Journal ArticleDOI
Cyber Security of Water SCADA Systems—Part I: Analysis and Experimentation of Stealthy Deception Attacks
Reads0
Chats0
TLDR
The deception attack presented here can enable remote water pilfering from automated canal systems and is reported on a field-operational test attack on the Gignac canal system located in Southern France.Abstract:
This brief aims to perform security threat assessment of networked control systems with regulatory and supervisory control layers. We analyze the performance of a proportional-integral controller (regulatory layer) and a model-based diagnostic scheme (supervisory layer) under a class of deception attacks. We adopt a conservative approach by assuming that the attacker has knowledge of: 1) the system dynamics; 2) the parameters of the diagnostic scheme; and 3) the sensor-control signals. The deception attack presented here can enable remote water pilfering from automated canal systems. We also report a field-operational test attack on the Gignac canal system located in Southern France.read more
Citations
More filters
Proceedings ArticleDOI
Exploiting Submodularity in Security Measure Allocation for Industrial Control Systems
TL;DR: This paper proposes a method to exploit submodularity of the objective function so that polynomial time algorithms can be applied to obtain solutions with guaranteed approximation bounds on how to allocate a large number of security measures under a limited budget.
Journal ArticleDOI
Developing an Electromagnetic Noise Generator to Protect a Raspberry PI from Side Channel Analysis
Ibraheem Frieslaar,Barry Irwin +1 more
TL;DR: A multi-threading approach with the utilisation of Secure Hash Algorithm (SHA) to serve as a software based countermeasure to mitigate SCA attacks was introduced, able to hide the cryptographic implementations and prevent the DEMA attack and other statistical analysis.
Proceedings ArticleDOI
Recursive Filtering for Complex Networks Against Random Deception Attacks
Cong Meng,Wenling Li +1 more
TL;DR: A coupled unscented Kalman filter (UKF) is developed where the sigma points of the USF are propagated by introducing the coupled terms and the randomly occuring deception attacks scheme is designed in the framework of the UKF.
Proceedings ArticleDOI
Zero Residual Attacks on Industrial Control Systems and Stateful Countermeasures
TL;DR: Zero-Residual Attacks (ZeRA) are offered, which allow the attacker to launch stealthy attacks leveraging estimation of the stateful anomaly detector and matching of residuals as a fraction of actual estimation residual.
Journal ArticleDOI
A practical physical watermarking approach to detect replay attacks in a CPS
TL;DR: In this article , the authors proposed a practical watermarking technique to detect replay attacks in cyber physical systems (CPSs) and evaluated it on a real WADI distribution system.
References
More filters
Journal ArticleDOI
False data injection attacks against state estimation in electric power grids
TL;DR: In this article, a new class of attacks, called false data injection attacks, against state estimation in electric power grids is presented and analyzed, under the assumption that the attacker can access the current power system configuration information and manipulate the measurements of meters at physically protected locations such as substations.
Proceedings ArticleDOI
False data injection attacks against state estimation in electric power grids
TL;DR: A new class of attacks, called false data injection attacks, against state estimation in electric power grids are presented, showing that an attacker can exploit the configuration of a power system to launch such attacks to successfully introduce arbitrary errors into certain state variables while bypassing existing techniques for bad measurement detection.
Journal ArticleDOI
Full-order observers for linear systems with unknown inputs
TL;DR: This note presents a simple method to design a full-order observer for linear systems with unknown inputs and the necessary and sufficient conditions for the existence of the observer are given.
Proceedings ArticleDOI
Attacks against process control systems: risk assessment, detection, and response
TL;DR: By incorporating knowledge of the physical system under control, this paper is able to detect computer attacks that change the behavior of the targeted control system and analyze the security and safety of the mechanisms by exploring the effects of stealthy attacks, and by ensuring that automatic attack-response mechanisms will not drive the system to an unsafe state.
Book ChapterDOI
Lessons Learned from the Maroochy Water Breach
Jill Slay,Michael Miller +1 more
TL;DR: This paper examines the response to the 2000 SCADA security incident at Maroochy Water Services in Queensland, Australia and the lessons learned are useful for establishing academic and industry-based research agendas inSCADA security as well as for safeguarding critical infrastructure.