230 likes | 592 Views
Attack Models and Scenarios for Networked Control Systems. 1 st HiCoNS Conference, CPSWEEK 2012, Beijing, China April 18th. André Teixeira , Daniel Pérez, Henrik Sandberg, Karl H. Johansson ACCESS Linnaeus Centre, KTH Royal Institute of Technology. Motivation.
E N D
Attack Models and Scenarios for Networked Control Systems 1stHiCoNS Conference, CPSWEEK 2012, Beijing, China April 18th André Teixeira, Daniel Pérez, Henrik Sandberg, Karl H. Johansson ACCESS Linnaeus Centre, KTH Royal Institute of Technology
Motivation • Networkedcontrol systems areto a growingextentbased on COTS • Leadstoincreasingvulnerabilityto cyber-threatswithmany potential pointsof attacks • Need for tools and strategiesto understand and mitigate attacks in networkedcontrol systems • Benchmarks and testbedsto illustrate realistic attack scenarios and evaluate solutions • Relatedwork: Basar, Sastry, Amin, Sinopoli, Bullo, Sundaram Teixeira et al. ”Attack Models and Scenarios for Networked Control Systems”
Contributions • Defineadversarieswithlimitedresources • Analyze existing and novel attack scenarios • Wireless networkedcontrol system testbed Teixeira et al. ”Attack Models and Scenarios for Networked Control Systems”
Networked Control System • Physical Plant • Feedback Controller • Anomaly Detector Alarm • Alarm triggered if Teixeira et al. ”Attack Models and Scenarios for Networked Control Systems”
Adversary Model • Adversary goal is to force the process state into an unsafe region • Attack should be stealthy, i.e., • Adversary constrained by limited resources Teixeira et al. ”Attack Models and Scenarios for Networked Control Systems”
Networked Control System under Attack • Physical Attacks • Disclosure Attacks • Deception Attacks Teixeira et al. ”Attack Models and Scenarios for Networked Control Systems”
Networked Control System with Adversary Model Teixeira et al. ”Attack Models and Scenarios for Networked Control Systems”
Attack Space Covert [Smith] Zero dynamics Bias injection Eavesdropping [Bishop] DoS [Bishop] Replay [Sinopoli] Teixeira et al. ”Attack Models and Scenarios for Networked Control Systems”
Testbed for Networked Control System Security • Replay attack • Zero dynamics attack • Bias injection attack Quadruple-tank process has non-minimum-phase zero if [J, 2000]
Replay Attack – Phase I • Actuator and sensor data are recorded • No disruptive attack is performed Alarm [Sinopoli, 2009] Teixeira et al. ”Attack Models and Scenarios for Networked Control Systems”
Replay Attack – Phase II • No more data is recorded • The previously recorded data is replayed • Physical attack is also performed Alarm • No system knowledge is needed: [Sinopoli, 2009] Teixeira et al. ”Attack Models and Scenarios for Networked Control Systems”
Replay Attack - Experiment • Attack Goal: Empty tank 4 • Replay attack on sensor 2 • Physical attack on tank 4 • Tank 4 is emptied • Physical attack ends at t=180s • Replay attack ends at t=280s • The attack is not detected Teixeira et al. ”Attack Models and Scenarios for Networked Control Systems”
Zero Dynamics Attack • Only actuators are attacked • Zero dynamics are characterized by: • Attack policy: • : vanishing attack • : exponentially increasing attack Alarm • Zero dynamics are known: • Open-loop attack policy: Teixeira et al. ”Attack Models and Scenarios for Networked Control Systems”
Zero Dynamics Attack • Attack Goal: Empty tank 3 • Zero dynamics attack on both actuators • Tank 3 becomes empty • The attack is detected Teixeira et al. ”Attack Models and Scenarios for Networked Control Systems”
Bias Injection Attack • Steady-state system models are known • Maximize impact on state while remaining stealthy • Used low-pass filter to remain undetected during transients Alarm • Open-loop attack policy: Teixeira et al. ”Attack Models and Scenarios for Networked Control Systems”
Bias Injection Attack • Attack Goal: maximum impact on the state • Bias injection attack on sensor 1 and actuator 1 using a low-pass filter • Attack stops using a low-pass filter • Attack ends without being detected Teixeira et al. ”Attack Models and Scenarios for Networked Control Systems”
Summary • Attack models and scenarios for networked control systems • Definedadversarieswithlimitedresources • Analyzed existing and novel attack scenarios • Attack scenarios illustrated in a wireless networkedcontrol system testbed Teixeira et al. ”Attack Models and Scenarios for Networked Control Systems”
Attack Space Covert [Smith] Zero dynamics Bias injection Eavesdropping [Bishop] DoS [Bishop] Replay [Sinopoli] Teixeira et al. ”Attack Models and Scenarios for Networked Control Systems”
Demo Clip Teixeira et al. ”Attack Models and Scenarios for Networked Control Systems”