A controller design for mitigation of passive system identification attacks in networked control systems

Abstract: The literature regarding attacks in Networked Control Systems (NCS) indicates that covert and accurate attacks must be designed based on an accurate knowledge about the model of the attacked system. In this context, the literature on NCS presents the Passive System Identification attack as a metaheuristic-based tool to provide the attacker with the required system models. However, the scientific literature does not report countermeasures to mitigate the identification process performed by such passive metaheur… Show more

“…A vast collection of scientific literature about cybersecurity in Industrial Control Systems (ICS) is available, reporting security breaches in all major Real-Time Ethernet (RTE) protocols used in industry [21][22][23][24][25][26][27][28]. Therefore, considering the feasibility of occurring cyber-attacks against physical systems, as demonstrated by the real cases already reported in the literature [7,14,17], studies have been conducted aiming to characterize vulnerabilities and promote security solutions for NCSs [8,12,13,15,16,29].…”

“…It is possible to verify in the literature [7,8,12,13,15,16,21,22,26,[29][30][31][32][33][34][35][36] that in cyber-physical systems (which includes NCSs), a relevant portion of the attack surface often lies in the communication process between sensors/actuators and controllers. For this reason, in the ICS cybersecurity landscape, significant attention has been given to the study of cyber-attacks to sensor/actuator systems [7].…”

“…Aiming to improve the cybersecurity of NCSs, the authors of [29] discuss countermeasures that can be used to mitigate data injection attacks executed within the communication between sensors/actuators and controllers. These countermeasures can be systematically thought in a layered defense strategy [29] to avoid access to the control loop and data.…”

“…Aiming to improve the cybersecurity of NCSs, the authors of [29] discuss countermeasures that can be used to mitigate data injection attacks executed within the communication between sensors/actuators and controllers. These countermeasures can be systematically thought in a layered defense strategy [29] to avoid access to the control loop and data. Non-authorized access to the NCS control loop can be obtained, for instance, by using network segmentation, demilitarized zones (DMZ), firewall policies and implementing specific network architectures, such as described in [31].…”

“…Now, given (28), the attack function M(z) can be estimated by an optimization algorithm (e.g., the BSA), such as described in Section 3.1. In this case, if C(z) and P(z) are known (which is feasible for the NCS owner), M(z) can be estimated by applyingω j (0)δ(k) in an estimated system, defined by (29)…”

Identification of Data Injection Attacks in Networked Control Systems Using Noise Impulse Integration

“…A vast collection of scientific literature about cybersecurity in Industrial Control Systems (ICS) is available, reporting security breaches in all major Real-Time Ethernet (RTE) protocols used in industry [21][22][23][24][25][26][27][28]. Therefore, considering the feasibility of occurring cyber-attacks against physical systems, as demonstrated by the real cases already reported in the literature [7,14,17], studies have been conducted aiming to characterize vulnerabilities and promote security solutions for NCSs [8,12,13,15,16,29].…”

“…It is possible to verify in the literature [7,8,12,13,15,16,21,22,26,[29][30][31][32][33][34][35][36] that in cyber-physical systems (which includes NCSs), a relevant portion of the attack surface often lies in the communication process between sensors/actuators and controllers. For this reason, in the ICS cybersecurity landscape, significant attention has been given to the study of cyber-attacks to sensor/actuator systems [7].…”

“…Aiming to improve the cybersecurity of NCSs, the authors of [29] discuss countermeasures that can be used to mitigate data injection attacks executed within the communication between sensors/actuators and controllers. These countermeasures can be systematically thought in a layered defense strategy [29] to avoid access to the control loop and data.…”

“…Aiming to improve the cybersecurity of NCSs, the authors of [29] discuss countermeasures that can be used to mitigate data injection attacks executed within the communication between sensors/actuators and controllers. These countermeasures can be systematically thought in a layered defense strategy [29] to avoid access to the control loop and data. Non-authorized access to the NCS control loop can be obtained, for instance, by using network segmentation, demilitarized zones (DMZ), firewall policies and implementing specific network architectures, such as described in [31].…”

“…Now, given (28), the attack function M(z) can be estimated by an optimization algorithm (e.g., the BSA), such as described in Section 3.1. In this case, if C(z) and P(z) are known (which is feasible for the NCS owner), M(z) can be estimated by applyingω j (0)δ(k) in an estimated system, defined by (29)…”

Identification of Data Injection Attacks in Networked Control Systems Using Noise Impulse Integration

Bio-inspired System Identification Attacks in Noisy Networked Control Systems

Bibliographical review on cyber attacks from a control oriented perspective