research-article

Adaptive control‐theoretic detection of integrity attacks against cyber‐physical industrial systems

Authors:

Jose Rubio‐Hernan,

Joaquin Garcia‐AlfaroAuthors Info & Claims

Transactions on Emerging Telecommunications Technologies, Volume 29, Issue 7

https://doi.org/10.1002/ett.3209

Published: 09 July 2018 Publication History

Abstract

The use of control‐theoretic solutions to detect attacks against cyber‐physical industrial systems is a growing area of research. Traditional literature proposes the use of control strategies to retain, eg, satisfactory close‐loop performance, as well as safety properties, when a communication network connects the distributed components of a physical system (eg, sensors, actuators, and controllers). However, the adaptation of these strategies to handle security incidents is an ongoing challenge. In this paper, we survey the advantages of a watermark‐based detector against some integrity attacks as well as the weaknesses against other attacks. To cover these weaknesses, we propose a new control and security strategy that complements the watermark‐based detector. We validate the detection efficiency of the new strategy via numeric simulation. Experimental results are also presented by using a laboratory testbed based on supervisory control and data acquisition industrial protocols.

Graphical Abstract

In this paper, we survey the advantages of a watermark‐based detector against some integrity attacks as well as the weaknesses against other attacks. To cover these weaknesses, we propose a new control and security strategy that complements the watermark‐based detector. We validate the detection efficiency of the new strategy via numeric simulation. Experimental results are also presented by using a laboratory testbed based on supervisory control and data acquisition industrial protocols.

References

[1]

Hespanha JP, Naghshtabrizi P, Xu Y. A survey of recent results in networked control systems. Proc IEEE. 2007;95(1):138‐162. https://doi.org/10.1109/JPROC.2006.887288

[2]

Kim KD, Kumar PR. Cyber‐physical systems: a perspective at the centennial. Proc IEEE. 2012;100:1287‐1308. https://doi.org/10.1109/JPROC.2012.2189792

[3]

Wu G, Sun J, Chen J. A survey on the security of cyber‐physical systems. Control Theory Technol. 2016;14(1):2‐10. https://doi.org/10.1007/s11768-016-5123-9

[4]

Falliere N, Murchu LO, Chien E. W32 stuxnet dossier. White paper, Symantec Corp, Security Response. 2011;5:6.

[5]

Weyer S, Schmitt M, Ohmer M, Gorecky D. Towards industry 4.0 ‐ Standardization as the crucial challenge for highly modular, multi‐vendor production systems. IFAC‐PapersOnLine. 2015;48(3):579‐584. https://doi.org/10.1016/j.ifacol.2015.06.143

[6]

Lee J, Bagheri B, Kao HA. A cyber‐physical systems architecture for industry 4.0‐based manufacturing systems. Manuf Lett. 2015;3:18‐23. https://doi.org/10.1016/j.mfglet.2014.12.001

[7]

Salt J, Casanova V, Cuenca A, Pizá R. Sistemas de control basados en red modelado y diseño de estructuras de control. Revista Iberoamericana de Automática e Informática Industrial RIAI. 2008;5(3):5‐20. https://doi.org/10.1016/S1697-7912(08)70157-2

[8]

Heemels W, Donkers M, Teel AR. Periodic event‐triggered control for linear systems. IEEE Trans Autom Control. 2013;58(4):847‐861. https://doi.org/10.1109/TAC.2012.2220443

[9]

Han D, Mo Y, Wu J, Weerakkody S, Sinopoli B, Shi L. Stochastic event‐triggered sensor schedule for remote state estimation. IEEE Trans Autom Control. 2015;60(10):2661‐2675. https://doi.org/10.1109/TAC.2015.2406975

[10]

Corman D, Pillitteri V, Tousley S, Tehranipoor M, Lindqvist U. NITRD cyber‐physical security panel. Paper presented at: 35th IEEE Symposium on Security and Privacy, IEEE SP 2014, May 18-21, 2014; San Jose, CA, USA.

[11]

Mo Y, Garone E, Casavola A, Sinopoli B. False data injection attacks against state estimation in wireless sensor networks. Paper presented at: 49th IEEE Conference on Decision and Control (CDC); 2010; Atlanta, GA, USA. https://doi.org/10.1109/CDC.2010.5718158

[12]

Smith RS. Covert misappropriation of networked control systems: presenting a feedback structure. IEEE Control Syst. 2015;35(1):82‐92. https://doi.org/10.1109/MCS.2014.2364723

[13]

Mo Y, Weerakkody S, Sinopoli B. Physical authentication of control systems: designing watermarked control inputs to detect counterfeit sensor outputs. IEEE Control Syst. 2015;35(1):93‐109. https://doi.org/10.1109/MCS.2014.2364724

[14]

Teixeira A, Shames I, Sandberg H, Johansson KH. A secure control framework for resource‐limited adversaries. Automatica. 2015;51:135‐148. https://doi.org/10.1016/j.automatica.2014.10.067

Digital Library

[15]

Pasqualetti F, Dorfler F, Bullo F. Cyber‐physical security via geometric control: Distributed monitoring and malicious attacks. Paper presented at: 2012 IEEE 51st IEEE Conference on Decision and Control (CDC); 2012; Maui, HI, USA. https://doi.org/10.1109/CDC.2012.6426257

[16]

Mo Y, Sinopoli B. Secure control against replay attacks. Paper presented at: Proceedings of the 47th Annual Allerton Conference on Communication, Control, and Computing. IEEE; 2009; Monticello, IL, USA. https://doi.org/10.1109/ALLERTON.2009.5394956

[17]

Miao F, Pajic M, Pappas GJ. Stochastic game approach for replay attack detection. Paper presented at: Proceedings of the 52nd IEEE Conference on Decision and Control; 2013; Florence, Italy. https://doi.org/10.1109/CDC.2013.6760152

[18]

Zhu Q, Başar T. Dynamic policy‐based IDS configuration. Paper presented at: Proceedings of the 48th IEEE Conference on Decision and Control CDC) held jointly with 2009 28th Chinese Control Conference; 2009; Shanghai, China. https://doi.org/10.1109/CDC.2009.5399894

[19]

Do VL, Fillatre L, Nikiforov I. A statistical method for detecting cyber/physical attacks on SCADA systems. Paper presented at: Proceedings of 2014 IEEE Conference on Control Applications (CCA); 2014; Juan Les Antibes, France. https://doi.org/10.1109/CCA.2014.6981373

[20]

Genge B, Kiss I, Haller P. A system dynamics approach for assessing the impact of cyber attacks on critical infrastructures. Int J Critical Infrastruct Prot. 2015;10:3‐17. https://doi.org/10.1016/j.ijcip.2015.04.001

Digital Library

[21]

Rubio‐Hernan J, De Cicco L, Garcia‐Alfaro J. Revisiting a watermark‐based detection scheme to handle cyber‐physical attacks. Paper presented at: Proceedings of the 11th International Conference on Availability, Reliability and Security. IEEE; 2016; Salzburg, Austria.

[22]

Rubio‐Hernan J, De Cicco L, Garcia‐Alfaro J. Event‐triggered watermarking control to handle cyber‐physical integrity attacks. Paper presented at: Proceedings Secure IT Systems: 21st Nordic Conference, Nordsec 2016, Oulu, Finland, November 2‐4, 2016; Springer International Publishing: Cham. https://doi.org/10.1007/978-3-319-47560-8_1

[23]

Wang Y, Xu Z, Zhang J, Xu L, Wang H, Gu G. SRID: State relation based intrusion detection for false data injection attacks in SCADA. In: Kutyłowski M, Vaidya J, eds. Computer Security ‐ Esorics 2014: 19th European Symposium on Research in Computer Security, Wroclaw, Poland, September 7‐11, 2014. Proceedings, Part II. Cham: Springer International Publishing; 2014:401‐418. https://doi.org/10.1007/978-3-319-11212-1_23

[24]

Arvani A, Rao VS. Detection and protection against intrusions on smart grid systems. Int J Cyber Secur Digit Forensics (IJCSDF). 2014;3(1):38‐48.

[25]

Baheti R, Gill H. Cyber‐physical systems. Impact Control Technol. 2011;12:161‐166.

[26]

Heemels W, Donkers M. Model‐based periodic event‐triggered control for linear systems. Automatica. 2013;49(3):698‐711. https://doi.org/10.1016/j.automatica.2012.11.025

Digital Library

[27]

Brumback B, Srinath M. A chi‐square test for fault‐detection in Kalman filters. IEEE Trans Autom Control. 1987;32(6):552‐554. https://doi.org/10.1109/TAC.1987.1104658

[28]

Franklin GF, Powell JD, Workman ML. Digital control of dynamic systems. 3rd ed. Boston, MA, USA: Addison‐Wesley Longman Publishing Co., Inc.; 1998.

[29]

Natke HG. System identification: Torsten Söderström and Petre Stoica. Automatica. 1992;28(5):1069‐1071.

[30]

Modbus Organization . Official Modbus Specifications. http://www.modbus.org/specs.php. 2016. Accessed: March 2017.

[31]

Curtis K. A DNP3 protocol primer. A basic technical overview of the protocol. http://www.dnp.org/AboutUs/DNP3%20Primer%20Rev%20A.pdf. 2005. Accessed: March 2017.

Cited By

Jithish JSankaran S(2021)A game‐theoretic approach for ensuring trustworthiness in cyber‐physical systems with applications to multiloop UAV controlTransactions on Emerging Telecommunications Technologies10.1002/ett.404232:5Online publication date: 7-May-2021
https://dl.acm.org/doi/10.1002/ett.4042
Kumar SSingh BYadav M(2020)A Recent Survey on Multimedia and Database WatermarkingMultimedia Tools and Applications10.1007/s11042-020-08881-y79:27-28(20149-20197)Online publication date: 1-Jul-2020
https://dl.acm.org/doi/10.1007/s11042-020-08881-y

Index Terms

Adaptive control‐theoretic detection of integrity attacks against cyber‐physical industrial systems

Index terms have been assigned to the content through auto-classification.

Recommendations

Modeling and control of Cyber-Physical Systems subject to cyber attacks: A survey of recent advances and challenges
Highlights
- In general, the cyber-attacks in the literature can be classified into three main types: denial of service (DoS) attacks, deception attacks, and replay ...
Abstract
Cyber Physical Systems (CPS) are almost everywhere; they can be accessed and controlled remotely. These features make them more vulnerable to cyber attacks. Since these systems provide critical services, having them under attack would ...
Poisoning attacks on cyber attack detectors for industrial control systems
SAC '21: Proceedings of the 36th Annual ACM Symposium on Applied Computing

Recently, neural network (NN)-based methods, including autoencoders, have been proposed for the detection of cyber attacks targeting industrial control systems (ICSs). Such detectors are often retrained, using data collected during system operation, to ...
Mode division-based anomaly detection against integrity and availability attacks in industrial cyber-physical systems
Abstract
Integrity and availability attacks can cause serious damage to modern industrial cyber-physical systems (ICPS). It is critical to detect and identify these attacks promptly and accurately. This paper investigates the anomaly detection ...
Graphical Abstract

Display Omitted
Highlights
- Mode division is proposed as a novel anomaly detection framework.
- Attacks are ...

Comments

Information & Contributors

Information

Published In

cover image Transactions on Emerging Telecommunications Technologies

Transactions on Emerging Telecommunications Technologies Volume 29, Issue 7

July 2018

20 pages

EISSN:2161-3915

DOI:10.1002/ett.v29.7

Issue’s Table of Contents

Copyright © 2017 John Wiley & Sons, Ltd.

Publisher

John Wiley & Sons, Inc.

United States

Publication History

Published: 09 July 2018

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 13 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Jithish JSankaran S(2021)A game‐theoretic approach for ensuring trustworthiness in cyber‐physical systems with applications to multiloop UAV controlTransactions on Emerging Telecommunications Technologies10.1002/ett.404232:5Online publication date: 7-May-2021
https://dl.acm.org/doi/10.1002/ett.4042
Kumar SSingh BYadav M(2020)A Recent Survey on Multimedia and Database WatermarkingMultimedia Tools and Applications10.1007/s11042-020-08881-y79:27-28(20149-20197)Online publication date: 1-Jul-2020
https://dl.acm.org/doi/10.1007/s11042-020-08881-y

View Options

View options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Issue’s Table of Contents