An Experimental Study on the Impact of Network Segmentation to the Resilience of Physical Processes

Genge, Béla; Siaterlis, Christos

doi:10.1007/978-3-642-30045-5_10

Cited by 16 publications

(10 citation statements)

References 11 publications

(18 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The important role of the timing parameters in cyber-physical security was already demonstrated in few academic works. Thus it was shown that process-aware segmentation of the control network increases survivability of the process and extends its time to shutdown [10]. In another work authors studied the effectiveness of remotely executed cyber attacks on a valve in a Boiling Water Power Plant [11].…”

Section: Related Workmentioning

confidence: 98%

CPS

Krotofil

Cárdenas

Manning

et al. 2014

Proceedings of the 30th Annual Computer Security Applications Conference

View full text Add to dashboard Cite

DoS attacks on sensor measurements used for industrial control can cause the controller of the process to use stale data. If the DoS attack is not timed properly, the use of stale data by the controller will have limited impact on the process; however, if the attacker is able to launch the DoS attack at the correct time, the use of stale data can cause the controller to drive the system to an unsafe state.Understanding the timing parameters of the physical processes does not only allow an attacker to construct a successful attack but also to maximize its impact (damage to the system). In this paper we use Tennessee Eastman challenge process to study an attacker that has to identify (in realtime) the optimal timing to launch a DoS attack. The choice of time to begin an attack is forward-looking, requiring the attacker to consider each opportunity against the possibility of a better opportunity in the future, and this lends itself to the theory of optimal stopping problems. In particular we study the applicability of the Best Choice Problem (also known as the Secretary Problem), quickest change detection, and statistical process outliers. Our analysis can be used to identify specific sensor measurements that need to be protected, and the time that security or safety teams required to respond to attacks, before they cause major damage.

show abstract

Section: Related Workmentioning

confidence: 98%

CPS

Krotofil

Cárdenas

Manning

et al. 2014

Proceedings of the 30th Annual Computer Security Applications Conference

View full text Add to dashboard Cite

show abstract

“…There are several examples where segmentation decisions are made based on the underlying physical system managed by the cyber network. In [18], an emulation test bed is used to compare two segmentation strategies developed by subject matter experts (SME's) for SCADA systems in a chemical plant. They demonstrate that in process-flow operations, security and safety gains can be made by separating SCADA devices for in-flow and outflow values.…”

Section: A Literature Reviewmentioning

confidence: 99%

A Trilevel Model for Segmentation of the Power Transmission Grid Cyber Network

Arguello¹,

Johnson²,

Gearhart³

2021

Preprint

View full text Add to dashboard Cite

Network segmentation of a power grid's communication system is one way to make the grid more resilient to cyber attacks. We develop a novel trilevel programming model to optimally segment a grid communication system, taking into account the actions of an information technolology (IT) administrator, attacker, and grid operator. The IT administrator is given an allowance to segment existing networks, and the attacker is given a fixed budget to attack the segmented communication system in an attempt to inflict damage on the grid. Finally, the grid operator is allowed to redispatch the grid after the attack in order to minimize damage. The resulting problem is a trilevel interdiction problem, which we solve by leveraging current research in bilevel branch and bound. We demonstrate the benefits of optimal network segmentation through case studies on the 9-bus WSCC system and the 30-bus IEEE system. These examples illustrate that network segmentation can significantly reduce the threat posed by a cyber attacker with perfect knowledge of the grid. Continuous Variables Grid operator decisions: θ sVoltage angle at substation s p gReal power output of generator g f k Real power flow on line k l dReal power load shed at load d L Real power total load shed

show abstract

“…Not surprisingly, also the ICS security community has adopted the TE model for studying the impacts of cyber attacks on physical processes (see e.g. [5,13,4,1].…”

Section: Vinyl Acetate Monomer Processmentioning

confidence: 99%

Cyber-Physical Systems Security

Gollmann

Gurikov

Isakov

et al. 2015

Proceedings of the 1st ACM Workshop on Cyber-Physical System Security

View full text Add to dashboard Cite

In recent years, cyber-physical systems (CPSs) have received much attention from both the academic world and the industrial world, which refer to a deep integration and coordination of physical and computational resources [1,2]. Typical examples of CPSs can be found in smart grids, smart transportation systems, industrial control systems, water supply systems, and so on. Furthermore, many military systems are also CPSs. The key characteristic of CPSs is the integration of computing, control and communication. The increased in-terconnection between the cyber and physical spaces make CPSs vulnerable to various malicious attacks. A well-known example of an attack of CPSs is the Stuxnet which infected the control system of nuclear-fuel centrifuges of Bushehr nuclear power plant in Iran. Stuxnet makes people beware of the grave consequences of a cyber-attack on a CPS. Since many national critical infrastructures are applications of CPS, ensuring security and safety of such systems is of great importance. In traditional information technology (IT) systems, three security objectives are confidentiality, integrity and availability , where confidentiality is in the first place. While in CPSs, availability ranks the first. Besides, there are some differences between IT systems and CPSs. For examples, in CPSs, a long-term safe and reliable operation is necessary. In CPSs, components are rarely replaced and difficult to upgrade. In CPSs, the control performance of the system should be taken into account. The traditional IT security methods such as data encryption and authentication can protect the confidentiality of data and keep from unauthorized access to some extent

show abstract

An Experimental Study on the Impact of Network Segmentation to the Resilience of Physical Processes

Cited by 16 publications

References 11 publications

CPS

CPS

A Trilevel Model for Segmentation of the Power Transmission Grid Cyber Network

Cyber-Physical Systems Security

Contact Info

Product

Resources

About