Evaluating Cascading Impact of Attacks on Resilience of Industrial Control Systems: A Design-Centric Modeling Approach

A design-centric modeling approach was proposed to model the behaviour of the physical processes controlled by Industrial Control Systems (ICS) and study the cascading impact of data-oriented attacks. A threat model was used as input to guide the construction of the CPS model where control components which are within the adversary's intent and capabilities are extracted. The relevant control components are subsequently modeled together with their control dependencies and operational design specifications. The approach was demonstrated and validated on a water treatment testbed. Attacks were simulated on the testbed model where its resilience to attacks was evaluated using proposed metrics such as Impact Ratio and Time-to-Critical-State. From the analysis of the attacks, design strengths and weaknesses were identified and design improvements were recommended to increase the testbed's resilience to attacks

Towards Resilient Cyber-Physical Energy Systems

In this paper, we develop a system-of-systems framework to address cyber-physical resilience, the ability to withstand the combined presence of both cyber attacks and physi-cal faults. This framework incorporates a definition of re-silience, a resilience metric as well as a resilient control de-sign methodology. The resilient control architecture utilizes a hybrid optimal control methodology combined with a dy-namic regulation market mechanism (DRMM), and is evalu-ated in the context of frequency regulation at a transmission grid. The framework enables the evaluation of both the clas-sical robust control properties and emerging resilient control properties under both cyber attacks and physical faults. The proposed framework is used to assess resilience of a Cyber-Physical Energy System (CPES) when subjected to both cyber and physical faults via DETERLab. DETERLab, a testbed capable of emulating high fidelity, cybersecure, net-worked systems, is used to construct critical scenarios with physical faults emulated in the form of generator outages and cyber faults emulated in the form of Denial of Service (DoS) attacks. Under these scenarios, the resilience and per-formance of a CPES that is comprised of 56 generators and 99 consumers is evaluated using the hybrid-DRMM control methodology

Assessing and augmenting SCADA cyber security: a survey of techniques

SCADA systems monitor and control critical infrastructures of national importance such as power generation and distribution, water supply, transportation networks, and manufacturing facilities. The pervasiveness, miniaturisations and declining costs of internet connectivity have transformed these systems from strictly isolated to highly interconnected networks. The connectivity provides immense benefits such as reliability, scalability and remote connectivity, but at the same time exposes an otherwise isolated and secure system, to global cyber security threats. This inevitable transformation to highly connected systems thus necessitates effective security safeguards to be in place as any compromise or downtime of SCADA systems can have severe economic, safety and security ramifications. One way to ensure vital asset protection is to adopt a viewpoint similar to an attacker to determine weaknesses and loopholes in defences. Such mind sets help to identify and fix potential breaches before their exploitation. This paper surveys tools and techniques to uncover SCADA system vulnerabilities. A comprehensive review of the selected approaches is provided along with their applicability

Cyber-Physical Production Testbed: Literature Review and Concept Development

Many researchers use virtual and simulation-based testbed technology for research in production and maintenance optimization. Although, the virtual environment produces good results, it cannot imitate the unexpected changes that occur in actual production. There are very few physical testbeds emulating actual production environment. The aim of this paper is to present a concept of a cyber-physical production testbed based on review of Cyber-Physical Systems (CPS) testbeds in research. The testbed consists of a semi-automatic production line equipped with system monitoring tools, data analysis capabilities and commercial software. This testbed will be used for demonstration of data acquisition for production and maintenance prioritization. Additionally, the testbed will be used for research in IoT platforms for production optimization

A testbed to simulate cyber attacks on nuclear power plants

Nuclear power plants are critical infrastructures that must be safe and secure from undesirable intrusions: these intrusions are both physical and cyber. The increasing usage of digital control and computer systems, for supervisory control and data acquisition in the control rooms of new generation nuclear reactors, has introduced several cyber security issues that must be addressed. One of the most significant problems is that this new technology has increased the vulnerability of the nuclear power plant to cyber security threats. Furthermore, this exposed vulnerability is one of the main reasons that the transition to digital control rooms connected to enterprise network (or the internet) has been slow and hesitant. In order to address these issues and ensure that a digital control system is safe and secure from undesirable intrusions, the system must go through extensive tests and validation. These tests will verify that systems are safe and properly functioning. The vulnerabilities of a nuclear power plant can be determined through conducting cyber security exercises, cyber security attacks scenarios, and simulated attacks. All these events can be performed using the control room in the nuclear power plant, but it is a complicated and hampered process because of the complex hardware and software interactions that must be considered. Control rooms are also not ideal places to test various cyber attacks and scenarios because any mishap can lead to detrimental impacts on the nearby surroundings. This research attempts to present our approach to build a comparative testbed that captures the relevant complexity of a nuclear power plant. A testbed is developed and designed to assess the vulnerabilities that are introduced by using public networks for communications. The testbed is also used to simulate different cyber attack scenarios and it will serve to present detection mechanisms that are based on the understanding of the controlled physical system

Cyber-Physical Smart Grid Security Tool for Education and Training Purposes

Cyber security education is now an essential piece of information to understand the current challenges in utilizing the technology in a secure manner. In this paper, we highlight the need of improving the human factors role and cyber security awareness in better securing the systems. We discuss a simulation tool called CPSA that can be used for education and training purposes to understand the impact of cyber-attacks on the physical power system, and overall system monitoring. The tool supports attacks modeling, different communication network topologies, simulation of bad data and malicious command received over the insecure network. This tool is helpful for students and researchers’ education to better understand the logics and prepare them with skills to evaluate the future cyber-physical system security. The tool can also be used for training purpose to the technical and non-technical staff at power utility

Development of smart grid testbed with low-cost hardware and software for cybersecurity research and education

Smart Grid, also known as the next generation of the power grid, is considered as a power infrastructure with advanced information and communication technologies (ICT) that will enhance the efficiency and reliability of power systems. For the essential benefits that come with Smart Grid, there are also security risks due to the complexity of advanced ICT utilized in the architecture of Smart Grid to interconnect a huge number of devices and subsystems. Cybersecurity is one of the emerging major threats in Smart Grid that needs to be considered as the attack surface increased. To prevent cyber-attacks, new techniques and methods need to be evaluated in a real-world environment or in a testbed. However, the costs for setting-up Smart Grid testbed is extensive. In this article, we focused on the development of a smart grid testbed with a low-cost hardware and software for cybersecurity research and education. As a case study, we evaluated the testbed with most common cyber-attack such as denial of service (DoS) attack. In addition, the testbed is a useful resource for cybersecurity research and education on different aspects of SCADA systems such as protocol implementation, and PLC programming