Cyber Security of Water SCADA Systems—Part I: Analysis and Experimentation of Stealthy Deception Attacks

Amin, Saurabh; Litrico, Xavier; Sastry, S. Shankar; Bayen, Alexandre M.

doi:10.1109/tcst.2012.2211873

Cited by 306 publications

(144 citation statements)

References 10 publications

Supporting

Mentioning

140

Contrasting

Unclassified

Order By: Relevance

“…In their work, it is stated that the design of covert attacks requires a high level of knowledge about the model of the attacked system. In [6,11,21], examples of covert attacks that agree with the statement provided in [20] are proposed and analyzed. In [11,21], the attacker, acting as a man-in-the-middle (MitM), injects false data in the forward stream of the NCS to take control of the plant.…”

Section: Related Workmentioning

confidence: 94%

“…The integration of controllers and physical processes via communication networks aims to provide these systems with better operational and management capabilities, as well as reduce costs. By virtue of these advantages, the number of NCSs applied to industrial processes and critical infrastructure systems is increasing [1][2][3][4][5][6][7][8][9][10]. A diagram of an NCS is depicted in Networked control system (NCS) [12] plant's behavior are physically difficult to be perceived.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

A controller design for mitigation of passive system identification attacks in networked control systems

Sá

Carmo

Machado

2018

J Internet Serv Appl

View full text Add to dashboard Cite

The literature regarding attacks in Networked Control Systems (NCS) indicates that covert and accurate attacks must be designed based on an accurate knowledge about the model of the attacked system. In this context, the literature on NCS presents the Passive System Identification attack as a metaheuristic-based tool to provide the attacker with the required system models. However, the scientific literature does not report countermeasures to mitigate the identification process performed by such passive metaheuristic-based attack. In this sense, this work proposes the use of a randomly switching controller as a countermeasure for the Passive System Identification attack, in case of failure of other conventional security mechanisms -such as encryption, network segmentation and firewall policies. This novel countermeasure aims to hinder the identification of the controller, so that the model obtained by the attacker is imprecise or ambiguous, in such a way that the attacker hesitates to launch covert or model-dependent attacks against the NCS. The simulation results indicate that this countermeasure is capable to mitigate the mentioned attack at the same time that it performs a satisfactory plant control.

show abstract

Section: Related Workmentioning

confidence: 94%

Section: Introductionmentioning

confidence: 99%

A controller design for mitigation of passive system identification attacks in networked control systems

Sá

Carmo

Machado

2018

J Internet Serv Appl

View full text Add to dashboard Cite

show abstract

“…Cyber-Physical System Security There is extensive research on CPS and security [14,15] focusing on: Smart Power Grids [16,17], Industrial Control Systems (ICS) [18], and SCADA [19,20] systems. The majority of this research proposes defending attacks at the network or process level.…”

Section: Related Workmentioning

confidence: 99%

Cross-Level Detection Framework for Attacks on Cyber-Physical Systems

et al. 2017

View full text Add to dashboard Cite

Anomaly detection is critical in thwarting malicious attacks on Cyber-Physical Systems. This work presents a novel inference engine that integrates two heterogeneous anomaly detectors, working at different levels of the system architecture, in order to produce a crosslevel detector more effective than either one separately. The macro-or process-level detector uses a bank of observers of the physical plant that estimate the state of the process suspected to be under attack, specifically for its sensor to be compromised, from data gathered by available networked sensors. The estimates are then combined using a Weapons and Systems Engineering Department, U.S. Naval Academy, Annapolis, MD, USA consensus algorithm to determine if the suspect sensor is reporting false readings. The micro-level detector uses timesampled side-channel power measurements of an integrated circuit on the suspect sensor. By comparing power measurements against those from a known good state, differences indicate the code running inside has been altered. The crosslevel detector performs a two-dimensional Neyman-Pearson hypothesis test that declares the presence of an attack on the sensor node. The cross-level detector is shown to be more accurate and less latent than its constituent parts. Detection was tested against a range of False Data Injection attacks on a hardware prototype and the detector performance was measured experimentally. The cross-level detector on average achieved a 93% rate of correct detection, compared with 72 and 85% for the macro-and micro-level detectors, respectively; and a 50% reduction in latency compared to the macro-level detector.

show abstract

“…The former attempted to dissipate maximum amount of energy, and the latter attempted to inject the largest amount of energy. Amin et al [7] presented the block attack model and studied the effect of such attack on the proportional-integral (PI) control scheme in a water SCADA system. All these attacks we mentioned above have the requirement that attack values should lie within a predetermined range.…”

Section: Introductionmentioning

confidence: 99%

Greedy Modes of Data Integrity Attacks on Industrial Control Systems: A Case Study of Tennessee Eastman Process

Li¹,

Xie²,

Yu³

et al. 2017

IJSIA

View full text Add to dashboard Cite

show abstract

Cyber Security of Water SCADA Systems—Part I: Analysis and Experimentation of Stealthy Deception Attacks

Cited by 306 publications

References 10 publications

A controller design for mitigation of passive system identification attacks in networked control systems

A controller design for mitigation of passive system identification attacks in networked control systems

Cross-Level Detection Framework for Attacks on Cyber-Physical Systems

Greedy Modes of Data Integrity Attacks on Industrial Control Systems: A Case Study of Tennessee Eastman Process

Contact Info

Product

Resources

About