Skip to main content

Lund University Publications

LUND UNIVERSITY LIBRARIES

Intrusion-damage assessment and mitigation in cyber-physical systems for control applications

Mahfouzi, Rouhollah ; Aminifar, Amir LU orcid ; Eles, Petru ; Peng, Zebo and Villani, Mattias (2016) 24th International Conference on Real-Time Networks and Systems, RTNS 2016 p.141-150
Abstract

With cyber-physical systems opening to the outside world, security can no longer be considered a secondary issue. One of the key aspects in security of cyber-phyiscal systems is to deal with intrusions. In this paper, we highlight the several unique properties of control applications in cyber-physical systems. Using these unique properties, we propose a systematic intrusion-damage assessment and mitigation mechanism for the class of observable and controllable attacks. On the one hand, in cyber-physical systems, the plants follow certain laws of physics and this can be utilized to address the intrusion-damage assessment problem. That is, the states of the controlled plant should follow those expected according to the physics of the... (More)

With cyber-physical systems opening to the outside world, security can no longer be considered a secondary issue. One of the key aspects in security of cyber-phyiscal systems is to deal with intrusions. In this paper, we highlight the several unique properties of control applications in cyber-physical systems. Using these unique properties, we propose a systematic intrusion-damage assessment and mitigation mechanism for the class of observable and controllable attacks. On the one hand, in cyber-physical systems, the plants follow certain laws of physics and this can be utilized to address the intrusion-damage assessment problem. That is, the states of the controlled plant should follow those expected according to the physics of the system and any major discrepancy is potentially an indication of intrusion. Here, we use a machine learning algorithm to capture the normal behavior of the system according to its dynamics. On the other hand, the control performance strongly depends on the amount of allocated resources and this can be used to address the intrusion-damage mitigation problem. That is, the intrusion-damage mitigation is based on the idea of allocating more resources to the control application under attack. This is done using a feedback-based approach including a convex optimization.

(Less)
Please use this url to cite or link to this publication:
author
; ; ; and
publishing date
type
Chapter in Book/Report/Conference proceeding
publication status
published
subject
keywords
Control applications, Intrusion detection, Intrusion mitigation, Resource management, Security of cyber-physical systems
host publication
Proceedings of the 24th International Conference on Real-Time Networks and Systems, RTNS 2016
pages
10 pages
publisher
Association for Computing Machinery (ACM)
conference name
24th International Conference on Real-Time Networks and Systems, RTNS 2016
conference location
Brest, France
conference dates
2016-10-19 - 2016-10-21
external identifiers
  • scopus:84997530322
ISBN
9781450347877
DOI
10.1145/2997465.2997478
language
English
LU publication?
no
additional info
Publisher Copyright: © 2016 ACM.
id
64cd736b-0fcb-40bd-9916-11302d71c94a
date added to LUP
2022-02-05 01:34:14
date last changed
2022-02-19 23:42:19
@inproceedings{64cd736b-0fcb-40bd-9916-11302d71c94a,
  abstract     = {{<p>With cyber-physical systems opening to the outside world, security can no longer be considered a secondary issue. One of the key aspects in security of cyber-phyiscal systems is to deal with intrusions. In this paper, we highlight the several unique properties of control applications in cyber-physical systems. Using these unique properties, we propose a systematic intrusion-damage assessment and mitigation mechanism for the class of observable and controllable attacks. On the one hand, in cyber-physical systems, the plants follow certain laws of physics and this can be utilized to address the intrusion-damage assessment problem. That is, the states of the controlled plant should follow those expected according to the physics of the system and any major discrepancy is potentially an indication of intrusion. Here, we use a machine learning algorithm to capture the normal behavior of the system according to its dynamics. On the other hand, the control performance strongly depends on the amount of allocated resources and this can be used to address the intrusion-damage mitigation problem. That is, the intrusion-damage mitigation is based on the idea of allocating more resources to the control application under attack. This is done using a feedback-based approach including a convex optimization.</p>}},
  author       = {{Mahfouzi, Rouhollah and Aminifar, Amir and Eles, Petru and Peng, Zebo and Villani, Mattias}},
  booktitle    = {{Proceedings of the 24th International Conference on Real-Time Networks and Systems, RTNS 2016}},
  isbn         = {{9781450347877}},
  keywords     = {{Control applications; Intrusion detection; Intrusion mitigation; Resource management; Security of cyber-physical systems}},
  language     = {{eng}},
  month        = {{10}},
  pages        = {{141--150}},
  publisher    = {{Association for Computing Machinery (ACM)}},
  title        = {{Intrusion-damage assessment and mitigation in cyber-physical systems for control applications}},
  url          = {{http://dx.doi.org/10.1145/2997465.2997478}},
  doi          = {{10.1145/2997465.2997478}},
  year         = {{2016}},
}