A brief review on attack design and detection strategies for networked cyber-physical systems

Abstract

Networked cyber-physical systems (NCPSs) can be found in various fields such as industrial process, robotics, smart buildings, energy, healthcare systems, transportation, and surveillance. Recently accomplished real-time attacks indicate security vulnerabilities that weaken the reliability of NCPSs. Research areas on the security of NCPSs can be categorized into two groups: from the perspective of information security, from the perspective of control theory. In this paper, first possible attack locations on the control scheme of a NCPS which can be divided into three different groups namely sensor side, actuator side, and state estimator side are discussed and then a brief survey containing some recent studies on security strategies for NCPSs from the perspective of control theory is presented. After that attack detection strategies for a NCPS are briefly introduced and a general architecture utilized for attack detection on a NCPS is presented. In addition, some of recent studies on attack detection strategies for NCPSs from the perspective of control theory are discussed.

Keywords

• Networked Cyber-Physical System
• Cyber-security
• Attack Design
• Attack Detection
• Control-theoretic
• CPS

References

1. Amin S, Cárdenas A A & Sastry S S (2009). Safe and secure networked control systems under denial-of-service attacks. In International Workshop on Hybrid Systems: Computation and Control. Springer, Berlin, Heidelberg, 5469, 31-45. ISBN 978-3-642-00602-9
2. Ayas M S & Djouadi S M (2016). Undetectable sensor and actuator attacks for observer based controlled Cyber-Physical Systems. IEEE Symposium Series on Computational Intelligence, 1-7. DOI: 10.1109/SSCI.2016.7849882
3. Barthels A, Ruf F, Walla G, Fröschl J, Michel H U & Baumgarten U (2011). A model for sequence based power management in cyber physical systems. In International Conference on Information and Communication on Technology. Springer, Berlin, Heidelberg, 87-101. ISBN 978-3-642-23447-7
4. Cárdenas A A, Amin S & Sastry S (2008). Secure control: Towards survivable cyber-physical systems. The 28th International Conference on Distributed Computing Systems Workshops, Beijing, China, 495-500. DOI: 10.1109/ICDCS. Workshops.2008.40
5. Chen J, Tan R, Xing G, Wang X & Fu X (2012). Fidelity-aware utilization control for cyber-physical surveillance systems. IEEE Transactions on Parallel and Distributed Systems, 23(9), 1739-1751. DOI: 10.1109/TPDS.2012.74
6. Conti J P (2010). The day the samba stopped [power blackouts]. Engineering & Technology, 5(4), 46-47. DOI: 10.1049/et.2010.0410
7. Deng R, Xiao G & Lu R (2017). Defending against false data injection attacks on power system state estimation. IEEE Transactions on Industrial Informatics, 13(1), 198-207. DOI: 10.1109/TII.2015.2470218
8. Djouadi S M, Melin A M, Ferragut E M, Laska J A & Dong J (2014). Finite energy and bounded attacks on control system sensor signals. 2014 American Control Conference, Portland, Oregon, USA, 1716-1722. DOI: 10.1109/ACC.2014.6859001

9. Djouadi S M, Melin A M, Ferragut E M, Laska J A, Dong J & Drira A (2015). Finite energy and bounded actuator attacks on cyber-physical systems. 2015 European Control Conference (ECC), Linz, Austria, 3659-3664. DOI: 10.1109/ECC.2015.7331099
10. Feng C, Li T, Zhu Z & Chana D (2017). A deep learning-based framework for conducting stealthy attacks in industrial control systems. arXiv preprint arXiv:1709.06397. Available online: https://arxiv.org/abs/1709.06397
11. Hao J, Piechocki R J, Kaleshi D, Chin W H & Fan Z (2015). Sparse malicious false data injection attacks and defense mechanisms in smart grids. IEEE Transactions on Industrial Informatics, 11(5), 1-12. DOI: 10.1109/TII.2015.2475695
12. Hu Y, Li H, Yang H, Sun Y, Sun L & Wang Z (2019). Detecting stealthy attacks against industrial control systems based on residual skewness analysis. EURASIP Journal on Wireless Communications and Networking, 74. DOI: 10.1186/s13638-019-1389-1
13. Karnouskos S (2011). Stuxnet worm impact on industrial cyber-physical system security. IECON 2011-37th Annual Conference of the IEEE Industrial Electronics Society, Melbourne, VIC, Australia, 4490-4494. DOI: 10.1109/IECON.2011.6120048
14. Kleissl J & Agarwal Y (2010). Cyber-physical energy systems: Focus on smart buildings. Design Automation Conference, Anaheim, CA, USA, 749-754. DOI: 10.1145/1837274.1837464
15. Kuvshinkova S (2003). SQL Slammer worm lessons learned for consideration by the electricity sector. North American Electric Reliability Council, 1(2), 5.
16. Lau J K S, Tham C K & Luo T (2011). Participatory cyber physical system in public transport application. 2011 Fourth IEEE International Conference on Utility and Cloud Computing, Victoria, NSW, Australia, 355-360. DOI: 10.1109/UCC.2011.59
17. Lee I & Sokolsky O (2010). Medical cyber physical systems. Design automation conference, Anaheim, CA, USA, 743-748.
18. Li G, Shen Y, Zhao P, Lu X, Liu J, Liu Y & Hoi S C H (2019). Detecting cyberattacks in industrial control systems using online learning algorithms. Neurocomputing, 364, 338-348. DOI: 10.1016/j.neucom.2019.07.031
19. Liu L, Esmalifalak M, Ding Q, Emesih V A & Han Z (2014). Detecting false data injection attacks on power grid by sparse optimization. IEEE Transactions on Smart Grid, 5(2), 612-621. DOI: 10.1109/TSG.2013.2284438
20. Liu Y, Ning P & Reiter M K (2011). False data injection attacks against state estimation in electric power grids. ACM Transactions on Information and System Security (TISSEC), 14(1), 13. DOI: 10.1145/1952982.1952995
21. Lu A Y & Yang G H (2020). False data injection attacks against state estimation in the presence of sensor failures. Information Sciences, 508, 92-104. DOI: 10.1016/j.ins.2019.08.052
22. Luo X, Wang X, Zhang M & Guan X (2019). Distributed detection and isolation of bias injection attack in smart energy grid via interval observer. Applied Energy, 256, 113703. DOI: 10.1016/j.apenergy.2019.113703
23. Manandhar K, Cao X, Hu F & Liu Y (2014). Detection of faults and attacks including false data injection attack in smart grid using Kalman filter. IEEE transactions on control of network systems, 1(4), 370-379. DOI: 10.1109/TCNS.2014.2357531
24. Meng W, Liu Q, Xu W & Zhou Z (2011, September). A cyber-physical system for public environment perception and emergency handling. IEEE International Conference on High Performance Computing and Communications, Banff, AB, Canada, 734-738. DOI: 10.1109/HPCC.2011.104
25. Mo Y, Chabukswar R & Sinopoli B (2014). Detecting integrity attacks on SCADA systems. IEEE Transactions on Control Systems Technology, 22(4), 1396-1407. DOI: 10.1109/TCST.2013.2280899
26. Mo Y, Garone E, Casavola A & Sinopoli B (2010). False data injection attacks against state estimation in wireless sensor networks. 49th IEEE Conference on Decision and Control (CDC), Atlanta, GA, USA, 5967-5972. DOI: 10.1109/CDC.2010.5718158
27. Pasqualetti F, Dörfler F & Bullo F (2013). Attack detection and identification in cyber-physical systems. IEEE transactions on automatic control, 58(11), 2715-2729. DOI: 10.1109/TAC.2013.2266831
28. Pasqualetti F, Dorfler F & Bullo F (2015). Control-theoretic methods for cyberphysical security: Geometric principles for optimal cross-layer resilient control systems. IEEE Control Systems Magazine, 35(1), 110-127. DOI: 10.1109/MCS.2014.2364725
29. Rawat D B & Bajracharya C (2015). Detection of false data injection attacks in smart grid communication systems. IEEE Signal Processing Letters, 22(10), 1652-1656. DOI: 10.1109/LSP.2015.2421935
30. Sandberg H, Amin S & Johansson K H (2015). Cyberphysical security in networked control systems: An introduction to the issue. IEEE Control Systems Magazine, 35(1), 20-23. DOI: 10.1109/MCS.2014.2364708
31. Slay J & Miller M (2007). Lessons learned from the maroochy water breach. International Conference on Critical Infrastructure Protection, Springer, Boston, MA, 73-82.
32. Song H, Shi P, Lim C C, Zhang W A & Yu L (2019). Attack and estimator design for multi-sensor systems with undetectable adversary. Automatica, 109, 108545. DOI: 10.1016/j.automatica.2019.108545
33. Teixeira A, Amin S, Sandberg H, Johansson K H & Sastry S S (2010). Cyber security analysis of state estimators in electric power systems. 49th IEEE conference on decision and control (CDC), Atlanta, GA, USA, 5991-5998. DOI: 10.1109/CDC.2010.5717318
34. Teixeira A, Shames I, Sandberg H & Johansson K H (2015). A secure control framework for resource-limited adversaries. Automatica, 51, 135-148. DOI: 10.1016/j.automatica.2014.10.067
35. Wang Y, Vuran M C & Goddard S (2008). Cyber-physical systems in industrial process control. ACM Sigbed Review, 5(1), 12. DOI: 10.1145/1366283.1366295
36. Wu G, Sun J & Chen J (2018). Optimal data injection attacks in cyber-physical systems. IEEE transactions on cybernetics, 48(12), 3302-3312. DOI: 10.1109/TCYB.2018.2846365