Reachability Analysis for Safety Assurance of Cyber-Physical Systems Against Cyber Attacks

The increase in network connectivity has also resulted in several high-profile attacks on cyber-physical systems. An attacker that manages to access a local network could remotely affect control performance by tampering with sensor measurements delivered to the controller. Recent results have shown that with network-based attacks, such as Man-in-the-Middle attacks, the attacker can introduce an unbounded state estimation error if measurements from a suitable subset of sensors contain false data when delivered to the controller. While these attacks can be addressed with the standard cryptographic tools that ensure data integrity, their continuous use would introduce significant communication and computation overhead. Consequently, we study effects of intermittent data integrity guarantees on system performance under stealthy attacks. We consider linear estimators equipped with a general type of residual-based intrusion detectors (including χ 2 and SPRT detectors), and show that even when integrity of sensor measurements is enforced only intermittently, the attack impact is significantly limited; specifically, the state estimation error is bounded or the attacker cannot remain stealthy. Furthermore, we present methods to:(1) evaluate the effects of any given integrity enforcement policy in terms of reachable state-estimation errors for any type of stealthy attacks, and (2) design an enforcement policy that provides the desired estimation error guarantees under attack. Finally, on three automotive case studies we show that even with less than 10% of authenticated messages we can ensure satisfiable control performance in the presence of attacks.

show abstract

“…From Definition 4, there exists t i ∈ µ such that j ∈ t i ,t i + L , wheret i = t i +f (Figure 3). Now, from (10) and (11) we have that…”

Section: Stealthy Attacks In Systems With Intermittent Integrity mentioning

confidence: 99%

Relaxing Integrity Requirements for Attack-Resilient Cyber-Physical Systems

Jovanov

Pajić

2019

IEEE Trans. Automat. Contr.

View full text Add to dashboard Cite

show abstract

“…Our work builds on recent research assessing the physical impact of stealthy attacks on CPS and ICS. In particular, we adapt techniques based on reachability analysis [10], [36], [37] to provide measures of the proposed grounds for suspicion. While in previous work such techniques were mainly employed to assess the security of a system and perform offline risk analysis, here we adapt them for online monitoring.…”

Section: Attack Impact Assessment In Cps/icsmentioning

confidence: 99%

Grounds for Suspicion: Physics-Based Early Warnings for Stealthy Attacks on Industrial Control Systems

Azzam

Pasquale

Provan

et al. 2022

IEEE Trans. Dependable and Secure Comput.

View full text Add to dashboard Cite

Stealthy attacks on Industrial Control Systems can cause significant damage while evading detection. In this paper, instead of focusing on the detection of stealthy attacks, we aim to provide early warnings to operators, in order to avoid physical damage and preserve in advance data that may serve as an evidence during an investigation. We propose a framework to provide grounds for suspicion, i.e. preliminary indicators reflecting the likelihood of success of a stealthy attack. We propose two grounds for suspicion based on the behaviour of the physical process: (i) feasibility of a stealthy attack, and (ii) proximity to unsafe operating regions. We propose a metric to measure grounds for suspicion in real-time and provide soundness principles to ensure that such a metric is consistent with the grounds for suspicion. We apply our framework to Linear Time-Invariant (LTI) systems and formulate the suspicion metric computation as a real-time reachability problem. We validate our framework on a case study involving the benchmark Tennessee-Eastman process. We show through numerical simulation that we can provide early warnings well before a potential stealthy attack can cause damage, while incurring minimal load on the network. Finally, we apply our framework on a use case to illustrate its usefulness in supporting early evidence collection.

show abstract

“…Intrusion detection is very critical step for defensing cyber- attacks. Kwon and Hwang (2018) proposed an algorithm to assess the safety of the cyber-physical system in the presence of cyber-attacks that can be designed intelligently to avoid the detection. In Pasqualetti et al (2013), for cyber-physical systems (CPSs) with malicious attacks, authors design the centralized and distributed attack detection and identification monitors.…”

Section: Ncss With Network Securitymentioning

confidence: 99%

Challenging research for networked control systems: A survey

Meng

Chen

2018

Transactions of the Institute of Measurement and Control

View full text Add to dashboard Cite

Nowadays, networked control systems (NCSs) have been a popular research topic in both academia and industry areas. However, the NCSs also present great challenging problems due to imperfect communication, node moving, external interference and hacker attack. In this paper, we review some of the recent challenging researches for NCSs. Several concerned research subjects in NCSs are surveyed, including network-induced delays, packet dropouts, packet disordering, external disturbance, parameter uncertainty, data quantization, event-triggers mechanism, sensor or actuator failures, scheduling protocols, network attack and network topology. Correspondingly, various control laws to deal with these issues are discussed. Finally, some conclusions are given, and possible future directions are explored.

show abstract

Reachability Analysis for Safety Assurance of Cyber-Physical Systems Against Cyber Attacks

Cited by 88 publications

References 16 publications

Relaxing Integrity Requirements for Attack-Resilient Cyber-Physical Systems

Relaxing Integrity Requirements for Attack-Resilient Cyber-Physical Systems

Grounds for Suspicion: Physics-Based Early Warnings for Stealthy Attacks on Industrial Control Systems

Challenging research for networked control systems: A survey

Contact Info

Product

Resources

About