Skip to main content
SpringerLink
Log in
Book cover

Nordic Conference on Secure IT Systems

NordSec 2013: Secure IT Systems pp 166–182Cite as

Resilience of Process Control Systems to Cyber-Physical Attacks

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8208))

Abstract

In this work we investigate the matter of “secure control” – a novel research direction capturing security objectives specific to Industrial Control Systems (ICS). We provide an empirical analysis of the well known Tennessee Eastman process control challenge problem to gain insights into the behavior of a physical process when confronted with cyber-physical attacks. In particular, we investigate the impact of integrity and DoS attacks on sensors which measure physical phenomena. We also demonstrate how the results of process-aware security analysis can be applied to improve process resilience to cyber-physical attacks.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Abnormal Situation Management (ASM) Consortium: Official website, https://www.asmconsortium.net/ (retrieved: June 2013)

  2. Anderson, R., Fuloria, S.: Security economics and critical national infrastructure. In: Economics of Information Security and Privacy, pp. 55–66 (2010)

    Google Scholar 

  3. U.S. Chemical Safety Board: Runaway: Explosion at T2 laboratories (2007), http://www.youtube.com/watch?v=C561PCq5E1g (2009) (retrieved: May 2013)

  4. Cárdenas, A.A., Amin, S., Lin, Z.S., Huang, Y.L., Huang, C.Y., Sastry, S.: Attacks against process control systems: risk assessment, detection, and response. In: Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2011, pp. 355–366 (2011)

    Google Scholar 

  5. Chabukswar, R., Sinopoli, B., Karsai, G., Giani, A., Neema, H., Davis, A.: Simulation of network attacks on SCADA systems. In: First Workshop on Secure Control Systems (2010)

    Google Scholar 

  6. Chien, E., O’Gorman, G.: The Nitro attacks: Stealing secrets from the chemical industry. Tech. rep., Symantec (2011)

    Google Scholar 

  7. Downs, J.J., Vogel, E.F.: A plant-wide industrial process control problem. Computers & Chemical Engineering 17(3), 245–255 (1993)

    Article  Google Scholar 

  8. Genge, B., Siaterlis, C., Hohenadell, M.: Impact of network infrastructure parameters to the effectiveness of cyber attacks against industrial control systems. International Journal of Computers, Communications & Control 7(4), 673–686 (2012)

    Google Scholar 

  9. Genge, B., Siaterlis, C.: An experimental study on the impact of network segmentation to the resilience of physical processes. In: Bestak, R., Kencl, L., Li, L.E., Widmer, J., Yin, H. (eds.) NETWORKING 2012, Part I. LNCS, vol. 7289, pp. 121–134. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  10. Gollmann, D.: Veracity, plausibility, and reputation. In: Askoxylakis, I., Pöhls, H.C., Posegga, J. (eds.) WISTP 2012. LNCS, vol. 7322, pp. 20–28. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  11. Huang, Y., Cárdenas, A., Amin, S., Lin, S.Z., Tsai, H.Y., Sastry, S.S.: Understanding the physical and economic consequences of attacks against control systems. International Journal of Critical Infrastructure Protection 2(3), 72–83 (2009)

    Article  Google Scholar 

  12. libmodbus Project: Official website, http://libmodbus.org/ (retrieved: June 2013)

  13. Liptak, B.G.: Instrument Engineers’ Handbook. Process Control and Optimizatiol, vol. 2. CRC Press (2005)

    Google Scholar 

  14. Luyben, W.L., Tyreus, B.D., Luyben, M.L.: PlantwideProcess Control. McGraw-Hill (1998)

    Google Scholar 

  15. McAvoy, T., Ye, N.: Base control for the Tennessee Eastman problem. Computers & Chemical Engineering 18(5), 383–413 (1994)

    Article  Google Scholar 

  16. McEvoy, T., Wolthusen, S.: A plant-wide industrial process control security problem. In: Critical Infrastructure Protection V, vol. 367, pp. 47–56 (2011)

    Google Scholar 

  17. McIntyrel, C.: Using Smart Instrumentation. Plant Engineering (2011)

    Google Scholar 

  18. Ricker, N.L.: Tennessee Eastman Challenge Archive, http://depts.washington.edu/control/LARRY/TE/download.html (retrieved: May 2013)

  19. Ricker, N.L.: Model predictive control of a continuous, nonlinear, two-phase reactor. Journal of Process Control 3(2), 109–123 (1993)

    Article  Google Scholar 

  20. Ricker, N.: Optimal steady-state operation of the Tennessee Eastman challenge process. Computers & Chemical Engineering 19(9), 949–959 (1995)

    Article  Google Scholar 

  21. Ricker, N., Lee, J.: Nonlinear model predictive control of the Tennessee Eastman challenge process. Computers & Chemical Engineering 19(9), 961–981 (1995)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Hamburg University of Technology, Hamburg, Germany

    Marina Krotofil

  2. University of Texas at Dallas, Richardson, TX, 75080, USA

    Alvaro A. Cárdenas

Authors
  1. Marina Krotofil
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Alvaro A. Cárdenas
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Applied Mathematics and Computer Science, DTU Compute, Technical University of Denmark, Richard Petersens Plades, Building 322, 2800, Lyngby, Denmark

    Hanne Riis Nielson

  2. Institut für Sicherheit in verteilten Anwendungen, Technische Universität Hamburg-Harburg, E-15, Harburger Schloßstraße 20, 21079, Hamburg, Germany

    Dieter Gollmann

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Krotofil, M., Cárdenas, A.A. (2013). Resilience of Process Control Systems to Cyber-Physical Attacks. In: Riis Nielson, H., Gollmann, D. (eds) Secure IT Systems. NordSec 2013. Lecture Notes in Computer Science, vol 8208. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-41488-6_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-41488-6_12

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-41487-9

  • Online ISBN: 978-3-642-41488-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation