Journal ArticleDOI
Cyber Security of Water SCADA Systems—Part I: Analysis and Experimentation of Stealthy Deception Attacks
Reads0
Chats0
TLDR
The deception attack presented here can enable remote water pilfering from automated canal systems and is reported on a field-operational test attack on the Gignac canal system located in Southern France.Abstract:
This brief aims to perform security threat assessment of networked control systems with regulatory and supervisory control layers. We analyze the performance of a proportional-integral controller (regulatory layer) and a model-based diagnostic scheme (supervisory layer) under a class of deception attacks. We adopt a conservative approach by assuming that the attacker has knowledge of: 1) the system dynamics; 2) the parameters of the diagnostic scheme; and 3) the sensor-control signals. The deception attack presented here can enable remote water pilfering from automated canal systems. We also report a field-operational test attack on the Gignac canal system located in Southern France.read more
Citations
More filters
Dissertation
Design and Analysis of Intrusion Detection Protocols in Cyber Physical Systems
Mitchell,Robert Raymond +1 more
TL;DR: A probability model based on stochastic Petri nets is developed to describe the behavior of a CPS incorporating the proposed intrusion detection and response designs, subject to attacks by malicious nodes exhibiting a range of attacker behaviors.
Journal ArticleDOI
Adaptive optimisation-offline cyber attack on remote state estimator
Xin Huang,Jiuxiang Dong +1 more
TL;DR: A novel adaptive optimisation-offline cyber attack strategy is proposed, where using the current and previous sensor data, the attack can yield the largest estimation error covariance while ensuring to be undetected by the chi-squared monitor.
Journal ArticleDOI
An integrated state-estimation framework for interdependent water and energy systems
TL;DR: An integrated state-estimation framework is proposed to process the consistency of the data and estimate the parameters of a combined water and energy network and makes it more difficult for the attackers to launch stealthy false data injections.
Journal ArticleDOI
An application of linear algebra theory in networked control systems: stochastic cyber-attacks detection approach
TL;DR: The aim of this work is to use traditional mathematics tools to solve new problems that arise from the complex NCSs by proposing the algebraic detection schemes for possible stochastic cyber-attacks.
Proceedings ArticleDOI
Bio-inspired Active Attack for Identification of Networked Control Systems
TL;DR: An Active System Identification attack is proposed and evaluated, where the attacker injects data on the NCS to learn about its model, based on two bio-inspired metaheuristics, namely: Backtracking Search Optimization Algorithm (BSA) and Particle Swarm Optimization (PSO).
References
More filters
Journal ArticleDOI
False data injection attacks against state estimation in electric power grids
TL;DR: In this article, a new class of attacks, called false data injection attacks, against state estimation in electric power grids is presented and analyzed, under the assumption that the attacker can access the current power system configuration information and manipulate the measurements of meters at physically protected locations such as substations.
Proceedings ArticleDOI
False data injection attacks against state estimation in electric power grids
TL;DR: A new class of attacks, called false data injection attacks, against state estimation in electric power grids are presented, showing that an attacker can exploit the configuration of a power system to launch such attacks to successfully introduce arbitrary errors into certain state variables while bypassing existing techniques for bad measurement detection.
Journal ArticleDOI
Full-order observers for linear systems with unknown inputs
TL;DR: This note presents a simple method to design a full-order observer for linear systems with unknown inputs and the necessary and sufficient conditions for the existence of the observer are given.
Proceedings ArticleDOI
Attacks against process control systems: risk assessment, detection, and response
TL;DR: By incorporating knowledge of the physical system under control, this paper is able to detect computer attacks that change the behavior of the targeted control system and analyze the security and safety of the mechanisms by exploring the effects of stealthy attacks, and by ensuring that automatic attack-response mechanisms will not drive the system to an unsafe state.
Book ChapterDOI
Lessons Learned from the Maroochy Water Breach
Jill Slay,Michael Miller +1 more
TL;DR: This paper examines the response to the 2000 SCADA security incident at Maroochy Water Services in Queensland, Australia and the lessons learned are useful for establishing academic and industry-based research agendas inSCADA security as well as for safeguarding critical infrastructure.