Please wait a minute...
浙江大学学报(工学版)
浙江大学学报(工学版)
自动化技术、通信工程     
基于攻击增益的工业控制系统物理层安全风险评估
梁耀,冯冬芹
浙江大学 智能系统与控制研究所 工业控制技术国家重点实验室,浙江 杭州 310027
Security risks assessment for physical layer of industrial control system based on attack gain
LIANG Yao, FENG Dong qin
Institute of Cyber Systems and Control,State Key Laboratory of Industrial Control Technology, Zhejiang University, Hangzhou 310027, China
 全文: PDF(877 KB)   HTML
摘要:

通过借鉴多输入多输出(MIMO)系统中变量配对的思想,基于相对增益阵列(RGA)设计衡量闭环状态下每个输出对不同攻击输入的敏感程度的指标,即闭环攻击增益矩阵.结合逼近理想解(TOPSIS)法,提出定量分析工业控制系统物理层安全风险的评估方法.通过精馏塔实验平台的案例分析,直观地展现攻击效果,验证闭环攻击增益矩阵的正确性,得出控制回流比的设备区域在该控制系统物理层中安全风险最大.实验结果表明,该评估方法能较全面地结合被控对象的客观属性,科学合理地量化评估工业控制系统物理层中潜在的安全风险.
Abstract:

Inspired by variable pairing applied in the multiple input and multiple output (MIMO) system, an indicator was raised to measure the sensitivity of each output to different attack inputs under close loop conditions based on relative gain array (RGA), such as close loop attack gain array. Combined with technique for order preference by similarity to ideal solution (TOPSIS), an assessment method  was proposed  to quantitatively analyze security risks in the physical layer of an industrial control system. The attack impact was presented intuitively, the correctness of close loop attack gain array above was verified, and the area related to reflux ratio was found at most risks in the physical layer based on the case study of a rectifying tower testbed. Results show that the proposed assessment method can combine objective attributes of the controlled object more comprehensively, making a quantitative asessment of potential security risks that exist in the physical layer of an industrial control system scientifically and reasonably.
出版日期: 2016-09-18
:  TP 11  
基金资助:

国家自然科学基金资助项目(61223004);工业控制系统安全脆弱性分析与建模的理论与应用研究.
通讯作者: 冯冬芹,男,教授,博导,ORCID:0000 0002 3034 0933.      E-mail: dqfeng@iipc.zju.edu.cn
作者简介: 梁耀(1993-),男,硕士生,从事工业控制系统安全分析研究,ORCID:0000 0002 5505 0633.E-mail:liangyaoxp@zju.edu.cn
服务  
把本文推荐给朋友
加入引用管理器
E-mail Alert
RSS
作者相关文章  

引用本文:

梁耀,冯冬芹. 基于攻击增益的工业控制系统物理层安全风险评估[J]. 浙江大学学报(工学版), 10.3785/j.issn.1008-973X.2016.03.025.

LIANG Yao, FENG Dong qin. Security risks assessment for physical layer of industrial control system based on attack gain. JOURNAL OF ZHEJIANG UNIVERSITY (ENGINEERING SCIENCE), 10.3785/j.issn.1008-973X.2016.03.025.

链接本文:

http://www.zjujournals.com/eng/CN/10.3785/j.issn.1008-973X.2016.03.025        http://www.zjujournals.com/eng/CN/Y2016/V50/I3/589

[1] STOUFFER K, FALCO J, SCARFONE K. Guide to industrial control systems (ICS) security [J]. NIST special publication, 2011,800(82):1-6.
[2] ZHU Q, BASAR T. Game theoretic methods for robustness, security, and resilience of cyberphysical control systems: games in games principle for optimal cross layer resilient control systems [J]. Control Systems, IEEE, 2015, 35(1): 46-65.
[3] TEIXEIRA A, PEREZ D, SANDBERG H, et al. Attack models and scenarios for networked control systems [C] ∥ Proceedings of the 1st international conference on High Confidence Networked Systems. Beijing: ACM, 2012: 55-64.
[4] TURK R J. Cyber incidents involving control systems [R]. Idaho National Engineering and Environmental Laboratory, 2005.
[5] REED T. At the abyss: an insider’s history of the cold war [M]. New York: Presidio Press, 2007.
[6] SLAY J, MILLER M. Lessons learned from the maroochy water breach [M]. Berlin: Springer US, 2007, 253: 73-82.
[7] IGURE V M, LAUGHTER S A, WILLIAMS R D. Security issues in SCADA networks [J]. Computers and Security, 2006, 25(7): 498-506.
[8] OMAN P, SCHWEITZER E, FRINCKE D. Concerns about intrusions into remotely accessible substation controllers and SCADA systems [C]∥Proceedings of the Twenty Seventh Annual Western Protective Relay Conference. Washington:WPRC, 2000, 160.
[9] HALPERIN D, et al. Pacemakers and implantable cardiac defibrillators: Software radio attacks and zero power defenses [C] ∥ Security and Privacy, IEEE Symposium on. California: IEEE, 2008: 129-142.
[10] GREENGARD S. The new face of war [J]. Communications of the ACM, 2010, 53(12): 20-22.
[11] CHEN T. Stuxnet, the real start of cyber warfare?[Editor’s Note] [J]. Network, IEEE, 2010, 24(6): 23.
[12] FIDLER D P. Was stuxnet an act of war? decoding a cyber attack [J]. IEEE Security and Privacy, 2011, 9(4): 56-59.
[13] FUBEERF. The secret of stuxnet [EB/OL]. (2015 08 04). [2015 07 01]. http:∥www.freebuf.com/articles/system/19059.html.
[14] MO Y L, SINOPOLI B. Secure control against replay attacks [C]∥ 47th Annual Allerton Conference on Communication, Control, and Computing. Allerton: IEEE, 2009: 911918.
[15] CRDENAS A A, AMIN S, LIN Z S, et al. Attacks against process control systems: risk assessment, detection, and response [C] ∥Proceedings of the 6th ACM symposium on information, computer and communications security. Hong Kong: ACM, 2011: 355-366.
[16] KWON C, LIU W, HWANG I. Security analysis for cyber physical systems against stealthy deception attacks [C] ∥ American Control Conference (ACC), 2013. Washington: IEEE, 2013: 3344-3349.
[17] TEIXEIRA A, SHAMES I, SANDBERG H, et al. A secure control framework for resource limited adversaries [J]. Automatica, 2015, 51: 135-148.
[18] KHAKZAD N, KHAN F, AMYOTTE P. Safety analysis in process facilities: comparison of fault tree and bayesian network approaches [J]. Reliability Engineering and System Safety, 2011, 96(8): 925-932.
[19] CUI X L, TAN X B, Z Y, et al. A Markov Game theory based risk assessment model for network information system [C] ∥ 2008 International Conference on Computer Science and Software Engineering. Wuhan: IEEE, 2008: 1057-1061.
[20] HAWRYLAK P J, HANEY M, PAPA M, et al. Using hybrid attack graphs to model cyber physical attacks in the smart grid [C]∥Resilient Control Systems (ISRCS) 2012 5th International Symposium on. Utah: IEEE, 2012: 161-164.
[21] ALVARO A, CRDENAS A A, SAURABH A. Research challenges for the security of control systems [C]∥Proceedings of the 3rd Conference on Hot Topics in Security, California: HOTSEC,2008:16.
[22] BRISTOL E. On a new measure of interaction for multivariable process control [J]. IEEE transactions on automatic control, 1966,11(1): 133-134.
[23] HWANG C L, LAI Y J, LIU T Y. A new approach for multiple objective decision making [J]. Computers and Operations Research, 1993, 20(8): 889-899.
[24] HUANG H P, OHSHIMA M, HASHIMOTO I. Dynamic interaction and multiloop control system design [J]. Journal of Process Control, 1994, 4(1): 15-27.
[25] GAGNEPAIN J P, SEBORG D E. Analysis of process interactions with applications to multiloop control system design [J]. Industrial and Engineering Chemistry Process Design and Development, 1982, 21(1): 5-11.
[1] 黄家辉, 冯冬芹. 广义收益信息物理系统脆弱性评估方法[J]. 浙江大学学报(工学版), 2016, 50(6): 1119-1125.
[2] 宣琦, 吴铁军. 复杂open shop问题的网络模型及
调度规则设计[J]. J4, 2011, 45(6): 961-968.
[3] 宣琦, 吴铁军. Open shop复杂调度网络模型及特征分析[J]. J4, 2011, 45(4): 589-595.