Quantifying Control Performance Loss for a Least Significant Bits Authentication Scheme
This work addresses security for legacy industrial control systems, which is critical for protecting infrastructure, but it is incremental as it builds on existing authentication methods with specific adaptations.
The authors tackled the problem of securing legacy industrial control systems against cyberattacks by proposing a least significant bits authentication scheme that maintains compatibility and availability, and they quantified the resulting control performance loss with concrete numbers for fixed-point and floating-point architectures.
Industrial control systems (ICSs) often consist of many legacy devices, which were designed without security requirements in mind. With the increase in cyberattacks targeting critical infrastructure, there is a growing urgency to develop legacy-compatible security solutions tailored to the specific needs and constraints of real-time control systems. We propose a least significant bits (LSBs) coding scheme providing message authenticity and integrity, which is compatible with legacy devices and never compromises availability. The scheme comes with provable security guarantees, and we provide a simple yet effective method to deal with synchronization issues due to packet dropouts. Furthermore, we quantify the control performance loss for both a fixed-point and floating-point quantization architecture when using the proposed coding scheme. We demonstrate its effectiveness in detecting cyberattacks, as well as the impact on control performance, on a hydro power turbine control system.