TY - GEN
T1 - A covert system identification attack on constant setpoint control systems
AU - Phillips, Tyler
AU - Mehrpouyan, Hoda
AU - Gardner, John
AU - Reese, Stephen
N1 - Publisher Copyright:
© 2019 IEEE.
PY - 2019/11
Y1 - 2019/11
N2 - Industrial Control Systems (ICS) are the brain and backbone of nation's critical infrastructure such as nuclear power, water treatment, and petrochemical plants. In order to increase interoperability, real-time availability of data, and flexibility, information/communication technologies are adopted in this domain. While these information technologies have been effective, they are integrated into operational technologies without the necessary security defense. Designing an effective, layered security defense is not possible unless security threats are identified through a structural analysis of the ICS. For that reason, this paper provides an attacker's point of view on the reconnaissance effort necessary to gather details of the system dynamics - which are required for the development of sophisticated attacks. We present a reconnaissance approach which uses the system's I/O data to infer the dynamic model of the system. In this effort, we propose a novel cyber-attack which targets the controller proportional-integral-derivative gain values in a constant setpoint control system. Our findings will help researchers design more secure control systems.
AB - Industrial Control Systems (ICS) are the brain and backbone of nation's critical infrastructure such as nuclear power, water treatment, and petrochemical plants. In order to increase interoperability, real-time availability of data, and flexibility, information/communication technologies are adopted in this domain. While these information technologies have been effective, they are integrated into operational technologies without the necessary security defense. Designing an effective, layered security defense is not possible unless security threats are identified through a structural analysis of the ICS. For that reason, this paper provides an attacker's point of view on the reconnaissance effort necessary to gather details of the system dynamics - which are required for the development of sophisticated attacks. We present a reconnaissance approach which uses the system's I/O data to infer the dynamic model of the system. In this effort, we propose a novel cyber-attack which targets the controller proportional-integral-derivative gain values in a constant setpoint control system. Our findings will help researchers design more secure control systems.
KW - Cyberattack
KW - Industrial Control Systems
KW - System Identification
UR - http://www.scopus.com/inward/record.url?scp=85078833269&partnerID=8YFLogxK
U2 - 10.1109/CANDARW.2019.00070
DO - 10.1109/CANDARW.2019.00070
M3 - Conference contribution
AN - SCOPUS:85078833269
T3 - Proceedings - 2019 7th International Symposium on Computing and Networking Workshops, CANDARW 2019
SP - 367
EP - 373
BT - Proceedings - 2019 7th International Symposium on Computing and Networking Workshops, CANDARW 2019
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 7th International Symposium on Computing and Networking Workshops, CANDARW 2019
Y2 - 26 November 2019 through 29 November 2019
ER -