Active Detection for Resilient Cyber-Physical Systems

2018-10-23T18:17:16Z (GMT) by Sean Weerakkody
Cyber-physical systems (CPS) face tremendous threats in modern society. Indeed their presence in<br>critical infrastructures such as transportation, energy delivery, and health care make such systems a<br>target of malevolent entities while their complexity, connectivity, and heterogeneity offer surfaces<br>for attackers to leverage. One important aim of potential attackers is to remain stealthy. An attacker<br>that avoids detection is able to disrupt CPS for long periods of time, without having to worry about<br>defender interference, allowing an adversary to potentially maximize their impact. Intelligent<br>attackers can leverage their system knowledge, disruption resources, and disclosure resources to<br>impart critical damage to systems, all the while remaining stealthy.<br>In this dissertationwe consider the development of active methods to detect intelligent, powerful,<br>and malicious adversaries in cyber-physical systems. While standard attack detection involves<br>producing intelligent algorithms to process information about a system, active detection involves<br>the intelligent design and modification of the inputs, parameters, and structure of a system in<br>order to impede an adversary’s ability to generate stealthy attacks. This thesis will propose several<br>methods for active detection in cyber-physical systems.<br>We will first consider the design of secret random perturbations at the control input, which we<br>term as physical watermarking. We will evaluate this approach against both replay attacks and<br>model aware adversaries. Next, we will consider how naturally occurring stochastic phenomena<br>in a CPS can be utilized for the purposes of active detection. Specifically, we will evaluate how<br>packet drops at the control input can act as an environmental watermark for the benefit of security.<br>Then, we will consider how changing parameters of the plant itself can be used to thwart otherwise<br>model aware attackers. We term this the moving target approach. Two designs are explored.<br>We will consider a switched system model where parameters of the plant are directly changed.<br>Alternatively, we evaluate an authenticating subsystem model where we use an extended system<br>to detect attacks on the CPS under consideration. The moving target involves online changes to<br>the system. Instead, we can consider robust offline design. In particular, we use structural system theory to analyze and design distributed control systems, which can not be targeted by a class of stealthy attacks. To conclude, motivated by studies in software security, we explore how tools of information flow analysis can be used for the analysis and design of active detection techniques. <br>