Please wait a minute...
浙江大学学报(工学版)
JOURNAL OF ZHEJIANG UNIVERSITY (ENGINEERING SCIENCE)
Automatic Technology, Communication Engineering     
Security risks assessment for physical layer of industrial control system based on attack gain
LIANG Yao, FENG Dong qin
Institute of Cyber Systems and Control,State Key Laboratory of Industrial Control Technology, Zhejiang University, Hangzhou 310027, China
Download:   PDF(877KB) HTML
Export: BibTeX | EndNote (RIS)      

Abstract  

Inspired by variable pairing applied in the multiple input and multiple output (MIMO) system, an indicator was raised to measure the sensitivity of each output to different attack inputs under close loop conditions based on relative gain array (RGA), such as close loop attack gain array. Combined with technique for order preference by similarity to ideal solution (TOPSIS), an assessment method  was proposed  to quantitatively analyze security risks in the physical layer of an industrial control system. The attack impact was presented intuitively, the correctness of close loop attack gain array above was verified, and the area related to reflux ratio was found at most risks in the physical layer based on the case study of a rectifying tower testbed. Results show that the proposed assessment method can combine objective attributes of the controlled object more comprehensively, making a quantitative asessment of potential security risks that exist in the physical layer of an industrial control system scientifically and reasonably.

Published: 18 September 2016
CLC:  TP 11  
Service
E-mail this article
Add to my bookshelf
Add to citation manager
E-mail Alert
RSS
Articles by authors
Cite this article:

LIANG Yao, FENG Dong qin. Security risks assessment for physical layer of industrial control system based on attack gain. JOURNAL OF ZHEJIANG UNIVERSITY (ENGINEERING SCIENCE), 2016, 50(3): 589-.

URL:

http://www.zjujournals.com/eng/10.3785/j.issn.1008-973X.2016.03.025     OR     http://www.zjujournals.com/eng/Y2016/V50/I3/589


基于攻击增益的工业控制系统物理层安全风险评估

通过借鉴多输入多输出(MIMO)系统中变量配对的思想,基于相对增益阵列(RGA)设计衡量闭环状态下每个输出对不同攻击输入的敏感程度的指标,即闭环攻击增益矩阵.结合逼近理想解(TOPSIS)法,提出定量分析工业控制系统物理层安全风险的评估方法.通过精馏塔实验平台的案例分析,直观地展现攻击效果,验证闭环攻击增益矩阵的正确性,得出控制回流比的设备区域在该控制系统物理层中安全风险最大.实验结果表明,该评估方法能较全面地结合被控对象的客观属性,科学合理地量化评估工业控制系统物理层中潜在的安全风险.

[1] STOUFFER K, FALCO J, SCARFONE K. Guide to industrial control systems (ICS) security [J]. NIST special publication, 2011,800(82):1-6.
[2] ZHU Q, BASAR T. Game theoretic methods for robustness, security, and resilience of cyberphysical control systems: games in games principle for optimal cross layer resilient control systems [J]. Control Systems, IEEE, 2015, 35(1): 46-65.
[3] TEIXEIRA A, PEREZ D, SANDBERG H, et al. Attack models and scenarios for networked control systems [C] ∥ Proceedings of the 1st international conference on High Confidence Networked Systems. Beijing: ACM, 2012: 55-64.
[4] TURK R J. Cyber incidents involving control systems [R]. Idaho National Engineering and Environmental Laboratory, 2005.
[5] REED T. At the abyss: an insider’s history of the cold war [M]. New York: Presidio Press, 2007.
[6] SLAY J, MILLER M. Lessons learned from the maroochy water breach [M]. Berlin: Springer US, 2007, 253: 73-82.
[7] IGURE V M, LAUGHTER S A, WILLIAMS R D. Security issues in SCADA networks [J]. Computers and Security, 2006, 25(7): 498-506.
[8] OMAN P, SCHWEITZER E, FRINCKE D. Concerns about intrusions into remotely accessible substation controllers and SCADA systems [C]∥Proceedings of the Twenty Seventh Annual Western Protective Relay Conference. Washington:WPRC, 2000, 160.
[9] HALPERIN D, et al. Pacemakers and implantable cardiac defibrillators: Software radio attacks and zero power defenses [C] ∥ Security and Privacy, IEEE Symposium on. California: IEEE, 2008: 129-142.
[10] GREENGARD S. The new face of war [J]. Communications of the ACM, 2010, 53(12): 20-22.
[11] CHEN T. Stuxnet, the real start of cyber warfare?[Editor’s Note] [J]. Network, IEEE, 2010, 24(6): 23.
[12] FIDLER D P. Was stuxnet an act of war? decoding a cyber attack [J]. IEEE Security and Privacy, 2011, 9(4): 56-59.
[13] FUBEERF. The secret of stuxnet [EB/OL]. (2015 08 04). [2015 07 01]. http:∥www.freebuf.com/articles/system/19059.html.
[14] MO Y L, SINOPOLI B. Secure control against replay attacks [C]∥ 47th Annual Allerton Conference on Communication, Control, and Computing. Allerton: IEEE, 2009: 911918.
[15] CRDENAS A A, AMIN S, LIN Z S, et al. Attacks against process control systems: risk assessment, detection, and response [C] ∥Proceedings of the 6th ACM symposium on information, computer and communications security. Hong Kong: ACM, 2011: 355-366.
[16] KWON C, LIU W, HWANG I. Security analysis for cyber physical systems against stealthy deception attacks [C] ∥ American Control Conference (ACC), 2013. Washington: IEEE, 2013: 3344-3349.
[17] TEIXEIRA A, SHAMES I, SANDBERG H, et al. A secure control framework for resource limited adversaries [J]. Automatica, 2015, 51: 135-148.
[18] KHAKZAD N, KHAN F, AMYOTTE P. Safety analysis in process facilities: comparison of fault tree and bayesian network approaches [J]. Reliability Engineering and System Safety, 2011, 96(8): 925-932.
[19] CUI X L, TAN X B, Z Y, et al. A Markov Game theory based risk assessment model for network information system [C] ∥ 2008 International Conference on Computer Science and Software Engineering. Wuhan: IEEE, 2008: 1057-1061.
[20] HAWRYLAK P J, HANEY M, PAPA M, et al. Using hybrid attack graphs to model cyber physical attacks in the smart grid [C]∥Resilient Control Systems (ISRCS) 2012 5th International Symposium on. Utah: IEEE, 2012: 161-164.
[21] ALVARO A, CRDENAS A A, SAURABH A. Research challenges for the security of control systems [C]∥Proceedings of the 3rd Conference on Hot Topics in Security, California: HOTSEC,2008:16.
[22] BRISTOL E. On a new measure of interaction for multivariable process control [J]. IEEE transactions on automatic control, 1966,11(1): 133-134.
[23] HWANG C L, LAI Y J, LIU T Y. A new approach for multiple objective decision making [J]. Computers and Operations Research, 1993, 20(8): 889-899.
[24] HUANG H P, OHSHIMA M, HASHIMOTO I. Dynamic interaction and multiloop control system design [J]. Journal of Process Control, 1994, 4(1): 15-27.
[25] GAGNEPAIN J P, SEBORG D E. Analysis of process interactions with applications to multiloop control system design [J]. Industrial and Engineering Chemistry Process Design and Development, 1982, 21(1): 5-11.
[1] HUANG Jia hui, FENG Dong qin. Method for vulnerability evaluation of Cyberphysical system based on generalized profit[J]. JOURNAL OF ZHEJIANG UNIVERSITY (ENGINEERING SCIENCE), 2016, 50(6): 1119-1125.
[2] XUAN Qi, WU Tie-jun. Network model and heuristic scheduling rule designing method for
complex open shop problems[J]. JOURNAL OF ZHEJIANG UNIVERSITY (ENGINEERING SCIENCE), 2011, 45(6): 961-968.
[3] XUAN Qi, WU Tie-jun. Open shop complex scheduling network model and
characteristic analysis[J]. JOURNAL OF ZHEJIANG UNIVERSITY (ENGINEERING SCIENCE), 2011, 45(4): 589-595.