Synthesis of Covert Actuator Attackers for Free

In this paper, we shall formulate and address a problem of covert actuator attacker synthesis for cyber-physical systems that are modelled by discrete-event systems. We assume the actuator attacker partially observes the execution of the closed-loop system and is able to modify each control command issued by the supervisor on a specified attackable subset of controllable events. We provide straightforward but in general exponential-time reductions, due to the use of subset construction procedure, from the covert actuator attacker synthesis problems to the Ramadge-Wonham supervisor synthesis problems. It then follows that it is possible to use the many techniques and tools already developed for solving the supervisor synthesis problem to solve the covert actuator attacker synthesis problem for free. In particular, we show that, if the attacker cannot attack unobservable events to the supervisor, then the reductions can be carried out in polynomial time. We also provide a brief discussion on some other conditions under which the exponential blowup in state size can be avoided. Finally, we show how the reduction based synthesis procedure can be extended for the synthesis of successful covert actuator attackers that also eavesdrop the control commands issued by the supervisor.Comment: The paper has been accepted for the journal Discrete Event Dynamic System

Distributed control of manufacturing resources: Security related issues

Paradigma industrije 4.0 diktira visoko efikasnu i fleksibilnu proizvodnju uvođenjem konfigurabilnih proizvodnih sistema i resursa koji odlikuju modularnost, interoperabilnost, skalabilnost i mogućnosti komunikacije. Trenutno se širom sveta istražuju različiti pristupi u nastojanju da se dostigne sledeći nivo proizvodnih tehnologija bez ugrožavanja same proizvodnje. Razmatrani pristupi podrazumevaju implementaciju Ciber Phisical Sistem-a, Interneta stvari i generacije proizvodnih sistema Digital Tvins. Složeni industrijski upravljački sistemi, koji su tradicionalno ožičeni i smatraju se sigurnim, sada postaju distribuirani, povezani na internet, obično se zasnivaju na bežičnoj komunikaciji i širom su otvoreni za sve vrste zlonamjernih podviga s potencijalno fatalnim posledicama. U ovom radu predstavljen je pregled bezbednosnih pitanja koja su ključna za razvoj sigurnije bežične distribucije kontrole proizvodnih resursa, pogodnih za izazove u narednim vremenima.Industry 4.0 paradigm dictates highly efficient and flexible production through introduction of reconfigurable manufacturing systems and resources characterized by modularity, interoperability, scalability and communication capabilities. Various approaches are currently researched worldwide in an effort to achieve the next level of production technologies without compromising the production itself. Considered approaches imply implementation of Cyber Physical Systems, Internet of Things and generation of manufacturing systems Digital Twins. Complex industrial control systems, which were traditionally wired and considered safe, are now becoming distributed, internet-connected, usually based on wireless communication and wide open for all kinds of malicious exploits with potentially fatal consequences. This paper presents a review of security related issues that are crucial in developing safer wireless distributed control of manufacturing resources, ADEPT for challenges in coming times

Distributed control of manufacturing resources: Security related issues

Paradigma industrije 4.0 diktira visoko efikasnu i fleksibilnu proizvodnju uvođenjem konfigurabilnih proizvodnih sistema i resursa koji odlikuju modularnost, interoperabilnost, skalabilnost i mogućnosti komunikacije. Trenutno se širom sveta istražuju različiti pristupi u nastojanju da se dostigne sledeći nivo proizvodnih tehnologija bez ugrožavanja same proizvodnje. Razmatrani pristupi podrazumevaju implementaciju Ciber Phisical Sistem-a, Interneta stvari i generacije proizvodnih sistema Digital Tvins. Složeni industrijski upravljački sistemi, koji su tradicionalno ožičeni i smatraju se sigurnim, sada postaju distribuirani, povezani na internet, obično se zasnivaju na bežičnoj komunikaciji i širom su otvoreni za sve vrste zlonamjernih podviga s potencijalno fatalnim posledicama. U ovom radu predstavljen je pregled bezbednosnih pitanja koja su ključna za razvoj sigurnije bežične distribucije kontrole proizvodnih resursa, pogodnih za izazove u narednim vremenima.Industry 4.0 paradigm dictates highly efficient and flexible production through introduction of reconfigurable manufacturing systems and resources characterized by modularity, interoperability, scalability and communication capabilities. Various approaches are currently researched worldwide in an effort to achieve the next level of production technologies without compromising the production itself. Considered approaches imply implementation of Cyber Physical Systems, Internet of Things and generation of manufacturing systems Digital Twins. Complex industrial control systems, which were traditionally wired and considered safe, are now becoming distributed, internet-connected, usually based on wireless communication and wide open for all kinds of malicious exploits with potentially fatal consequences. This paper presents a review of security related issues that are crucial in developing safer wireless distributed control of manufacturing resources, ADEPT for challenges in coming times

Efficient Synthesis of Sensor Deception Attacks Using Observation Equivalence-Based Abstraction

This paper investigates the synthesis of successful sensor deception attack functions in supervisory control using abstraction methods to reduce computational complexity. In sensor deception attacks, an attacker hijacks a subset of the sensors of the plant and feeds incorrect information to the supervisor with the intent on causing damage to the supervised system. The attacker is successful if its attack causes damage to the system and it is not identified by an intrusion detection module. The existence test and the synthesis method of successful sensor deception attack functions are computationally expensive, specifically in partially observed systems. For this reason, we leverage results on abstraction methods to reduce the computational effort in solving these problems. Namely, we introduce an equivalence relation called restricted observation equivalence, that is used to abstract the original system before calculating attack functions. Based on this equivalence relation we prove that the existence of successful attack functions in the abstracted supervised system guarantees the existence of successful attack functions in the unabstracted supervised system and vice versa. Moreover, successful attack functions synthesized from the abstracted system can be exactly mapped to successful attack functions on the unabstracted system, thereby providing a complete solution to the attack synthesis problem

A Polynomial Approach to Verifying the Existence of a Threatening Sensor Attacker

The development of cyber-physical systems (CPS) has brought much attention of researchers to cyber-attack and cyber-security. A sensor attacker targeting on a supervised discrete event system can modify a set of sensor readings and cause the closed-loop system to reach undesirable states. In this letter, we propose a new attack detection mechanism under which the supervisor only needs to keep track of the last observable event received. Given a plant and a supervisor enforcing a state specification, we define a sensor attacker threatening if it may cause the closed-loop system to enter a forbidden state. Our goal is to verify whether there exists such a threatening sensor attacker for a given controlled system. A new structure, called All Sensor Attack (ASA), is proposed to capture all possible sensor attacks launched by the attacker. Based on the ASA automaton, a necessary and sufficient condition for the existence of a stealthy threatening sensor attacker is presented. Finally, we show that the condition can be verified in polynomial time

Distribution of control tasks to smart devices in industrial control systems: a case study

Cyber Physical Systems (CPS) and Internet of Things (IoT) open the way for new generation of Industrial Control Systems (ICS) characterized by high flexibility, modularity and reconfigurability necessary within Industry 4.0. Inevitable shift from centralized to distributed control systems is underway, but the changes are not as rapid as expected. One of the limiting factors is the lack of engineering techniques for distributed control systems design, simulation and verification. In this paper we analyze recently proposed techniques for distributed control systems development using an example of a simple transport system consisting of two CPS – smart conveyor belt and smart cylinder. In particular we consider the methods based on Control Interpreted Petri Nets (CIPN), Supervisory Control Theory (SCT) and IEC 61499 standard