Security measure allocation for industrial control systems: Exploiting systematic search techniques and submodularity

Milošević, Jezdimir; Teixeira, André; Tanaka, Takashi; Johansson, Karl Henrik

doi:10.1002/rnc.4375

Cited by 9 publications

(20 citation statements)

References 55 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Meanwhile, the model of the dynamical system to be protected is also used for control system security [22], [23]. For example, identifying existence of stealthy attacks and removing the vulnerability require the dynamical model [24], [25], and attack detection performance can be enhanced by model knowledge [26]. Our Bayesian defense mechanisms can be interpreted as a generalization of those approaches.…”

Section: Related Workmentioning

confidence: 99%

Asymptotic Security Using Bayesian Defense Mechanism With Application to Cyber Deception

Sasahara,

Sandberg

2024

IEEE Trans. Automat. Contr.

View full text Add to dashboard Cite

This paper addresses the question whether model knowledge can guide a defender to appropriate decisions, or not, when an attacker intrudes into control systems. The model-based defense scheme considered in this study, namely Bayesian defense mechanism, chooses reasonable reactions through observation of the system's behavior using models of the system's stochastic dynamics, the vulnerability to be exploited, and the attacker's objective. On the other hand, rational attackers take deceptive strategies for misleading the defender into making inappropriate decisions. In this paper, their dynamic decision making is formulated as a stochastic signaling game. It is shown that the belief of the true scenario has a limit in a stochastic sense at an equilibrium based on martingale analysis. This fact implies that there are only two possible cases: the defender asymptotically detects the attack with a firm belief, or the attacker takes actions such that the system's behavior becomes nominal after a finite number of time steps. Consequently, if different scenarios result in different stochastic behaviors, the Bayesian defense mechanism guarantees the system to be secure in an asymptotic manner provided that effective countermeasures are implemented. As an application of the finding, a defensive deception utilizing asymmetric recognition of vulnerabilities exploited by the attacker is analyzed. It is shown that the attacker possibly withdraws even if the defender is unaware of the exploited vulnerabilities, as long as the defender's unawareness is concealed by the defensive deception.

show abstract

Section: Related Workmentioning

confidence: 99%

Asymptotic Security Using Bayesian Defense Mechanism With Application to Cyber Deception

Sasahara,

Sandberg

2024

IEEE Trans. Automat. Contr.

View full text Add to dashboard Cite

show abstract

“…To the best of our knowledge, these techniques are developed with the objective of performing risk assessment offline. For example, Milosevic et al [32] propose a framework for security measure allocation given certain impact and attack complexity metrics. Murguia et al [37] use the volume of ellipsoidal approximations of reachable sets under stealthy attacks as a measure of impact.…”

Section: Related Workmentioning

confidence: 99%

Efficient Predictive Monitoring of Linear Time-Invariant Systems Under Stealthy Attacks

Azzam

Pasquale

Provan

et al. 2023

IEEE Trans. Contr. Syst. Technol.

View full text Add to dashboard Cite

Attacks on industrial control systems (ICSs) can lead to significant physical damage. While off-line safety and security assessments can provide insight into vulnerable system components, they may not account for stealthy attacks designed to evade anomaly detectors during long operational transients. In this article, we propose a predictive online monitoring approach to check the safety of the system under potential stealthy false data injection attacks (FDIAs) on sensors. Specifically, we adapt previous results in reachability analysis for attack impact assessment to provide an efficient algorithm for online safety monitoring for linear time-invariant (LTI) systems. The proposed approach relies on an off-line computation of symbolic reachable sets in terms of the estimated physical state of the system. These sets are then instantiated online, and safety checks are performed by leveraging ideas from ellipsoidal calculus. We illustrate and evaluate our approach using the Tennessee-Eastman process. We also compare our approach with the baseline monitoring approaches proposed in previous work and assess its efficiency and scalability. Our evaluation results demonstrate that our approach can predict in a timely manner if an FDIA will be able to cause damage while remaining undetected. Thus, our approach can be used to provide operators with real-time early warnings about stealthy attacks.

show abstract

Section: Related Workmentioning

confidence: 99%

Asymptotic Security using Bayesian Defense Mechanism with Application to Cyber Deception

Sasahara¹

2022

Preprint

Self Cite

View full text Add to dashboard Cite

This study addresses the question whether model knowledge can prevent a defender from being deceived or not in cyber security. As a specific model-based defense scheme, this study treats Bayesian defense mechanism, which monitors the system's behavior, forms a belief on existence of the attacker, and chooses appropriate reactions. Sophisticated attackers aim at achieving her objective while avoiding being detected by deceiving the defender. In this paper, their dynamic decision making is formulated as a stochastic signaling game. It is revealed that the belief on the true scenario has a limit in a stochastic sense at an equilibrium based on martingale analysis. This fact implies that there are only two possible cases: the defender asymptotically detects the attack with a firm belief or the attacker takes actions such that the system's behavior becomes nominal after a certain finite time step. Consequently, if the dynamics admits no stealthy attacks, the system is guaranteed to be secure in an asymptotic manner provided that effective countermeasures are implemented. The result concludes that model knowledge can prevent deception in an asymptotic sense. As an application of the finding, a defensive deception utilizing asymmetric recognition on vulnerabilities exploited by the attacker is analyzed. It is shown that, the attacker possibly stops the attack even if the defender is unaware of the vulnerabilities as long as the defender's unawareness is concealed by the defensive deception. Those results indicate the powerful defense capability achieved by model knowledge.

show abstract

Security measure allocation for industrial control systems: Exploiting systematic search techniques and submodularity

Cited by 9 publications

References 55 publications

Asymptotic Security Using Bayesian Defense Mechanism With Application to Cyber Deception

Asymptotic Security Using Bayesian Defense Mechanism With Application to Cyber Deception

Efficient Predictive Monitoring of Linear Time-Invariant Systems Under Stealthy Attacks

Asymptotic Security using Bayesian Defense Mechanism with Application to Cyber Deception

Contact Info

Product

Resources

About