2 research outputs found
Compensation of Linear Attacks to Cyber Physical Systems through ARX System Identification
Cyber-Physical Systems (CPSs) are vastly used in today's cities critical
infrastructure. The cyber part of these systems usually has a network component
through which cyber attacks can be launched. In this paper, we first design an
intrusion detection system (IDS) by identifying the plant. We assume the
initial operation period of the CPS is attack-free and learn the plant model.
Then, we compare the expected output found via the identifier with the real one
coming through the feedback link. Any difference greater than a threshold is
deemed to be an anomaly. To compensate, once the IDS flags a change in the
loop, we restart the system identification to find the new transfer function.
With the estimation of the new transfer function at hand, a new controller is
designed to keep the system stable. To test the idea, we took a DC motor as the
plant and employed ARX identifier. MATLAB Simulink environment was used to test
the proposed intrusion detection and compensation framework. We applied a set
of deception attacks to the forward channel in our experiments. The obtained
results prove that our detection strategy works well and timely reacts to
anomalies. Moreover, they show that the compensation strategy is also effective
and keeps the system stable under such attacks.Comment: 9 figures, conferenc
Skip to Secure: Securing Cyber-physical Control Loops with Intentionally Skipped Executions
We consider the problem of provably securing a given control loop
implementation in the presence of adversarial interventions on data exchange
between plant and controller. Such interventions can be thwarted using
continuously operating monitoring systems and also cryptographic techniques,
both of which consume network and computational resources. We provide a
principled approach for intentional skipping of control loop executions which
may qualify as a useful control theoretic countermeasure against stealthy
attacks which violate message integrity and authenticity. As is evident from
our experiments, such a control theoretic counter-measure helps in lowering the
cryptographic security measure overhead and resulting resource consumption in
Control Area Network (CAN) based automotive CPS without compromising
performance and safety.Comment: 9 page