Visible to the public Intrusion-Damage Assessment and Mitigation in Cyber-Physical Systems for Control Applications

TitleIntrusion-Damage Assessment and Mitigation in Cyber-Physical Systems for Control Applications
Publication TypeConference Paper
Year of Publication2016
AuthorsMahfouzi, Rouhollah, Aminifar, Amir, Eles, Petru, Peng, Zebo, Villani, Mattias
Conference NameProceedings of the 24th International Conference on Real-Time Networks and Systems
PublisherACM
Conference LocationNew York, NY, USA
ISBN Number978-1-4503-4787-7
Keywordscomposability, Control applications, Cyber Dependencies, Damage Assessment, Intrusion detection, intrusion mitigation, Metrics, network intrusion detection, Physical layer, physical layer security, physical-layer security, pubcrawl, Resiliency, Resource management, Security of cyber-physical systems
Abstract

With cyber-physical systems opening to the outside world, security can no longer be considered a secondary issue. One of the key aspects in security of cyber-phyiscal systems is to deal with intrusions. In this paper, we highlight the several unique properties of control applications in cyber-physical systems. Using these unique properties, we propose a systematic intrusion-damage assessment and mitigation mechanism for the class of observable and controllable attacks. On the one hand, in cyber-physical systems, the plants follow certain laws of physics and this can be utilized to address the intrusion-damage assessment problem. That is, the states of the controlled plant should follow those expected according to the physics of the system and any major discrepancy is potentially an indication of intrusion. Here, we use a machine learning algorithm to capture the normal behavior of the system according to its dynamics. On the other hand, the control performance strongly depends on the amount of allocated resources and this can be used to address the intrusion-damage mitigation problem. That is, the intrusion-damage mitigation is based on the idea of allocating more resources to the control application under attack. This is done using a feedback-based approach including a convex optimization.

URLhttp://doi.acm.org/10.1145/2997465.2997478
DOI10.1145/2997465.2997478
Citation Keymahfouzi_intrusion-damage_2016