Skip to Secure: Securing Cyber-physical Control Loops with Intentionally Skipped Executions
Sunandan Adhikary, Ipsita Koley, Sumana Ghosh, Saurav Kumar Ghosh, Soumyajit Dey, Debdeep Mukhopadhyay
TL;DR
This work addresses securing cyber-physical systems against stealthy data-injection attacks by introducing intentional control-skipping patterns. It develops a two-step framework: (i) synthesize and rank control-skipping patterns to preserve control performance via an LQR-Distance metric, and (ii) use SMT-based attack-vector synthesis to assess pattern resilience and select attack-resilient schedules, reducing IDS workload. The methodology is instantiated on automotive CPS (VDC and TTC), demonstrating higher attack resilience (larger minimum stealthy attack length) and meaningful CAN bandwidth savings without compromising safety. The results suggest that pattern-based control skipping can enhance security and efficiency in resource-constrained CPS, with practical impact on reducing cryptographic and communication overhead in CAN-based networks.
Abstract
We consider the problem of provably securing a given control loop implementation in the presence of adversarial interventions on data exchange between plant and controller. Such interventions can be thwarted using continuously operating monitoring systems and also cryptographic techniques, both of which consume network and computational resources. We provide a principled approach for intentional skipping of control loop executions which may qualify as a useful control theoretic countermeasure against stealthy attacks which violate message integrity and authenticity. As is evident from our experiments, such a control theoretic counter-measure helps in lowering the cryptographic security measure overhead and resulting resource consumption in Control Area Network (CAN) based automotive CPS without compromising performance and safety.