Jairo Giraldo

Limiting the Impact of Stealthy Attacks on Industrial Control Systems

While attacks on information systems have for most practical purposes binary outcomes (information was manipulated/eavesdropped, or not), attacks manipulating the sensor or control signals of Industrial Control Systems (ICS) can be tuned by the attacker to cause a continuous spectrum in damages. Attackers that want to remain undetected can attempt to hide their manipulation of the system by following closely the expected behavior of the system, while injecting just enough false information at each time step to achieve their goals. In this work, we study if attack-detection can limit the impact of such stealthy attacks. We start with a comprehensive review of related work on attack detection schemes in the security and control systems community. We then show that many of those works use detection schemes that are not limiting the impact of stealthy attacks. We propose a new metric to measure the impact of stealthy attacks and how they relate to our selection on an upper bound on false alarms. We finally show that the impact of such attacks can be mitigated in several cases by the proper combination and configuration of detection schemes. We demonstrate the effectiveness of our algorithms through simulations and experiments using real ICS testbeds and real ICS systems.

Security and Privacy in Cyber-Physical Systems: A Survey of Surveys

The following is a survey on surveys and may help the interested reader to find a way through the jungle of literature on the security and CPS topics out there already. In order to ease the search, the authors have provided a classification in CPS Domains, Attacks, Defenses, Research-trends, Network-security, Security level implementation, and Computational Strategies which makes this survey a unique and I believe very helpful article. —Jörg Henkel, Karlsruhe Institute of Technology

Integrity Attacks on Real-Time Pricing in Smart Grids: Impact and Countermeasures

Recent work has studied the impact caused by attackers that compromise pricing signals used in the emerging retail electricity market and send false prices to a subset of consumers. In this paper, we extend previous work by considering a more realistic adversary model that is not arbitrarily tied to scaling and delay attacks, but that can generate any arbitrary pricing signal and show how to keep the problem tractable with a new analysis based on sensitivity functions. In addition, we extend previous work by proposing countermeasures to mitigate the negative impact of these attacks. Countermeasures include selecting parameters of the controller, designing robust control algorithms, and by detecting anomalies in the behavior of the system.

Response and reconfiguration of cyber-physical control systems: A survey

The integration of physical systems with distributed embedded computing and communication devices offers advantages on reliability, efficiency, and maintenance. At the same time, these embedded computers are susceptible to cyber-attacks that can harm the performance of the physical system, or even drive the system to an unsafe state; therefore, it is necessary to deploy security mechanisms that are able to automatically detect, isolate, and respond to potential attacks. Detection and isolation mechanisms have been widely studied for different types of attacks; however, automatic response to attacks has attracted considerably less attention. Our goal in this paper is to identify trends and recent results on how to respond and reconfigure a system under attack, and to identify limitations and open problems. We have found two main types of attack protection: i) preventive, which identifies the vulnerabilities in a control system and then increases its resiliency by modifying either control parameters or the redundancy of devices; ii) reactive, which responds as soon as the attack is detected (e.g., modifying the non-compromised controller actions).

Delay and sampling independence of a consensus algorithm and its application to smart grid privacy

The consensus algorithm can represent many problems in cooperative behavior, and has been widely used in engineering and social sciences. In this work, we prove that the consensus model where the information that each agent receives from its neighbors has time-varying asynchronous delays and sampling, converges to an agreement independent of these communication constraints. This property is useful in the context of “data minimization,” which is one of the principles for privacy. As a practical example, we show how the independence of sampling rate can be used for microgrids with a consensus-based secondary control scheme where participants have incentives to share their states to ensure frequency synchronization, while at the same time minimizing the amount of data shared to preserve their privacy. We then propose two data sharing algorithms: 1) periodic sampling, and 2) discretionary sampling, and study their privacy as well as their performance. We show that even when a discretionary sampling scheme “lies” to their neighbors in order to preserve their privacy, the consensus algorithm performs almost as well as with periodic sampling.

Synchronization of dynamical networks with a communication infrastructure: A smart grid application

Motivated by the increasing interest in networked multi-agent systems and the wide number of applications in distributed control of smart grids, we address the problem of synchronization of microgrids. Two topologies are considered: the physical topology that relates the interconnection of distributed generators and loads, and the communication topology, which describes the information flow of the power system measurements. We propose a control strategy based on the information flow and we show that there exists a strong relationship between both topologies in order to achieve synchronization. As a matter of fact, we show that our results can be extended when isolated group of nodes are taken into account, and they can be connected or disconnected to the main grid. Finally, the effects of time-varying sampling are analyzed using some average passivity conditions, and sampling-time independence is demonstrated with the proposed controller.

Current results and research trends in networked control systems

Networked Control Systems (NCS) has been one of the main research areas in the last few years, due to the benefits of the insertion of a communication network in distributed systems, and the widely area of applications such as tele-operations, robotics, UAVs, power systems, among others, and new growing areas like smart grids and Cyber-Physiscal Systems. This paper surveys the main aspects on performance analysis and controllers design that take into account the problems that arise when the control feedback loop is closed over a communication network. At the end, an example of a NCS implementation using the simulation tool TrueTime is introduced, and some recent results and possible future directions are presented.

Security vs. privacy: How integrity attacks can be masked by the noise of differential privacy

Privacy concerns have increased in the last years due to the unprecedented scale of data collected regarding human activity. Differential privacy has emerged in the last decade as an important mechanism to ensure privacy by adding random noise with a specific distribution to the information being collected (e.g., adding noise to smart meters, and sensor readings). Differential privacy has been mainly used in private databases, but lately it has also been extended to consider applications like estimation, consensus algorithms, and control of dynamical systems.

Leveraging Unique CPS Properties to Design Better Privacy-Enhancing Algorithms

Cyber-Physical Systems (CPS) have unique properties that can be exploited to design new privacy-enhancing technologies that minimize the negative impact to the utility of CPS. In this paper we show two examples of these properties. The first example looks at how differential privacy degrades CPS performance due to the large noise addition, and we then show how the inherent noise of CPS can be leveraged to reduce the additional noise added by differential privacy algorithms, and therefore, minimize the negative impact on the system utility and safety. In the second example we look at the ability to sample at sensor readings on demand, and how this flexibility can be used to design adaptive sensor sampling algorithms that hide sensitive information without the need to add noise.

Control Systems for the Power Grid and Their Resiliency to Attacks

Most government, industry, and academic efforts to protect the power grid have focused on information security mechanisms for preventing and detecting attacks. In addition to these mechanisms, control engineering can help improve power grid security.