indices for state estimators in power networks. In Preprints of the First Workshop on Secure Control Systems, CPSWEEK 2010, Stockholm, Sweden, April 2010.Google Scholar
- R. Smith. A decoupled feedback structure for covertly appropriating networked control systems. In Proc. of the 18th IFAC World Congress, Milano, Italy, August-September 2011.Google ScholarCross Ref
- A. Teixeira, H. Sandberg, G. Dán, and K. H. Johansson. Optimal power flow: Closing the loop over corrupted data. In Proc. American Control Conference, 2012. Accepted.Google ScholarCross Ref
- L. Xie, Y. Mo, and B. Sinopoli. False data injection attacks in electricity markets. In First IEEE International Conference on Smart Grid Communications, Oct. 2010.Google ScholarCross Ref
- K. Zhou, J. C. Doyle, and K. Glover. Robust and Optimal Control. Prentice-Hall, Inc., Upper Saddle River, NJ, USA, 1996. Google ScholarDigital Library
Index Terms
- Attack models and scenarios for networked control systems
Recommendations
Attacks against process control systems: risk assessment, detection, and response
ASIACCS '11: Proceedings of the 6th ACM Symposium on Information, Computer and Communications SecurityIn the last years there has been an increasing interest in the security of process control and SCADA systems. Furthermore, recent computer attacks such as the Stuxnet worm, have shown there are parties with the motivation and resources to effectively ...
A secure control framework for resource-limited adversaries
Cyber-secure networked control is modeled, analyzed, and experimentally illustrated in this paper. An attack space defined by the adversary's model knowledge, disclosure, and disruption resources is introduced. Adversaries constrained by these resources ...
Bio-inspired Active System Identification: a Cyber-Physical Intelligence Attack in Networked Control Systems
AbstractFrom the point of view of the control theory, the literature indicates that stealthy and accurate cyber-physical attacks on Networked Control System (NCS) must be planned based on an accurate knowledge about the model of the attacked system. ...
Reviews
Michael G. Murphy
In this paper, Teixeira et al. address cybersecurity issues for networked control systems. Such systems are of great importance to our modern technology infrastructure and affect safety, health, and essential utilities. A model is defined, analyzed, and illustrated on an experimental basis. An attack space is envisioned with orthogonal dimensions of system knowledge, disclosure resources, and disruption resources, and the attack scenarios of replay, zero dynamics, and bias injection lend themselves to analysis in this space. The experimental environment is a quadruple-tank process that is wirelessly controlled. This setup is used to illustrate scenarios, consequences, and possible countermeasures. The introductory section provides the motivation and a summary of related work, and introduces the attack space construct and an overview of the paper's goals. The second section describes the structure of a networked control system, including the physical plan, the communication network, feedback control, and the detection of operation anomalies. The third section addresses the model of adversaries, discussing an attack on networked control systems in general, the role of system knowledge, disclosure resources that gather intelligence, and disruption resources, including physical, deception, and denial-of-service (DoS) attacks. The next section describes attack scenarios with goals and constraints, replay, zero dynamics, and bias injection. The last major section (5) presents the testbed for experimentation and the results for replay, zero dynamics, and bias injection attacks. The paper is insightful and provides mathematics models and a number of helpful diagrams to present conceptual models and experimental results. Online Computing Reviews Service
Access critical reviews of Computing literature here
Become a reviewer for Computing Reviews.
Comments