Covert Attacks in Cyber-Physical Control Systems
This addresses security risks in industrial and critical infrastructure control systems, but it is incremental as it builds on existing studies of cyber-physical vulnerabilities.
The paper tackles the vulnerability of networked control systems to cyber threats by proposing a covert attack for service degradation, which is planned using a System Identification attack to gather intelligence. Simulation results show that the joint operation of these attacks can covertly and accurately affect the physical behavior of a system.
The advantages of using communication networks to interconnect controllers and physical plants motivate the increasing number of Networked Control Systems, in industrial and critical infrastructure facilities. However, this integration also exposes such control systems to new threats, typical of the cyber domain. In this context, studies have been conduced, aiming to explore vulnerabilities and propose security solutions for cyber-physical systems. In this paper, it is proposed a covert attack for service degradation, which is planned based on the intelligence gathered by another attack, herein proposed, referred as System Identification attack. The simulation results demonstrate that the joint operation of the two attacks is capable to affect, in a covert and accurate way, the physical behavior of a system.