Download presentation
Presentation is loading. Please wait.
Published byJohn Lester Modified over 6 years ago
1
Secure Control Systems - A Quantitative Risk Management Approach
Teixeira Andre, Kin Cheong Sou, Sandberg, H., Johansson, K.H. IEEE Control Systems Magazine, Feb. 2015 Presented by Kyoungbok Kim
2
INDEX Introduction Networked Control System Adversary Model
Risk Management Framework For Static & Dynamic System cases Conclusion
3
Cyber-Physical Systems Integration Group.
01. Introduction Critical infrastructures must continuously operate safely and reliably, despite a variety of potential system disturbances Physical systems are often spatially distributed, there is a need for IT infrastructures (e.g., electric power network, intelligent transport systems, industrial processes) Networked control systems are vulnerable to cyber threats through the use of open communication networks This article shows some approaches to address cyber security of networked control systems under perspective of risk management (for stealthy deception attacks) Cyber-Physical Systems Integration Group.
4
02. Networked Control System Under Attacks
Typical networked control system structure : Control signal : Measurement signal : false data injection of adversary through Comm An alarm is triggered by anomaly detector when norm of residue signal r over time interval [k0, kf] exceeds a given threshold Anomaly detector은 residue signal을 계산하는데, Dynamic model of plant Cyber-Physical Systems Integration Group.
5
Cyber-Physical Systems Integration Group.
03. Adversary Model in NCSs Adversary’s goal to force the process state into an unsafe region Attack should be stealthy, i.e., no alarms Adversary constrained by limited resources Stealthy signal is that the magnitude of residue signal is smaller than detection threshold, so that no alarm is triggered Cyber-Physical Systems Integration Group.
6
Cyber-Physical Systems Integration Group.
03. NCS with Adversary Model Cyber-Physical Systems Integration Group.
7
Cyber-Physical Systems Integration Group.
03. Attack Space Cyber-Physical Systems Integration Group.
8
Cyber-Physical Systems Integration Group.
03. Example of Stealthy Deception Attack Actual residue signal is computed by anomaly detector Actual residue signal (red) and ideal one (green) Attack is not detected while adversary succeeds S는 safe set Cyber-Physical Systems Integration Group.
9
Cyber-Physical Systems Integration Group.
04. Risk Management Framework Objective of risk management is assess and minimize risk of threats Quantitative methods can be used <A diagram of risk management cycle> Cyber-Physical Systems Integration Group.
10
Cyber-Physical Systems Integration Group.
04. Risk Management Framework Concept of risk is defined as function of threat’s likelihood and threat’s impact to the system <A risk matrix plot> Cyber-Physical Systems Integration Group.
11
Cyber-Physical Systems Integration Group.
05. Approach for Static Control Systems Static system model : static plant states : measurement received : measurement matrix : measurement data attack Stealthy attack The number of nonzero entries of the attack vector means an indicator of likelihood of the success of attack Security index -> Quantitative tool but NP-hard problem Cyber-Physical Systems Integration Group.
12
05. Security Index for Risk Analysis
IEEE 14-bus benchmark system Security index Different colors according to their resilience against stealthy data attack Cyber-Physical Systems Integration Group.
13
Cyber-Physical Systems Integration Group.
05. Approach for Dynamic Control Systems Dynamic system model (deception attack [13]) n : system state x : attack signals r : residue Maximum Impact, Minimum-Resource Attack : Attack impact : number of resource used in attack : attack signal : used resource if is nonzero Cyber-Physical Systems Integration Group.
14
05. Approach for Dynamic Control Systems
Wireless Quadruple-Tank Process - Plant model [66] 2 actuators and 2 measurements LQG (Linear-quadratic-Gaussian) Controller Kalman filter based anomaly detector Cyber-Physical Systems Integration Group.
15
Cyber-Physical Systems Integration Group.
05. Approach for Dynamic Control Systems Simulation Results Minimum phase system – zero와 pole이 Unit circle안에 있는 시스템 Cyber-Physical Systems Integration Group.
16
Cyber-Physical Systems Integration Group.
05. Approach for Dynamic Control Systems Simulation Results (Non-minimum phase system) Cyber-Physical Systems Integration Group.
17
Cyber-Physical Systems Integration Group.
06. Conclusions Networked control systems have vulnerabilities according to the use of IT infrastructures Quantitative risk management is needed considering threat’s likelihood and impact Adversary model Approach for Static system & Dynamic system Possible to extend this work under noise and uncertain communication channel Cyber-Physical Systems Integration Group.
18
Thank you!
19
05. Approach for Static Control Systems
Electric power network and SCADA systems Focus on active power flows and active power injection at buses DC power flow model depends on voltage phase angles Linear measurement model x : vector of voltage phase angles y : vector of active power flow Cyber-Physical Systems Integration Group.
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.