Timing of Cyber-Physical Attacks on Process Control Systems

  • Marina Krotofil
  • Alvaro Cardenas
  • Kishore Angrishi
Conference paper
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 441)


This paper introduces a new problem formulation for assessing the vulnerabilities of process control systems. In particular, it considers an adversary who has compromised sensor signals and has to decide on the best time to launch an attack. The task of selecting the best time to attack is formulated as an optimal stopping problem that the adversary has to solve in real time. The theory underlying the best choice problem is used to identify an optimal stopping criterion, and a low-pass filter is subsequently used to identify when the time series of a process variable has reached the state desired by the attacker (i.e., its peak). The complexities associated with the problem are also discussed, along with directions for future research.


Cyber-physical attacks optimal stopping secretary problem 


  1. 1.
    J. Downs and E. Vogel, A plant-wide industrial process control problem, Computers and Chemical Engineering, vol. 17(3), pp. 245–255, 1993.CrossRefGoogle Scholar
  2. 2.
    P. Freeman, The secretary problem and its extensions: A review, Revue Internationale de Statistique, vol. 51(2), pp. 189–206, 1983.MathSciNetzbMATHGoogle Scholar
  3. 3.
    J. Gilbert and F. Mosteller, Recognizing the maximum of a sequence, Journal of the American Statistical Association, vol. 61(313), pp. 35–73, 1966.MathSciNetCrossRefGoogle Scholar
  4. 4.
    Y. Huang, A. Cardenas, S. Amin, Z. Lin, H. Tsai and S. Sastry, Understanding the physical and economic consequences of attacks on control systems, International Journal of Critical Infrastructure Protection, vol. 2(3), pp. 73–83, 2009.CrossRefGoogle Scholar
  5. 5.
    M. Krotofil and A. Cardenas, Resilience of process control systems to cyber-physical attacks, Proceedings of the Eighteenth Nordic Conference on Secure IT Systems, pp. 166–182, 2013.CrossRefGoogle Scholar
  6. 6.
    R. Langner, To Kill a Centrifuge: A Technical Analysis of What Stuxnet’s Creators Tried to Achieve, The Langner Group, Arlington, Virginia, 2013.Google Scholar
  7. 7.
    M. Mahdian, R. McAfee and D. Pennock, The secretary problem with a hazard rate condition, Proceedings of the Fourth International Workshop on Internet and Network Economics, pp. 708–715, 2008.CrossRefGoogle Scholar
  8. 8.
    C. McIntyre, Using smart instrumentation, Control Engineering (, April 8, 2011.
  9. 9.
    N. Ricker, Tennessee Eastman Challenge Archive, Department of Chemical Engineering, University of Washington, Seattle, Washington (, 2014Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2014

Authors and Affiliations

  • Marina Krotofil
    • 1
  • Alvaro Cardenas
    • 2
  • Kishore Angrishi
    • 3
  1. 1.Institute for Security in Distributed ApplicationsHamburg University of TechnologyHamburgGermany
  2. 2.University of Texas at DallasRichardsonUSA
  3. 3.T-Systems InternationalHamburgGermany

Personalised recommendations