Academia.eduAcademia.edu

Outline

Title
Abstract
Introduction
Chapter 2: Background
Chapter 6: Conclusions and Future Work
Background
Bad Data Detection
Limitations of Linear Policies
Experimental Setup
Experimental Results
Cost Impact of Stealthy Data Attacks
Data Corruption Attack
Contributions and Related Work
Reducing the Complexity of Distributed Fdi Method
Summary
Conclusions and Future Work
Conclusions
Future Work
References
All Topics
Engineering

Toward Secure and Reliable Networked Control Systems

Profile image of A. TeixeiraA. Teixeira

2011

Abstract

Akademisk avhandling som med tillstånd av Kungl Tekniska högskolan framlägges till offentlig granskning för avläggande av teknologie licentiatexamen i reglerteknik fredagen den 9 december 2011, klockan 09:00 i sal L1, Kungliga Tekniska högskolan, Drottning Kristinas väg 30, Stockholm.

Related papers

Software Enabled Security Architecture for Counteracting Attacks in Control Systems
Vijay Varadharajan

arXiv (Cornell University), 2020

Increasingly Industrial Control Systems (ICS) systems are being connected to the Internet to minimise the operational costs and provide additional flexibility. These control systems such as the ones used in power grids, manufacturing and utilities operate continually and have long lifespans measured in decades rather than years as in the case of IT systems. Such industrial control systems require uninterrupted and safe operation. However, they can be vulnerable to a variety of attacks, as successful attacks on critical control infrastructures could have devastating consequences to the safety of human lives as well as a nations security and prosperity. Furthermore, there can be a range of attacks that can target ICS and it is not easy to secure these systems against all known attacks let alone unknown ones. In this paper, we propose a software enabled security architecture using Software Defined Networking (SDN) and Network Function Virtualisation (NFV) that can enhance the capability to secure industrial control systems. We have designed such an SDN/NFV enabled security architecture and developed a Control System Security Application (CSSA) in SDN Controller for enhancing security in ICS against certain specific attacks namely denial of service attacks, from unpatched vulnerable control system components and securing the communication flows from the legacy devices that do not support any security functionality. In this paper, we discuss the prototype implementation of the proposed architecture and the results obtained from our analysis.

View PDFchevron_right
Maintaining Secure and Reliable Distributed Control Systems
Andrei Sleptchenko

We consider the role of security in the maintenance of an automated system, controlled by a network of sensors and simple computing devices. Such systems are widely used in transportation, utilities, healthcare, and manufacturing. Devices in the network are subject to traditional failures that can lead to a larger system failure if not repaired. However, the devices are also subject to security breaches that can also lead to catastrophic system failure. These security breaches could result from either cyber attacks (such as viruses, hackers, or terrorists) or physical tampering. We formulate a stochastic model of the system to examine the repair policies for both real and suspected failures. We develop a linear programming-based model for optimizing repair priorities. We show that, given the state of the system, the optimal repair policy follows a unique threshold indicator (either work on the real failures or the suspected ones). We examine the behavior of the optimal policy under different failure rates and threat levels. Finally, we examine the robustness of our model to violations in the underlying assumptions and find the model remains useful over a range of operating assumptions.

View PDFchevron_right
Cybersecurity through Real-Time Distributed Control Systems
Mohammed Olama

2010

View PDFchevron_right
Key establishment via common state information in networked control systems
Seddik Djouadi

Proceedings of the 2011 American Control Conference, 2011

Security is an important issue in networked control systems, but has not received sufficient attention. The fundamental step for realizing a security protocol for networked control systems is to establish a secret key between the sensor and controller. Traditional approaches for key establishment such as the Public Key Infrastructure (PKI) usually incur significant overhead. In this paper, the common information of the physical system state is exploited for the key establishment between the sensor and the controller. In this scheme, the controller takes an action that causes the system state to change, which can be observed by the sensor. The controller and the sensor will then exchange messages to find the common random bits in the predicted and observed system states, respectively. The secret key will be generated from the common bits. The theoretical bound for the rate of generating common bits is analyzed using information theoretic analysis. This key establishment scheme is implemented on a remote controlled inverted pendulum. Experiments show that the proposed algorithm can generate tens of common bits per second.

View PDFchevron_right
A Novel Method for Resilient Networked Industrial Control System Security
International Journal of Scientific Research in Science, Engineering and Technology IJSRSET

Current Industry processing is using the digital data which are coming from different geographical location and different environmental resources with the help of internet. Here no one can be trusted and it is possible more than a few kind threads come from different directions. Multidimensional approach to the network security is the only way able to crash these challenges. Diffusion methods or canned attacks which are recommended by the conventional network security system are outdated and impractical. It is essential to create a new resilient architecture that can survive the different types of attack and then need the speedy recovery if a breach does occur. Resilient Industrial networked control system is very important for every organization which is using a number of decisive infrastructures. Proposed method provide a framework of the control system application to build effective security mechanism that integrate all aspects of cyber security, incorporating desktop and business computing systems with industrial automation and control systems through a novel attack resilient algorithm. This paper to recommend the path to reduce the complexity of the control system and provide the safety mechanism for reliable system which is decreased the threads and increase the data integrity with privacy in all kind of organizational processing.

View PDFchevron_right
Integrated protection of industrial control systems from cyber-attacks: the ATENA approach
Ridha soua

International Journal of Critical Infrastructure Protection

Industrial and Automation Control systems traditionally achieved security thanks to the use of proprietary protocols and isolation from the telecommunication networks. Nowadays, the advent of the Industrial Internet of Things poses new security challenges. In this paper, we first highlight the main security challenges that advocate for new risk assessment and security strategies. To this end we propose a security framework and advanced tools to properly manage vulnerabilities, and to timely react to the threats. The proposed architecture fills the gap between computer science and control theoretic approaches. The physical layers connected to Industrial Control Systems are prone to disrupt when facing cyber-attacks. Considering the modules of the proposed architecture, we focus on the development of a practical framework to compare information about physical faults and cyber-attacks. This strat

View PDFchevron_right
Implementing a Secure Autonomous Bootstrap Mechanism for Control Networks
Hiroshi Esaki

IEICE Transactions on Information and Systems, 2006

There are many kinds of control networks, which have been used in various non-IP network areas, such as BA (Building Automation), FA (Factory Automation) and PA (Process Automation). They are now introducing IP and face the issues of security and configuration complexity. The authors have proposed a model which intends to solve these issues while satisfying restrictions, i.e. small embedded devices, isolated networks and private naming system/name space, which are required when introducing new functionality into existing control networks. Secure bootstrap sequence and device-to-device communication using the chain of trust are the points of the model. This paper shows the practicability of the model through implementing the model experimentally.

View PDFchevron_right
Secure Networked Control Systems under Denial of Service Attacks*
Guo-Ping Liu

IFAC Proceedings Volumes, 2011

This paper addresses the security issue of networked control systems (NCSs) under DoS attacks. According to the level of attacks, DoS attacks are classified into two types: weak attacks and strong attacks. A recursive networked predictive control (RNPC) method based on round-trip time delay is proposed to compensate for the adverse effects introduced by the weak DoS attacks as well as the network communication constraints, such as random delay, packet disorder and packet loss. A theoretical result using the switched system theory is also obtained for the closed-loop stability of the RNPC system. For the strong DoS attacks on the controller side, a multi-controller switching scheme is presented, in which each controller is designed based on the RNPC. The performance of the proposed strategies is demonstrated by practical experiments to control a DC motor speed through the Internet under DoS attacks.

View PDFchevron_right
Cyber-Defensive Architecture for Networked Industrial Control Systems
IJEACS UK

This paper deals with the inevitable consequence of the convenience and efficiency we benefit from the open, networked control system operation of safety-critical applications: vulnerability to such system from cyber-attacks. Even with numerous metrics and methods for intrusion detection and mitigation strategy, a complete detection and deterrence of internal code flaws and outside cyber-attacks has not been found and would not be found anytime soon. Considering the ever incompleteness of detection and prevention and the impact and consequence of malfunctions of the safety-critical operations caused by cyber incidents, this paper proposes a new computer control system architecture which assures resiliency even under compromised situations. The proposed architecture is centered on diversification of hardware systems and unidirectional communication from the proposed system in alerting suspicious activities to upper layers. This paper details the architectural structure of the proposed cyber defensive computer control system architecture for power substation applications and its validation in lab experimentation and on a cybersecurity testbed.

View PDFchevron_right
Inherent issues in networked control systems: a survey
Chaouki Abdallah

2004

Due to major advancements in the area of networking over the past decade, a new paradigm of control systems has emerged, namely networked control systems. Such systems differ from classical control systems in that their control loops are closed around communication networks. Thus, the need for new stability and performance guarantees arises. In this paper, we aim to shed some

View PDFchevron_right

References (80)

  1. A. Abur and A.G. Exposito. Power System State Estimation: Theory and Imple- mentation. Marcel-Dekker, 2004.
  2. M. Aldeen and F. Crusca. Observer-based fault detection and identification scheme for power systems. IEE Proceedings -Generation, Transmission and Distribution, 153(1):71-79, January 2006.
  3. S. Amin, A.A. Cárdenas, and S.S. Sastry. Safe and secure networked control systems under denial-of-service attacks. In Hybrid Systems: Computation and Control, pages 31-45. Lecture Notes in Computer Science. Springer Berlin / Heidelberg, April 2009.
  4. S. Amin, X. Litrico, S. S. Sastry, and A. M. Bayen. Stealthy deception attacks on water scada systems. In Proceedings of the 13th ACM international conference on Hybrid systems: computation and control, HSCC '10, pages 161-170, New York, NY, USA, 2010. ACM.
  5. P. M. Anderson and R. G. Farmer. Series compensation of power systems. PBLSH. Inc, California, USA, 1996.
  6. J. Baillieul and P. J. Antsaklis. Control and Communication Challenges in Net- worked Real-Time Systems. Proceedings of the IEEE, 95(1):9-28, January 2007. ISSN 0018-9219. doi: 10.1109/JPROC.2006.887290.
  7. N. Balu, T. Bertram, A. Bose, V. Brandwajn, G. Cauley, D. Curtice, A. Fouad, L. Fink, M.G. Lauby, B.F. Wollenberg, and J.N. Wrubel. On-line power system security analysis. Proceedings of the IEEE, 80(2):262-282, feb 1992.
  8. P. Barooah and J.P. Hespanha. Graph effective resistance and distributed control: Spectral properties and applications. In Decision and Control, 2006 45th IEEE Conference on, pages 3479-3485. IEEE, 2007.
  9. M. Basseville and I. V. Nikiforov. Detection of abrupt changes: theory and appli- cation. Prentice-Hall, Inc., Upper Saddle River, NJ, USA, 1993.
  10. M. Bishop. Computer Security: Art and Science. Addison-Wesley Professional, 2002.
  11. G. Björkman. The VIKING project-torwards more secure SCADA systems. In Preprints of the First Workshop on Secure Control Systems, CPSWEEK 2010, Stockholm, Sweden, April 2010.
  12. R. Bobba, K. M. Rogers, Q. Wang, H. Khurana, K. Nahrstedt, and T. Overbye. Detecting false data injection attacks on DC state estimation. In Preprints of the First Workshop on Secure Control Systems, CPSWEEK 2010, Stockholm, Sweden, April 2010.
  13. S. Boyd and L. Vandenberghe. Convex Optimization. Cambridge University Press, 2004.
  14. A. Cardenas, S. Amin, B. Sinopoli, A. Giani, A. Perrig, and S. Sastry. Challenges for securing cyber physical systems. In Workshop on Future Directions in Cyber- physical Systems Security. DHS, July 2009.
  15. A. Cárdenas, S. Amin, Z. Lin, Y. Huang, C. Huang, and S. Sastry. Attacks against process control systems: risk assessment, detection, and response. In Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, ASIACCS '11, pages 355-366, New York, NY, USA, 2011. ACM. ISBN 978-1-4503-0564-8.
  16. A. A. Cárdenas, S. Amin, and S. S. Sastry. Secure control: Towards sur- vivable cyber-physical systems. In First International Workshop on Cyber- Physical Systems (WCPS2008), pages 495-500, Beijing, China, June 2008a. URL http://www.truststc.org/pubs/345.html.
  17. A.A. Cárdenas, S. Amin, and S.S. Sastry. Research challenges for the security of control systems. In Proc. 3rd USENIX Workshop on Hot topics in security, July 2008b. CBSNews. Cyber war: Sabotaging the system. CBSNews, November 8th 2009.
  18. J. Chen and R. J. Patton. Robust Model-Based Fault Diagnosis for Dynamic Sys- tems. Kluwer Academic Publishers, 1999.
  19. J. Chen, R. J. Patton, and H. Zhang. Design of unknown input observers and robust fault detection filters. International Journal of Control, 63(1):85-105, 1996.
  20. Y. Chompoobutrgool, L. Vanfretti, and M. Ghandhari. Survey on power system stabilizers control and their prospective applications for power system damping using synchrophasor-based wide-area systems. European Transactions on Elec- trical Power, 2011.
  21. E. Chow and A. Willsky. Analytical redundancy and the design of robust failure detection systems. Automatic Control, IEEE Transactions on, 29(7):603-614, jul 1984.
  22. W. H. Chung, J. L. Speyer, and R. H. Chen. A decentralized fault detection filter. Journal of Dynamic Systems, Measurement, and Control, 123(2):237-247, 2001.
  23. W.H. Chung and J.L. Speyer. A game theoretic fault detection filter. Automatic Control, IEEE Transactions on, 43(2):143-161, feb 1998.
  24. G. Dán and H. Sandberg. Stealth attacks and protection schemes for state estima- tors in power systems. In Proc. of IEEE SmartGridComm, October 2010.
  25. M. A. Demetriou. Using unknown input observers for robust adaptive fault detec- tion in vector second-order systems. Mechanical systems and signal processing, 19(2):291-309, 2005. ISSN 0888-3270.
  26. S. X. Ding. Model-based Fault Diagnosis Techniques: Design Schemes. Springer Verlag, 2008.
  27. S. X. Ding, P. Zhang, Ch. Chihaia, W. Li, Y. Wang, and E. L. Ding. Advanced design scheme for fault tolerant distributed networked control systems. In Pro- ceedings of the 17th IFAC World Congress, pages 13569 -13574, Seoul, Korea, July 2008.
  28. R.K. Douglas and J.l. Speyer. Robust fault detection filter design. In American Control Conference, 1995. Proceedings of the, volume 1, pages 91-96, jun 1995.
  29. P. Esfahani, M. Vrakopoulou, K. Margellos, J. Lygeros, and G. Andersson. Cyber attack in a two-area power system: Impact identification using reachability. In American Control Conference, 2010, pages 962-967, jul 2010.
  30. N. Falliere, L. Murchu, and E. Chien. W32.Stuxnet dossier, February 2011. FERC. Final report on price manipulation in western markets, March 2003. Avail- able at: http://www.ferc.gov/industries/electric/indus-act/wec.asp.
  31. P. M. Frank and X. Ding. Survey of robust residual generation and evaluation methods in observer-based fault detection systems. Journal of process control, 7 (6):403-424, 1997.
  32. A. Galántai. Subspaces, angles and pairs of orthogonal projections. Linear and Multilinear Algebra, 56(3):227-260, June 2006.
  33. A. Giani, S. Sastry, K. H. Johansson, and H. Sandberg. The VIKING project: an initiative on resilient control of power networks. In Proc. 2nd Int. Symp. on Resilient Control Systems, pages 31-35, Idaho Falls, ID, USA, August 2009.
  34. A. Giani, E. Bitar, M. McQueen, P. Khargonekar, K. Poolla, and M. Garcia. Smart grid data integrity attacks: Characterizations and countermeasures. In Proceed- ings of the IEEE SmartGridComm, October 2011. To appear.
  35. S. Gorman. Electricity grid in U.S. penetrated by spies. The Wall Street Journal, page A1, April 8th 2009.
  36. F. Grandoni. A note on the complexity of minimum dominat- ing set. J. Discrete Algorithms, 4(2):209-214, July 2006. URL http://dblp.uni-trier.de/db/journals/jda/jda4.html#Grandoni06.
  37. R. B. L. Guedes, F. Silva, L. F. C. Alberto, and N. G. Bretas. Large disturbance voltage stability assessment using extended Lyapunov function and considering voltage dependent active loads. In Power Engineering Society General Meeting, 2005. IEEE, pages 1760-1767. IEEE, 2005.
  38. A. Gupta, C. Langbort, and T. Başar. Optimal control in the presence of an intelligent jammer with limited actions. In Decision and Control (CDC), 2010 49th IEEE Conference on, pages 1096-1101, dec 2010.
  39. J.P. Hespanha, P. Naghshtabrizi, and Yonggang Xu. A survey of recent results in networked control systems. Proceedings of the IEEE, 95(1):138-162, jan 2007.
  40. I. Hwang, S. Kim, Y. Kim, and C. E. Seah. A survey of fault detection, isolation, and reconfiguration methods. Control Systems Technology, IEEE Transactions on, 18(3):636-653, may 2010.
  41. R. Isermann. Model-based fault detection and diagnosis: status and applications. In Proceedings of the 16th IFAC Symposium on Automatic Control in Aerospace, pages 71-85, St. Petersburg, Russia, June 2004.
  42. L. Jia, R. J. Thomas, and L. Tong. Malicious data attack on real-time electricity market. In Proc. of IEEE ICASSP, May 2011.
  43. O. Kosut, L. Jia, R. Thomas, and L. Tong. Malicious data attacks on smart grid state estimation: Attack strategies and countermeasures. In Proc. of IEEE SmartGridComm, October 2010.
  44. P. Kundur. Power System Stability and Control. McGraw-Hill Professional, 1994.
  45. Wen-Hsiung E. Liu, Felix F. Wu, and Shau-Ming Lun. Estimation of parameter errors from measurement residuals in state estimation. IEEE Transactions on Power Systems, (1), February 1992.
  46. Y. Liu, M. K. Reiter, and P. Ning. False data injection attacks against state estimation in electric power grids. In Proc. 16th ACM Conf. on Computer and Communications Security, pages 21-32, New York, NY, USA, 2009.
  47. J. Machowski, J. W. Bialek, and J. R. Bumby. Power System Dynamics: Stability and Control. John Wiley & Sons, 2008.
  48. J. Meserve. Sources: Staged cyber attack reveals vul- nerability in power grid. CNN, 2007. Available at http://edition.cnn.com/2007/US/09/26/power.at.risk/index.html.
  49. L. Mili, Th. Van Cutsem, and M. Ribbens-Pavella. Bad data identification methods in power system state estimation -a comparative study. In IEEE Trans. Power App. Syst., November 1985.
  50. Y. Mo and B. Sinopoli. Secure control against replay attack. In Communication, Control, and Computing, 2009. Allerton 2009. 47th Annual Allerton Conference on, pages 911-918, October 2009.
  51. A. Monticelli. State Estimation in Electric Power Systems: A Generalized Ap- proach. Kluwer Academic Publishers, 1999.
  52. R. J. Muirhead. Aspects of Multivariate Statistical Theory. John Wiley & Sons, 1982.
  53. F. Pasqualetti, A. Bicchi, and F. Bullo. Consensus computation in unreliable net- works: A system theoretic approach. IEEE Transactions on Automatic Control, 2010. Submitted, available online at http://www.fabiopas.it/papers/FP-AB-FB- 10a.pdf.
  54. F. Pasqualetti, A. Bicchi, and F. Bullo. Consensus computation in unreliable net- works: A system theoretic approach. Automatic Control, IEEE Transactions on, PP(99):1, 2011.
  55. R. J. Patton and J. Chen. Observer-based fault detection and isolation: robustness and applications. Control Engineering Practice, 5(5):671-682, 1997.
  56. A.G. Phadke and R.M. de Moraes. The wide world of wide-area measurement. Power and Energy Magazine, IEEE, 6(5):52 -65, sep-oct 2008. ISSN 1540-7977.
  57. T. Rid. Cyber war will not take place. Journal of Strategic Studies, 2011. doi: 10.1080/01402390.2011.608939.
  58. C.G. Rieger. Notional examples and benchmark aspects of a resilient control system. In Resilient Control Systems (ISRCS), 3rd International Symposium on, pages 64-71, aug 2010. doi: 10.1109/ISRCS.2010.5603123.
  59. T. Samad and A.M. Annaswamy, editors. The Impact of Control Technology. IEEE Control Systems Society, 2011. Available at http://www.ieeecss.org/general/impact-control-technology.
  60. T. Samad, P. McLaughlin, and J. Lu. System architecture for process automation: Review and trends. Journal of Process Control, 17(3):191-201, 2007. Special Issue ADCHEM 2006 Symposium.
  61. H. Sandberg, A. Teixeira, and K. H. Johansson. On security indices for state estimators in power networks. In Preprints of the First Workshop on Secure Control Systems, CPSWEEK 2010, Stockholm, Sweden, April 2010.
  62. E. Scholtz and B.C. Lesieutre. Graphical observer design suitable for large-scale DAE power systems. In Proceedings of the 47th IEEE Conference on Decision and Control, pages 2955-2960, Cancun, December 2008.
  63. F. C. Schweppe and J. Wildes. Power system static-state estimation, part I: Exact model. IEEE Transactions on Power Apparatus and Systems, 89(1):120-125, January 1970.
  64. M. Shahidehpour, F. Tinney, and Y. Fu. Impact of security on power systems operation. Proceedings of the IEEE, 93(11):2013-2025, nov 2005a.
  65. M. Shahidehpour, W. F. Tinney, and Y. Fu. Impact of security on power systems operation. Proceedings of the IEEE, 93(11):2013-2025, November 2005b.
  66. I. Shames, A. Teixeira, H. Sandberg, and K. H. Johansson. Distributed fault de- tection and isolation with imprecise network models. In American Control Con- ference, 2012. Submitted.
  67. D. D. Siljak. Decentralized control of complex systems. Academic Press, 1991.
  68. R. Smith. A decoupled feedback structure for covertly appropriating networked control systems. In Proceedings of the 18th IFAC World Congress, Milano, Italy, August-September 2011.
  69. K. C. Sou, H. Sandberg, and K. H. Johansson. Electric power network security analysis via minimum cut relaxation. In Proceedings of the 50th IEEE Conference on Decision and Control, December 2011. To appear.
  70. S. Sundaram and C.N. Hadjicostis. Distributed function calculation via linear it- erative strategies in the presence of malicious agents. Automatic Control, IEEE Transactions on, 56(7):1495-1508, july 2011.
  71. S. Sundaram, M. Pajic, C.N. Hadjicostis, R. Mangharam, and G.J. Pappas. The wireless control network: Monitoring for malicious behavior. In Decision and Control (CDC), 2010 49th IEEE Conference on, pages 5979-5984, dec 2010. SvK. Map of sweden's national grid.
  72. Symantec. W32.Duqu: The precursor to the next stuxnet, November 2011.
  73. U.S.-Canada PSOTF. Final report on the August 14th blackout in the United States and Canada. Technical report, U.S.-Canada Power System Outage Task Force, April 2004.
  74. F. F. Wu. Power system state estimation: a survey. Int. J. Elec. Power and Energy Systems, April 1990.
  75. F. F. Wu and W.E. Liu. Detection of topology errors by state estimation. IEEE Trans. Power Syst., (1), February 1989.
  76. F.F. Wu, K. Moslehi, and A. Bose. Power system control centers: Past, present, and future. Proceedings of the IEEE, 93(11):1890-1908, nov 2005. ISSN 0018-9219.
  77. L. Xie, Y. Mo, and B. Sinopoli. False data injection attacks in electricity markets. In First IEEE International Conference on Smart Grid Communications, October 2010.
  78. Y. Yuan, Z. Li, and K. Ren. Modeling load redistribution attacks in power systems. IEEE Transactions on Smart Grid, 2(2):382-390, June 2011.
  79. W. Zhang, Q. Yang, and Y. Geng. A survey of anomaly detection methods in networks. In International Symposium on Computer Network and Multimedia Technology, 2009.
  80. R. D. Zimmerman, C. E. Murillo-Sánchez, and R. J. Thomas. MATPOWER's extensible optimal power flow architecture. In Power and Energy Society General Meeting, pages 1-7. IEEE, July 2009.

Related papers

Secure Control of Networked Control Systems and Its Applications
Hosaini hosaini

2021

The use of general descriptive names, registered names, trademarks, service marks, etc. in this publication does not imply, even in the absence of a specific statement, that such names are exempt from the relevant protective laws and regulations and therefore free for general use.

View PDFchevron_right
Attack models and scenarios for networked control systems
daniel perez

HiCoNS'12 - Proceedings of the 1st ACM International Conference on High Confidence Networked Systems, 2012

Cyber-secure networked control is modeled, analyzed, and experimentally illustrated in this paper. An attack space defined by the adversary's system knowledge, disclosure, and disruption resources is introduced. Adversaries constrained by these resources are modeled for a networked control system architecture. It is shown that attack scenarios corresponding to replay, zero dynamics, and bias injection attacks can be analyzed using this framework. An experimental setup based on a quadruple-tank process controlled over a wireless network is used to illustrate the attack scenarios, their consequences, and potential counter-measures.

View PDFchevron_right
Cybersecurity Challenges in Distributed Control
Amimul Ehsan

2021

Cyber-physical systems are becoming core of the most modern systems consisting control, data sharing and realtime monitoring. While centralized control technique has been implemented in the past, recent innovation in distributed control schemes makes it attractive due to various reasons. One of them is the use of state-of-the-art communication protocols that makes the system more robust toward extreme conditions and ensures observability. Thus, as an application of cyber-physical systems, distributed control architectures are prone to various cyber-vulnerability which makes cybersecurity research critical in this application domain. This paper reviews recent researches of distributed control architectures, their cyber-vulnerabilities, and reported mitigation schemes. Finally, some research needs are addressed.

View PDFchevron_right
Security Against Network Attacks in Supervisory Control Systems
Publio Macedo Lima

IFAC-PapersOnLine, 2017

Cyber-physical systems (CPSs) integrate computing and communication capabilities to monitor and control physical processes. In order to do so, communication networks are commonly used to connect sensors, actuators, and controllers to monitor and control physical systems. The use of communication networks increases the vulnerability of the CPS to cyber attacks that can drive the system to unsafe states. One of the most powerful cyber attacks is the so-called man-in-the-middle attack, where the intruder can observe, hide, create or replace information in the attacked network channel. We propose in this paper a defense strategy that detects intrusions and prevent damages caused by man-in-the-middle attacks in the sensor and/or control communication channels in supervisory control systems. We also introduce the definition of NA-Safe controllability, and we propose an algorithm to verify this property.

View PDFchevron_right
Safe and secure wireless networked control systems
Hazem Ibrahim

2012 IEEE International Conference on Control Applications, 2012

Wireless technology has gained much interest in industrial automation due to its flexibility, mobility, ease of installation, and lower cost. Wireless systems, in general, require additional and different engineering and maintenance tasks, for example cryptographic key management for security. The pace of application in process control has been impeded, however, by concern about the risks involved in incorporating wireless paths in feedback loops and making the accommodations necessary for reliable control. The issue is that there are conflicts between maintaining control loop performance and the usual objectives in managing a wireless sensor network.

View PDFchevron_right

Related topics

  • Engineering
  • Computer Science
  • Computer Security
    • 580 California St., Suite 400
    San Francisco, CA, 94104
    © 2025 Academia. All rights reserved