Quantifying Cyber-Security for Networked Control Systems

Part of the Lecture Notes in Control and Information Sciences book series (LNCIS, volume 449)


In this paper we consider a typical architecture for a networked control system under false-data injection attacks. Under a previously proposed adversary modeling framework, various formulations for quantifying cyber-security of control systems are proposed and formulated as constrained optimization problems. These formulations capture trade-offs in terms of attack impact on the control performance, attack detectability, and adversarial resources. The formulations are then discussed and related to system theoretic concepts, followed by numerical examples illustrating the various trade-offs for a quadruple-tank process.


Security Networked Control Systems Impact Analysis 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Boyd, S., Vandenberghe, L.: Convex Optimization. Cambridge University Press (2004)Google Scholar
  2. 2.
    Cárdenas, A., Amin, S., Lin, Z., Huang, Y., Huang, C., Sastry, S.: Attacks against process control systems: risk assessment, detection, and response. In: Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2011, pp. 355–366. ACM, New York (2011)Google Scholar
  3. 3.
    Ding, S.X.: Model-based Fault Diagnosis Techniques: Design Schemes. Springer (2008)Google Scholar
  4. 4.
    Esfahani, P., Vrakopoulou, M., Margellos, K., Lygeros, J., Andersson, G.: Cyber attack in a two-area power system: Impact identification using reachability. In: American Control Conference, pp. 962–967 (July 2010)Google Scholar
  5. 5.
    Fawzi, H., Tabuada, P., Diggavi, S.: Security for control systems under sensor and actuator attacks. In: Proceedings of the 51st IEEE Conference on Decision and Control, Maui, Hawaii, USA (December 2012)Google Scholar
  6. 6.
    Hwang, I., Kim, S., Kim, Y., Seah, C.E.: A survey of fault detection, isolation, and reconfiguration methods. IEEE Transactions on Control Systems Technology 18(3), 636–653 (2010)CrossRefGoogle Scholar
  7. 7.
    Johansson, K.: The quadruple-tank process: a multivariable laboratory process with an adjustable zero. IEEE Transactions on Control Systems Technology 8(3), 456–465 (2000)MathSciNetCrossRefGoogle Scholar
  8. 8.
    Liu, J., Ye, J.: Efficient L1/Lq Norm Regularization. ArXiv e-prints (September 2010)Google Scholar
  9. 9.
    Marler, R.T., Arora, J.S.: Survey of multi-objective optimization methods for engineering. Structural and Multidisciplinary Optimization 26(6), 369–395 (2004)MathSciNetzbMATHCrossRefGoogle Scholar
  10. 10.
    Meserve, J.: Sources: Staged cyber attack reveals vulnerability in power grid. CNN (2007),
  11. 11.
    Pasqualetti, F., Dorfler, F., Bullo, F.: Cyber-physical attacks in power networks: Models, fundamental limitations and monitor design. In: Proc. of the 50th IEEE Conf. on Decision and Control and European Control Conference, Orlando, FL, USA (December 2011)Google Scholar
  12. 12.
    Rid, T.: Cyber war will not take place. Journal of Strategic Studies 35(1), 5–32 (2011)CrossRefGoogle Scholar
  13. 13.
    Sandberg, H., Teixeira, A., Johansson, K.H.: On security indices for state estimators in power networks. In: Preprints of the First Workshop on Secure Control Systems, CPSWEEK 2010, Stockholm, Sweden (April 2010)Google Scholar
  14. 14.
    Smith, R.: A decoupled feedback structure for covertly appropriating networked control systems. In: Proc. of the 18th IFAC World Congress, Milano, Italy (August-September 2011)Google Scholar
  15. 15.
    Sundaram, S., Hadjicostis, C.: Distributed function calculation via linear iterative strategies in the presence of malicious agents. IEEE Transactions on Automatic Control 56(7), 1495–1508 (2011)MathSciNetCrossRefGoogle Scholar
  16. 16.
    Symantec: Stuxnet introduces the first known rootkit for industrial control systems. Symantec (August 6, 2010),
  17. 17.
    Teixeira, A., Shames, I., Sandberg, H., Johansson, K.H.: A Secure Control Framework for Resource-Limited Adversaries. Submitted to Automatica (December 2012) ArXiv e-printsGoogle Scholar
  18. 18.
    Tokarzewski, J.: Finite zeros in discrete time control systems. LNCIS, vol. 338. Springer, Heidelberg (2006)zbMATHGoogle Scholar
  19. 19.
    U.S.-Canada PSOTF: Final report on the August 14th blackout in the United States and Canada. Tech. rep., U.S.-Canada Power System Outage Task Force (April 2004)Google Scholar
  20. 20.
    Zhou, K., Doyle, J.C., Glover, K.: Robust and Optimal Control. Prentice-Hall, Inc., Upper Saddle River (1996)zbMATHGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2013

Authors and Affiliations

  1. 1.ACCESS Linnaeus Centre and Automatic Control LabKTH Royal Institute of TechnologyStockholmSweden
  2. 2.Mathematical SciencesChalmers University of Technology and University of GothenburgGothenburgSweden

Personalised recommendations