research-article

Evaluating Cascading Impact of Attacks on Resilience of Industrial Control Systems: A Design-Centric Modeling Approach

Authors:

John Henry Castellanos,

Jianying ZhouAuthors Info & Claims

CPSS '20: Proceedings of the 6th ACM on Cyber-Physical System Security Workshop

Pages 42 - 53

https://doi.org/10.1145/3384941.3409587

Published: 06 October 2020 Publication History

Abstract

A design-centric modeling approach was proposed to model the behaviour of the physical processes controlled by Industrial Control Systems (ICS) and study the cascading impact of data-oriented attacks. A threat model was used as input to guide the construction of the CPS model where control components which are within the adversary's intent and capabilities are extracted. The relevant control components are subsequently modeled together with their control dependencies and operational design specifications. The approach was demonstrated and validated on a water treatment testbed. Attacks were simulated on the testbed model where its resilience to attacks was evaluated using proposed metrics such as Impact Ratio and Time-to-Critical-State. From the analysis of the attacks, design strengths and weaknesses were identified and design improvements were recommended to increase the testbed's resilience to attacks.

References

[1]

Sridhar Adepu and Aditya Mathur. 2016. An investigation into the response of a water treatment system to cyber attacks. In 2016 IEEE 17th International Symposium on High Assurance Systems Engineering (HASE). IEEE, 141--148.

Digital Library

[2]

Chuadhry Mujeeb Ahmed, Carlos Murguia, and Justin Ruths. 2017. Model-based Attack Detection Scheme for Smart Water Distribution Networks. In Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security (ASIA CCS '17). ACM, New York, NY, USA, 101--113. https://doi.org/10.1145/3052973.3053011

Digital Library

[3]

Chuadhry Mujeeb Ahmed, Jianying Zhou, and Aditya P Mathur. 2018. Noise matters: Using sensor and process noise fingerprint to detect stealthy cyber attacks and authenticate sensors in cps. In Proceedings of the 34th Annual Computer Security Applications Conference. 566--581.

Digital Library

[4]

Alvaro A Cárdenas, Saurabh Amin, Zong-Syun Lin, Yu-Lun Huang, Chi-Yen Huang, and Shankar Sastry. 2011. Attacks against process control systems: risk assessment, detection, and response. In Proceedings of the 6th ACM symposium on information, computer and communications security. ACM, 355--366.

Digital Library

[5]

John H. Castellanos, Mart'in Ochoa, and Jianying Zhou. 2018. Finding Dependencies between Cyber-Physical Domains for Security Testing of Industrial Control Systems. In Proceedings of the 34th Annual Computer Security Applications Conference (ACSAC '18). Association for Computing Machinery, New York, NY, USA, 582--594. https://doi.org/10.1145/3274694.3274745

Digital Library

[6]

John Henry Castellanos and Jianying Zhou. 2019. A Modular Hybrid Learning Approach for Black-Box Security Testing of CPS. In International Conference on Applied Cryptography and Network Security. Springer.

Digital Library

[7]

Jay Wright Forrester. 1997. Industrial dynamics. Journal of the Operational Research Society, Vol. 48, 10 (1997), 1037--1041.

[8]

Béla Genge, István Kiss, and Piroska Haller. 2015. A system dynamics approach for assessing the impact of cyber attacks on critical infrastructures. International Journal of Critical Infrastructure Protection, Vol. 10 (2015), 3--17.

Digital Library

[9]

Jairo Giraldo, David Urbina, Alvaro Cardenas, Junia Valente, Mustafa Faisal, Justin Ruths, Nils Ole Tippenhauer, Henrik Sandberg, and Richard Candell. 2018. A survey of physics-based attack detection in cyber-physical systems. ACM Computing Surveys (CSUR), Vol. 51, 4 (2018), 76.

Digital Library

[10]

Zhongyuan Hau and Emil C Lupu. 2019. Exploiting Correlations to Detect False Data Injections in Low-Density Wireless Sensor Networks. In Proceedings of the 5th on Cyber-Physical System Security Workshop. 1--12.

Digital Library

[11]

Alexander Kott and Igor Linkov. 2019. Cyber resilience of systems and networks .Springer.

[12]

Marina Krotofil and Alvaro A Cárdenas. 2013. Resilience of process control systems to cyber-physical attacks. In Nordic Conference on Secure IT Systems. Springer, 166--182.

Digital Library

[13]

Marina Krotofil and Jason Larsen. 2014. Are you threatening my hazards?. In International Workshop on Security. Springer, 17--32.

[14]

Marina Krotofil, Jason Larsen, and Dieter Gollmann. 2015. The process matters: Ensuring data veracity in cyber-physical systems. In Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security. ACM, 133--144.

Digital Library

[15]

A. P. Mathur and N. O. Tippenhauer. 2016. SWaT: a water treatment testbed for research and training on ICS security. In 2016 International Workshop on Cyber-physical Systems for Smart Water Networks (CySWater). 31--36. https://doi.org/10.1109/CySWater.2016.7469060

[16]

Jezdimir Milovs ević, David Umsonst, Henrik Sandberg, and Karl Henrik Johansson. 2018. Quantifying the impact of cyber-attack strategies for control systems equipped with an anomaly detector. In 2018 European Control Conference (ECC). IEEE, 331--337.

[17]

Hamed Orojloo and Mohammad Abdollahi Azgomi. 2017. A method for evaluating the consequence propagation of security attacks in cyber--physical systems. Future Generation Computer Systems, Vol. 67 (2017), 57--71.

[18]

Thomas D O'Rourke. 2007. Critical infrastructure, interdependencies, and resilience. BRIDGE-Washington-National Academy of Engineering-, Vol. 37, 1 (2007), 22.

[19]

Min Ouyang and Leonardo Duenas-Osorio. 2014. Multi-dimensional hurricane resilience assessment of electric power systems. Structural Safety, Vol. 48 (2014), 15--24.

[20]

Dorothy A Reed, Kailash C Kapur, and Richard D Christie. 2009. Methodology for assessing the resilience of networked infrastructure. IEEE Systems Journal, Vol. 3, 2 (2009), 174--180.

[21]

John D Sterman. 2001. System dynamics modeling: tools for learning in a complex world. California management review, Vol. 43, 4 (2001), 8--25.

[22]

Keith Stouffer, Joe Falco, and Karen Scarfone. 2011. Guide to industrial control systems (ICS) security. NIST special publication, Vol. 800, 82 (2011), 16--16.

Cited By

Li NZhang MLi JAdepu SKang EJin Z(2024)A Game-Theoretical Self-Adaptation Framework for Securing Software-Intensive SystemsACM Transactions on Autonomous and Adaptive Systems10.1145/365294919:2(1-49)Online publication date: 20-Apr-2024
https://dl.acm.org/doi/10.1145/3652949
Dedousis PStergiopoulos GArampatzis GGritzalis D(2023)Enhancing Operational Resilience of Critical Infrastructure Processes Through Chaos EngineeringIEEE Access10.1109/ACCESS.2023.331602811(106172-106189)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3316028
Alrumaih TAlenazi MAlSowaygh NHumayed AAlablani I(2023)Cyber resilience in industrial networks: A state of the art, challenges, and future directionsJournal of King Saud University - Computer and Information Sciences10.1016/j.jksuci.2023.10178135:9(101781)Online publication date: Oct-2023
https://doi.org/10.1016/j.jksuci.2023.101781
Show More Cited By

Index Terms

Evaluating Cascading Impact of Attacks on Resilience of Industrial Control Systems: A Design-Centric Modeling Approach
1. Computer systems organization
  1. Dependable and fault-tolerant systems and networks
    1. Redundancy
    2. Reliability
  2. Embedded and cyber-physical systems
    1. Sensors and actuators
2. Security and privacy
  1. Systems security
    1. Distributed systems security

Recommendations

Modeling and control of Cyber-Physical Systems subject to cyber attacks: A survey of recent advances and challenges
Highlights
- In general, the cyber-attacks in the literature can be classified into three main types: denial of service (DoS) attacks, deception attacks, and replay ...
Abstract
Cyber Physical Systems (CPS) are almost everywhere; they can be accessed and controlled remotely. These features make them more vulnerable to cyber attacks. Since these systems provide critical services, having them under attack would ...
Game Theory Approaches for Evaluating the Deception-based Moving Target Defense
MTD'22: Proceedings of the 9th ACM Workshop on Moving Target Defense

Moving target defense (MTD) is a proactive defensive mechanism proposed to disrupt and disable potential attacks, thus reversing the defender's disadvantages. Cyber deception is a complementary technique that is often used to enhance MTD by utilizing ...
Hacking Exposed Industrial Control Systems: ICS and SCADA Security Secrets & Solutions

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CPSS '20: Proceedings of the 6th ACM on Cyber-Physical System Security Workshop

October 2020

72 pages

ISBN:9781450376082

DOI:10.1145/3384941

Program Chairs:
Sokratis Katsikas
Norwegian University of Science & Technology - NTNU, Norway
,
Cristina Alcaraz
University of Malaga, Spain

Copyright © 2020 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 06 October 2020

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Singapore University of Technology and Design

Conference

ASIA CCS '20

Sponsor:

SIGSAC

ASIA CCS '20: The 15th ACM Asia Conference on Computer and Communications Security

October 6, 2020

Taipei, Taiwan

Acceptance Rates

Overall Acceptance Rate 43 of 135 submissions, 32%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

5
Total Citations
View Citations
192
Total Downloads

Downloads (Last 12 months)24
Downloads (Last 6 weeks)3

Reflects downloads up to 30 Jul 2024

Other Metrics

View Author Metrics

Citations

Cited By

Li NZhang MLi JAdepu SKang EJin Z(2024)A Game-Theoretical Self-Adaptation Framework for Securing Software-Intensive SystemsACM Transactions on Autonomous and Adaptive Systems10.1145/365294919:2(1-49)Online publication date: 20-Apr-2024
https://dl.acm.org/doi/10.1145/3652949
Dedousis PStergiopoulos GArampatzis GGritzalis D(2023)Enhancing Operational Resilience of Critical Infrastructure Processes Through Chaos EngineeringIEEE Access10.1109/ACCESS.2023.331602811(106172-106189)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3316028
Alrumaih TAlenazi MAlSowaygh NHumayed AAlablani I(2023)Cyber resilience in industrial networks: A state of the art, challenges, and future directionsJournal of King Saud University - Computer and Information Sciences10.1016/j.jksuci.2023.10178135:9(101781)Online publication date: Oct-2023
https://doi.org/10.1016/j.jksuci.2023.101781
Palleti VAdepu SMishra VMathur A(2021)Cascading effects of cyber-attacks on interconnected critical infrastructureCybersecurity10.1186/s42400-021-00071-z4:1Online publication date: 1-Mar-2021
https://doi.org/10.1186/s42400-021-00071-z
Castiglione LLupu EManiatakos MZhang Y(2020)Hazard Driven Threat Modelling for Cyber Physical SystemsProceedings of the 2020 Joint Workshop on CPS&IoT Security and Privacy10.1145/3411498.3419967(13-24)Online publication date: 9-Nov-2020
https://dl.acm.org/doi/10.1145/3411498.3419967

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents