1,820 research outputs found
Optimal Attack against Cyber-Physical Control Systems with Reactive Attack Mitigation
This paper studies the performance and resilience of a cyber-physical control
system (CPCS) with attack detection and reactive attack mitigation. It
addresses the problem of deriving an optimal sequence of false data injection
attacks that maximizes the state estimation error of the system. The results
provide basic understanding about the limit of the attack impact. The design of
the optimal attack is based on a Markov decision process (MDP) formulation,
which is solved efficiently using the value iteration method. Using the
proposed framework, we quantify the effect of false positives and
mis-detections on the system performance, which can help the joint design of
the attack detection and mitigation. To demonstrate the use of the proposed
framework in a real-world CPCS, we consider the voltage control system of power
grids, and run extensive simulations using PowerWorld, a high-fidelity power
system simulator, to validate our analysis. The results show that by carefully
designing the attack sequence using our proposed approach, the attacker can
cause a large deviation of the bus voltages from the desired setpoint. Further,
the results verify the optimality of the derived attack sequence and show that,
to cause maximum impact, the attacker must carefully craft his attack to strike
a balance between the attack magnitude and stealthiness, due to the
simultaneous presence of attack detection and mitigation
Estimating Impact and Frequency of Risks to Safety and Mission Critical Systems Using CVSS
Many safety and mission critical systems depend on the correct and secure operation of both supportive and core software systems. E.g., both the safety of personnel and the effective execution of core missions on an oil platform depend on the correct recording storing, transfer and interpretation of data, such as that for the Logging While Drilling (LWD) and Measurement While Drilling (MWD) subsystems. Here, data is recorded on site, packaged and then transferred to an on-shore operational centre. Today, the data is transferred on dedicated communication channels to ensure a secure and safe transfer, free from deliberately and accidental faults. However, as the cost control is ever more important some of the transfer will be over remotely accessible infrastructure in the future. Thus, communication will be prone to known security vulnerabilities exploitable by outsiders. This paper presents a model that estimates risk level of known vulnerabilities as a combination of frequency and impact estimates derived from the Common Vulnerability Scoring System (CVSS). The model is implemented as a Bayesian Belief Network (BBN)
Cost-aware Defense for Parallel Server Systems against Reliability and Security Failures
Parallel server systems in transportation, manufacturing, and computing
heavily rely on dynamic routing using connected cyber components for
computation and communication. Yet, these components remain vulnerable to
random malfunctions and malicious attacks, motivating the need for
fault-tolerant dynamic routing that are both traffic-stabilizing and
cost-efficient. In this paper, we consider a parallel server system with
dynamic routing subject to reliability and stability failures. For the
reliability setting, we consider an infinite-horizon Markov decision process
where the system operator strategically activates protection mechanism upon
each job arrival based on traffic state observations. We prove an optimal
deterministic threshold protecting policy exists based on dynamic programming
recursion of the HJB equation. For the security setting, we extend the model to
an infinite-horizon stochastic game where the attacker strategically
manipulates routing assignment. We show that both players follow a threshold
strategy at every Markov perfect equilibrium. For both failure settings, we
also analyze the stability of the traffic queues under control. Finally, we
develop approximate dynamic programming algorithms to compute the
optimal/equilibrium policies, supplemented with numerical examples and
experiments for validation and illustration.Comment: Major Revision in Automatic
- âŚ