Active detection for exposing intelligent attacks in control systems

Weerakkody, Sean; Özel, Ömur; Griffioen, Paul; Sinopoli, Bruno

doi:10.1109/ccta.2017.8062639

Cited by 17 publications

(11 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Even though the replay attack is subtle in operation, it is still able to cause a crash if the platoon does not degrade control schemes. However, the level 3 controller appears resilient to the aggressive attack as illustrated in Figure 6 located in Appendix F. This is likely because the level 3 controller has a higher weighting on maintaining constant distance than velocity according to the controller gain in (40).…”

Section: Simulation Resultsmentioning

confidence: 99%

Resilient Control of Platooning Networked Robotic Systems via Dynamic Watermarking

Porter¹,

Joshi²,

Dey³

et al. 2021

Preprint

View full text Add to dashboard Cite

Networked robotic systems, such as connected vehicle platoons, can improve the safety and efficiency of transportation networks by allowing for high-speed coordination. To enable such coordination, these systems rely on networked communications. This can make them susceptible to cyber attacks. Though security methods such as encryption or specially designed network topologies can increase the difficulty of successfully executing such an attack, these techniques are unable to guarantee secure communication against an attacker. More troublingly, these security methods are unable to ensure that individual agents are able to detect attacks that alter the content of specific messages. To ensure resilient behavior under such attacks, this paper formulates a networked linear time-varying version of dynamic watermarking in which each agent generates and adds a private excitation to the input of its corresponding robotic subsystem. This paper demonstrates that such a method can enable each agent in a networked robotic system to detect cyber attacks. By altering measurements sent between vehicles, this paper illustrates that an attacker can create unstable behavior within a platoon. By utilizing the dynamic watermarking method proposed in this paper, the attack is detected, allowing the vehicles in the platoon to gracefully degrade to a non-communicative control strategy that maintains safety across a variety of scenarios.

show abstract

Section: Simulation Resultsmentioning

confidence: 99%

Resilient Control of Platooning Networked Robotic Systems via Dynamic Watermarking

Porter¹,

Joshi²,

Dey³

et al. 2021

Preprint

View full text Add to dashboard Cite

show abstract

“…"Active" detection methods have been proposed to detect stealthy attacks. These methods involve the introduction of a probing signal (watermark) to reveal fake sensor measurement or actuation signals [21], [22]. Active methods can also be designed for attacks exploiting specific control-theoretic properties.…”

Section: Attack Detection In Icsmentioning

confidence: 99%

Grounds for Suspicion: Physics-Based Early Warnings for Stealthy Attacks on Industrial Control Systems

Azzam

Pasquale

Provan

et al. 2022

IEEE Trans. Dependable and Secure Comput.

View full text Add to dashboard Cite

Stealthy attacks on Industrial Control Systems can cause significant damage while evading detection. In this paper, instead of focusing on the detection of stealthy attacks, we aim to provide early warnings to operators, in order to avoid physical damage and preserve in advance data that may serve as an evidence during an investigation. We propose a framework to provide grounds for suspicion, i.e. preliminary indicators reflecting the likelihood of success of a stealthy attack. We propose two grounds for suspicion based on the behaviour of the physical process: (i) feasibility of a stealthy attack, and (ii) proximity to unsafe operating regions. We propose a metric to measure grounds for suspicion in real-time and provide soundness principles to ensure that such a metric is consistent with the grounds for suspicion. We apply our framework to Linear Time-Invariant (LTI) systems and formulate the suspicion metric computation as a real-time reachability problem. We validate our framework on a case study involving the benchmark Tennessee-Eastman process. We show through numerical simulation that we can provide early warnings well before a potential stealthy attack can cause damage, while incurring minimal load on the network. Finally, we apply our framework on a use case to illustrate its usefulness in supporting early evidence collection.

show abstract

“…While passive detection techniques are effective against benign faults, bad data detectors can oftentimes be bypassed by powerful adversaries who leverage access to system channels and/or model knowledge to construct attacks so that the outputs received by a system operator are statistically consistent with expected output behavior. Since passive detection techniques provably fail in these instances, active detection techniques must be used to detect malicious attacks, where a defender intelligently changes the policy online by adding perturbations to the system [4], [5].…”

Section: A Detectionmentioning

confidence: 99%

Ensuring Resilience Against Stealthy Attacks on Cyber-Physical Systems

Griffioen¹,

Krogh²,

Sinopoli³

2022

Preprint

Self Cite

View full text Add to dashboard Cite

This article provides a tool for analyzing mechanisms that aim to achieve resilience against stealthy, or undetectable, attacks on cyber-physical systems (CPSs). We consider attackers who are able to corrupt all of the inputs and outputs of the system. To counter such attackers, a response scheme must be implemented that keeps the attacker from corrupting the inputs and outputs of the system for certain periods of time. To aid in the design of such a response scheme, our tool provides sufficient lengths for these periods of time in order to ensure safety with a particular probability. We provide a conservative upper bound on how long the system can remain under stealthy attack before the safety constraints are violated. Furthermore, we show how a detector limits the set of biases an attacker can exert on the system while still remaining stealthy, aiding a system operator in the design of the detector. Our contributions are demonstrated with an illustrative example.

show abstract

Active detection for exposing intelligent attacks in control systems

Cited by 17 publications

References 26 publications

Resilient Control of Platooning Networked Robotic Systems via Dynamic Watermarking

Resilient Control of Platooning Networked Robotic Systems via Dynamic Watermarking

Grounds for Suspicion: Physics-Based Early Warnings for Stealthy Attacks on Industrial Control Systems

Ensuring Resilience Against Stealthy Attacks on Cyber-Physical Systems

Contact Info

Product

Resources

About