Event-Triggered Watermarking Control to Handle Cyber-Physical Integrity Attacks
The use of control-theoretic solutions to detect attacks against cyber-physical systems is a growing area of research. Traditional literature proposes the use of control strategies to retain, f.i., satisfactory closed-loop performance, as well as safety properties, when a communication network connects the distributed components of a physical system (e.g., sensors, actuators, and controllers). However, the adaptation of these strategies to handle security incidents, is an ongoing challenge. In this paper, we analyze the use of a watermark-based detector that handles integrity attacks. We show that (1) the detector is able to work properly under the presence of adversaries using non-parametric methods to escape detection; but (2) it fails at detecting adversaries using parametric identification methods to escape detection. We propose a new strategy that complements the watermark-based detector in order to detect both adversaries. We validate the detection efficiency of the new strategy via numeric simulations.
KeywordsCyber-physical security Critical infrastructures Attack detection Adversary model Networked Control System
The authors acknowledge support from the Cyber CNI Chair of Institut Mines-Télécom. The chair is held by Télécom Bretagne and supported by Airbus Defence and Space, Amossys, EDF, Orange, La Poste, Nokia, Société Générale and the Regional Council of Brittany. It has been acknowledged by the Center of excellence in Cybersecurity.
- 1.Arvani, A., Rao, V.S.: Detection and protection against intrusions on smart grid systems. Int. J. Cyber Secur. Digit. Forensics 3, 38 (2014)Google Scholar
- 2.Barenthin Syberg, M.: Complexity issues, validation and input design for control in system identification (2008)Google Scholar
- 4.Corman, D., Pillitteri, V., Tousley, S., Tehranipoor, U.: Lindqvist: NITRD cyber-physical security panel. In: 35th Symposium on Security and Privacy (2014)Google Scholar
- 5.Do, V.L., Fillatre, L., Nikiforov, I.: A statistical method for detecting cyber/physical attacks on scada systems. In: Proceedings of IEEE Control Applications (2014)Google Scholar
- 6.Falliere, N., Murchu, L.O., Chien, E.: W32. stuxnet dossier. White paper, Symantec Corp., Security Response, 5 (2011)Google Scholar
- 12.Mo, Y., Garone, E., Casavola, A., Sinopoli, B.: False data injection attacks against state estimation in wireless sensor networks. In: 2010 49th IEEE Conference on Decision and Control (CDC), pp. 5967–5972. IEEE (2010)Google Scholar
- 15.Pasqualetti, F., Dorfler, F., Bullo, F.: Cyber-physical security via geometric control: distributed monitoring and malicious attacks. In: 2012 IEEE 51st Annual Conference on Decision and Control, pp. 3418–3425. IEEE (2012)Google Scholar
- 16.Rubio-Hernan, J., De Cicco, L., Garcia-Alfaro, J.: Revisiting a watermark-based detection scheme to handle cyber-physical attacks. In: 11th International Conference on Availability, Reliability and Security, Salzburg, Austria. IEEE (2016)Google Scholar
- 20.Tripathi, S., Ikbal, M.A.: Step size optimization of lms algorithm using aunt colony optimization and its comparison with particle swarm optimization algorithm in system identification (2015)Google Scholar
- 21.Weerakkody, S., Mo, Y., Sinopoli, B.: Detecting integrity attacks on control systems using robust physical watermarking. In: Proceedings of Decision and Control (2014)Google Scholar