Active multiplicative cyberattack detection utilizing controller switching for process systems. (August 2022)
- Record Type:
- Journal Article
- Title:
- Active multiplicative cyberattack detection utilizing controller switching for process systems. (August 2022)
- Main Title:
- Active multiplicative cyberattack detection utilizing controller switching for process systems
- Authors:
- Narasimhan, Shilpa
El-Farra, Nael H.
Ellis, Matthew J. - Abstract:
- Abstract: Multiplicative cyberattacks manipulating data over the process control system (PCS) communication links are cyberattacks that malicious agents may carry out against PCSs. These attacks are modeled by multiplying the data communicated over the link by a factor, and may be designed to be stealthy without extensive knowledge of process dynamics. The current work characterizes the relationship between the control system parameters, the closed-loop stability, and the detectability of a multiplicative sensor–controller communication link attack with respect to a class of residual-based detection schemes. The analysis reveals that control system parameters may be selected to aid in attack detection. Specifically, control system parameters, called attack-sensitive parameters, may be selected so that the closed-loop process is stable under attack-free operation and is destabilized by a cyberattack, rendering the attack detectable. With the attack-sensitive parameters, however, the attack-free closed-loop process performance may be worse than that with parameters selected based on standard design criteria. To address the potential trade-off between attack-free closed-loop performance and attack detectability, a novel active attack detection methodology utilizing control system parameter switching is developed. The control system switches between the nominal parameters (selected based on standard design criteria) and the attack-sensitive parameters to improve attack detectionAbstract: Multiplicative cyberattacks manipulating data over the process control system (PCS) communication links are cyberattacks that malicious agents may carry out against PCSs. These attacks are modeled by multiplying the data communicated over the link by a factor, and may be designed to be stealthy without extensive knowledge of process dynamics. The current work characterizes the relationship between the control system parameters, the closed-loop stability, and the detectability of a multiplicative sensor–controller communication link attack with respect to a class of residual-based detection schemes. The analysis reveals that control system parameters may be selected to aid in attack detection. Specifically, control system parameters, called attack-sensitive parameters, may be selected so that the closed-loop process is stable under attack-free operation and is destabilized by a cyberattack, rendering the attack detectable. With the attack-sensitive parameters, however, the attack-free closed-loop process performance may be worse than that with parameters selected based on standard design criteria. To address the potential trade-off between attack-free closed-loop performance and attack detectability, a novel active attack detection methodology utilizing control system parameter switching is developed. The control system switches between the nominal parameters (selected based on standard design criteria) and the attack-sensitive parameters to improve attack detection capabilities while avoiding substantial degradation in the attack-free closed-loop performance. The active detection methodology is applied to an illustrative chemical process example and shown to enhance the attack detection capabilities of two representative residual-based detection schemes. Highlights: Characterization of the relationship between closed-loop stability, control parameters, and detectability of a multiplicative sensor–controller cyberattack. Control-based switching to enhance cyberattack detection capabilities. Application to a chemical process demonstrating the control-based switching for enhancing cyberattack detection capabilities. … (more)
- Is Part Of:
- Journal of process control. Volume 116(2022)
- Journal:
- Journal of process control
- Issue:
- Volume 116(2022)
- Issue Display:
- Volume 116, Issue 2022 (2022)
- Year:
- 2022
- Volume:
- 116
- Issue:
- 2022
- Issue Sort Value:
- 2022-0116-2022-0000
- Page Start:
- 64
- Page End:
- 79
- Publication Date:
- 2022-08
- Subjects:
- Multiplicative cyberattacks -- Active attack detection -- Controller switching -- Process control systems
Process control -- Periodicals
Fabrication -- Contrôle -- Périodiques
Process control
Periodicals
Electronic journals
660.281 - Journal URLs:
- http://www.sciencedirect.com/science/journal/09591524 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.jprocont.2022.05.014 ↗
- Languages:
- English
- ISSNs:
- 0959-1524
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 5042.645000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 22568.xml