Fig 1 - uploaded by Yichi Zhang
Content may be subject to copyright.
Contexts in source publication
Context 1
... test the performance of high-level methods of FDI attack or other type of intrusion detection methods, we build a hardware-in-the-loop system. The architecture is shown in Fig. 1. There are two layers in this platform: Cyber layer and Physical ...
Context 2
... and make an impact on the industrial systems. In this platform, it is assumed that the attack launches from the cyberspace, and the hacker is powerful enough to bypass the BBD deployed in the cyber layer. Therefore, we set up an attack computer separately in the cyber layer, besides the operator station and engineer station. The place is shown in Fig. 1. The attack target is the data block in PLCs, and the attack action is to change the production sensor measurement and cheat the χ 2 bad data identifier. Then we use a selfdeveloped attack script to steal the sensor measurements and inject the false data to the engineer station at the moment we set in ...
Similar publications
Cyber–physical systems (CPSs) are increasingly susceptible to cyber threats, especially false data injection (FDI) attacks, which can compromise their stability and safety. Ensuring system safety while mitigating such attacks is a critical challenge. In the paper, we address the safety control issue for CPSs by designing a control strategy that con...
FDI (False Data Injection) attacks are critical to address as they can compromise the integrity and reliability of data in cyber-physical systems, leading to potentially severe consequences in sectors such as power systems. The feasibility of FDI attacks has been extensively studied from various perspectives, including access to measurements and se...
![Fig. 4. A simple flow diagram of the Tennessee Eastman Process. [?]](profile/Khalil-Guibene/publication/367048108/figure/fig3/AS:11431281153787372@1682537313229/A-simple-flow-diagram-of-the-Tennessee-Eastman-Process_Q320.jpg)
![The trajectories of the state aΔf(t)\documentclass[12pt]{minimal}...](publication/385251471/figure/fig2/AS:11431281316780469@1742266272553/The-trajectories-of-the-state-aDftdocumentclass12ptminimal-usepackageamsmath_Q320.jpg)
![The trajectories of the state aΔE(t)\documentclass[12pt]{minimal}...](publication/385251471/figure/fig3/AS:11431281316852323@1742266272727/The-trajectories-of-the-state-aDEtdocumentclass12ptminimal-usepackageamsmath_Q320.jpg)
![The trajectories of the state aΔωg(t)\documentclass[12pt]{minimal}...](publication/385251471/figure/fig4/AS:11431281316790448@1742266272893/The-trajectories-of-the-state-aDogtdocumentclass12ptminimal-usepackageamsmath_Q320.jpg)
This work addresses the secure control problem of T-S fuzzy-based cyber-physical systems (TSFCPSs) under randomly occurring deception attacks (RODAs). Random variables following the Bernoulli distribution are used to model the probability of false data injection by malicious adversaries. A novel memory-based sampled-data control (MSDC) scheme is de...
With the widespread application of information technology in microgrids, microgrids are evolving into a class of power cyber–physical systems (CPSs) that are deeply integrated with physical and information systems. Due to the high dependence of microgrids’ distributed cooperative control on real-time communication and system state information, they...
Citations
... This presented method examined the representational features of FDIAs by executing the graphical architecture of the power network to analyze the changing state assessment values dependent upon the network topology and identified the position of the FDIAs. In [18], a testbed of the process industry was designed that was a hardware-in-the-loop environment for simulating real-time industrial manufacturing and implemented an FDIA at this infrastructure. A host improved the physical method, and the cyber product was an engineer station or real industrial controller. ...
Cyber-physical systems (CPSs) are affected by cyberattacks once they are more connected to cyberspace. Advanced CPSs are highly complex and susceptible to attacks such as false data injection attacks (FDIA) targeted to mislead the systems and make them unstable. Leveraging an integration of anomaly detection methods, real-time monitoring, and machine learning (ML) algorithms, research workers are developing robust frameworks to recognize and alleviate the effect of FDIA. These methods often scrutinize deviations from predictable system behavior, using statistical analysis and anomaly detection systems to determine abnormalities that can indicate malicious activities. This manuscript offers the design of an election-based optimization algorithm with a deep learning-enabled false data injection attack detection (EBODL-FDIAD) method in the CPS infrastructure. The purpose of the EBODL-FDIAD technique is to enhance security in the CPS environment via the detection of FDIAs. In the EBODL-FDIAD technique, the linear scaling normalization (LSN) approach can be used to scale the input data into valuable formats. Besides, the EBODL-FDIAD system performs ensemble learning classification comprising three classifiers, namely the kernel extreme learning machine (KELM), long short-term memory (LSTM), and attention-based bidirectional recurrent neural network (ABiRNN) model. For optimal hyperparameter selection of the ensemble classifiers, the EBO algorithm can be applied. To validate the enriched performance of the EBODL-FDIAD technique, wide-ranging simulations were involved. The extensive results highlighted that the EBODL-FDIAD algorithm performed well over other systems concerning numerous measures.
... Text, audio, and video are the three available forms for sensor-related data. The IC uses special analysis tools like situational awareness for firefighters (SAFIRE) which has been used in a variety of CPS applications, including industrial control systems, smart grids, and autonomous vehicles [52]. The national renewable energy laboratory (NREL) in the United States, for instance, has developed a smart grid testbed using SAFIRE that enables researchers to assess the functionality and security of advanced grid technology in a practical setting, including risk-based preparedness for sensor-related fire prevention, smart emergency response systems (SERS), and analytic tools to convert the real-time data into useful information. ...
Industrial automation technologies are envisioned as multi-device systems that are constantly interacting with one another and with enterprise systems. In these industrial systems, the industrial internet of things (IIoT) significantly improves system efficiency, scalability, ease of control, and monitoring. These benefits have been achieved at the cost of greater security risks, thus making the system vulnerable to cyberattacks. Historically, industrial networks and systems lacked security features like authentication and encryption due to intended isolation over the Internet. Lately, remote access to these IIoT systems has made an attempt of holistic security alarmingly critical. In this research paper, a threat modeling framework for smart cyber-physical system (CPS) is proposed to get insight of the potential security risks. To carry out this research, the smart firefighting use case based on the MITRE ATT&CK matrix was investigated. The matrix analysis provided structure for attacks detection and mitigation, while system requirement collection (SRC) was applied to gather generic assets’ information related to hardware, software and network. With the help of SRC and MITRE ATT&CK, a threat list for the smart firefighting system was generated. Conclusively, the generated threat list was mapped on the national institute of standards and technology (NIST) security and privacy controls. The results show that these mapped controls can be well-utilized for protection and mitigation of threats in smart firefighting system. In future, critical cyber-physical systems can be modeled upon use case specific threats and can be secured by utilizing the presented framework.
... (b.) Process-aware attack Different from the attack in traditional IT systems, attackers focus more on the underlying process in ICPS [26]. They aim to cause physical impact to closed-loop control and result in system instability and even more serious consequences, such as huge economic losses and safety dangers [27]. Therefore, process-aware data are particularly dangerous in the industrial scenarios, which can be modelled in the general form as ...
Sensor and actuator event log analyses within the context of digital forensics are crucial for understanding events in automated buildings, such as in a building automation and control system (BACS) or a home automation system (HAS). Conclusions drawn from erroneous, misleading, or corrupted log data may adversely affect crime scene investigations and reconstructions. This work aims to raise awareness of the potential risk of misinterpretation due to corrupted or tampered data from BACS or HAS event log systems.
A series of non-invasive sensor and actuator attacks on such systems was designed and conducted to determine the feasibility of: 1) injecting spoofed pyroelectric infrared (PIR) and carbon dioxide (CO2) sensor event log records, 2) becoming invisible to PIR sensor and CO2 sensors, and 3) mimicking the behaviour of an actuator with the aim of injecting spoofed event log records. The study also concludes that sensor fusion can reveal activities that were concealed from CO2 sensors. Furthermore, this work discusses the adversarial perspectives in the cyber-physical (CPS) domain in relation to these findings.
In the new industrial environment, the safe and reliable operation of Industrial Cyber-Physical Systems (ICPSs) is being threatened by new types of attacks: Attackers carefully tamper with the measurement and control data transmitted over the network, causing the controlled systems to behave abnormally. The essence of such threats is operational safety issues induced by information security issues, which need to be studied at the bottom monitoring and control layer of the system. Studying safety and security monitoring, as well as defense strategies against these attacks, is of paramount importance. The primary objective of this paper is to offer readers a timely survey that sheds light on the current status of safety and security issues in ICPSs. A comprehensive comparison is conducted with existing approaches and relevant literature, focusing on a systems and control perspective. Specifically, we emphasize the concept of cyber-physical attacks by contrasting them with conventional cyberattacks. A summary of real-world instances of typical cyber-physical attacks is provided to illustrate their significance. In terms of methodology, we conduct a thorough review of attack principles, attack detection, and evaluation approaches, as well as defense schemes. During this process, we carefully compare the pros and cons of different detection methods. It is further elaborated that the information asymmetry between the offensive and defensive parties is the booster of the integrated design of industrial safety and security. Looking ahead, we identify and summarize fourteen open questions that warrant further research.
This paper investigates the resilient stability problem of large-scale systems under covert attacks. Covert attacks are difficult to detect, and the collusion among attacks on different subsystems makes the problem more challenging. To address this issue, a two-stage fixed-time observer is introduced for each subsystem to make the covert attack be exposed to its neighboring subsystems. Based on this, an attack isolation algorithm is developed against non-collusive covert attacks, and the notion of
-isolability is introduced to provide a necessary and sufficient condition for the success of attack isolation under the algorithm. To deal with collusive covert attacks, another attack isolation algorithm is further designed, and the notion of
(r,s)
-isolability is used to provide a sufficient condition for the effectiveness of the algorithm. Based on the proposed attack isolation techniques, a control law is developed to ensure the resilient stability of the system. Finally, two numerical examples are given to illustrate the effectiveness of the theoretical results.
