Security analysis of control system anomaly detectors

Umsonst, David; Cárdenas, Álvaro A.

doi:10.23919/acc.2017.7963810

Cited by 32 publications

(23 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Theorem 1 represents an interesting extension of the work on deterministic systems [19], which used the infinity norm based metric (8).…”

Section: B Solving Problemmentioning

confidence: 99%

“…In these studies, the reachable sets were predominantly used to characterize the impact, and algorithms for calculating upper and lower bounds of these sets were proposed in several works [8]- [10]. Other types of detectors have also been considered [14]- [19]. For example, Cárdenas et al considered a cumulative sum (CUSUM) detector, and investigated the impact of several attack strategies that remain undetected by this detector [14].…”

Section: Introductionmentioning

confidence: 99%

“…Exceptions do exist, however. For example, in [19], the authors introduced the infinity norm of critical states to quantify the impact under the CUSUM detector. They showed that the exact value of impact can be obtained by solving a set of convex problems.…”

Section: Introductionmentioning

confidence: 99%

“…Firstly, we propose a unified framework for quantifying the impact of cyber-attack strategies for stochastic control systems. The framework covers both advanced injection strategies such as false data injection (FDI) [8], [19] and bias injection [17], [22], but also simpler strategies such as denial of service (DoS) [6], [23], replay [24], rerouting [25], [26], and sign alternation attacks [12]. Additionally, Kullback-Leibler (KL) divergence [27] is used to define a stealthiness constraint, which makes the framework independent of the choice of anomaly detector.…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Estimating the Impact of Cyber-Attack Strategies for Stochastic Networked Control Systems

Milošević

Johansson

2020

IEEE Trans. Control Netw. Syst.

Self Cite

View full text Add to dashboard Cite

Risk assessment is an inevitable step in implementation of a cyber-defense strategy. An important part of this assessment is to reason about the impact of possible attacks. In this paper, we propose a framework for estimating the impact of cyber-attacks in stochastic linear control systems. The framework can be used to estimate the impact of denial of service, rerouting, sign alternation, replay, false data injection, and bias injection attacks. For the stealthiness constraint, we adopt the Kullback-Leibler divergence between residual sequences during the attack. Two impact metrics are considered: (1) The probability that some of the critical states leave a safety region; and (2) The expected value of the infinity norm of the critical states. For the first metric, we prove that the impact estimation problem can be reduced to a set of convex optimization problems. Thus, the exact solution can be found efficiently. For the second metric, we derive an efficient to calculate lower bound. Finally, we demonstrate how the framework can be used for risk assessment on an example.

show abstract

“…Theorem 1 represents an interesting extension of the work on deterministic systems [19], which used the infinity norm based metric (8).…”

Section: B Solving Problemmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Estimating the Impact of Cyber-Attack Strategies for Stochastic Networked Control Systems

Milošević

Johansson

2020

IEEE Trans. Control Netw. Syst.

Self Cite

View full text Add to dashboard Cite

show abstract

“…The design of stealthy adversaries was addressed in [10] and attack detectors in the form of network monitors were proposed in [11,12]. Residual-based state estimators are by far the most common way of detecting attacks on networked systems as it is shown in [13,14]. These detectors rely on the value of the estimation residue in order to decide whether or not the system is under attack.…”

Section: Introductionmentioning

confidence: 99%

Set-theoretic detection of data corruption attacks on cyber physical power systems

Kontouras

Tzes

Dritsas

2018

J. Mod. Power Syst. Clean Energy

View full text Add to dashboard Cite

This paper addresses a set-theoretic method for the detection of data corruption cyber-attacks on the load frequency control loop of a networked power system. The system consists of several interconnected control areas forming a power grid. Based on the overall discrete-time network dynamics, a convex and compact polyhedral robust invariant set is extracted and is used as a set-induced anomaly detector. If the state vector exits the invariant set, then an alarm will be activated, and the potential threat is considered disclosed. The attack scenario used to assess the efficiency of the proposed anomaly detector concerns corrupted frequency sensor measurements transmitted to the automatic generation control unit of a compromised control area. Simulation studies highlight the ability of a set-theoretic approach to disclose persistent and intermittent attack patterns even when they occur at the same time with changes in the power load demand.

show abstract

Security measure allocation for industrial control systems: Exploiting systematic search techniques and submodularity

Milošević

Teixeira

Tanaka

et al. 2018

Intl J Robust & Nonlinear

Self Cite

View full text Add to dashboard Cite

To protect industrial control systems from cyberattacks, multiple layers of security measures need to be allocated to prevent critical security vulnerabilities.However, both finding the critical vulnerabilities and then allocating security measures in a cost-efficient way become challenging when the number of vulnerabilities and measures is large. This paper proposes a framework that can be used once this is the case. In our framework, the attacker exploits security vulnerabilities to gain control over some of the sensors and actuators. The critical vulnerabilities are those that are not complex to exploit and can lead to a large impact on the physical world through the compromised sensors and actuators. To find these vulnerabilities efficiently, we propose an algorithm that uses the nondecreasing properties of the impact and complexity functions and properties of the security measure allocation problem to speed up the search. Once the critical vulnerabilities are located, the security measure allocation problem reduces to an integer linear program. Since integer linear programs are NP-hard in general, we reformulate this problem as a problem of minimizing a linear set function subject to a submodular constraint. A polynomial time greedy algorithm can then be applied to obtain a solution with guaranteed approximation bound. The applicability of our framework is demonstrated on a control system used for regulation of temperature within a building.

show abstract

Security analysis of control system anomaly detectors

Cited by 32 publications

References 17 publications

Estimating the Impact of Cyber-Attack Strategies for Stochastic Networked Control Systems

Estimating the Impact of Cyber-Attack Strategies for Stochastic Networked Control Systems

Set-theoretic detection of data corruption attacks on cyber physical power systems

Security measure allocation for industrial control systems: Exploiting systematic search techniques and submodularity

Contact Info

Product

Resources

About