Compensation of Linear Attacks to Cyber Physical Systems through ARX System Identification

Cyber-Physical Systems (CPSs) are vastly used in today's cities critical infrastructure. The cyber part of these systems usually has a network component through which cyber attacks can be launched. In this paper, we first design an intrusion detection system (IDS) by identifying the plant. We assume the initial operation period of the CPS is attack-free and learn the plant model. Then, we compare the expected output found via the identifier with the real one coming through the feedback link. Any difference greater than a threshold is deemed to be an anomaly. To compensate, once the IDS flags a change in the loop, we restart the system identification to find the new transfer function. With the estimation of the new transfer function at hand, a new controller is designed to keep the system stable. To test the idea, we took a DC motor as the plant and employed ARX identifier. MATLAB Simulink environment was used to test the proposed intrusion detection and compensation framework. We applied a set of deception attacks to the forward channel in our experiments. The obtained results prove that our detection strategy works well and timely reacts to anomalies. Moreover, they show that the compensation strategy is also effective and keeps the system stable under such attacks.Comment: 9 figures, conferenc

Skip to Secure: Securing Cyber-physical Control Loops with Intentionally Skipped Executions

We consider the problem of provably securing a given control loop implementation in the presence of adversarial interventions on data exchange between plant and controller. Such interventions can be thwarted using continuously operating monitoring systems and also cryptographic techniques, both of which consume network and computational resources. We provide a principled approach for intentional skipping of control loop executions which may qualify as a useful control theoretic countermeasure against stealthy attacks which violate message integrity and authenticity. As is evident from our experiments, such a control theoretic counter-measure helps in lowering the cryptographic security measure overhead and resulting resource consumption in Control Area Network (CAN) based automotive CPS without compromising performance and safety.Comment: 9 page