Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Combining Switching Mechanism with Re-Initialization and Anomaly Detection for Resiliency of Cyber-Physical Systems

Hao Fu, Prashanth Krishnamurthy, Farshad Khorrami

TL;DR

This work proposes a multi-controller switching strategy with periodic re-initialization to remove attacks, and is shown to be still effective even if the anomaly detector fails to detect (stealthy) attacks.

Abstract

Cyber-physical systems (CPS) play a pivotal role in numerous critical real-world applications that have stringent requirements for safety. To enhance the CPS resiliency against attacks, redundancy can be integrated in real-time controller implementations by designing strategies that switch among multiple controllers. However, existing switching strategies typically overlook remediation measures for compromised controllers, opting instead to simply exclude them. Such a solution reduces the CPS redundancy since only a subset of controllers are used. To address this gap, this work proposes a multi-controller switching strategy with periodic re-initialization to remove attacks. Controllers that finish re-initialization can be reused by the switching strategy, preserving the CPS redundancy and resiliency. The proposed switching strategy is designed to ensure that at each switching moment, a controller that has just completed re-initialization is available, minimizing the likelihood of compromise. Additionally, the controller's working period decreases with the number of involved controllers, reducing the controller's exposure time to attacks. An anomaly detector is used to detect CPS attacks during the controller's working period. Upon alarm activation, the current control signal is set to a predefined value, and a switch to an alternative controller occurs at the earliest switching moment. Our switching strategy is shown to be still effective even if the anomaly detector fails to detect (stealthy) attacks.

Combining Switching Mechanism with Re-Initialization and Anomaly Detection for Resiliency of Cyber-Physical Systems

TL;DR

This work proposes a multi-controller switching strategy with periodic re-initialization to remove attacks, and is shown to be still effective even if the anomaly detector fails to detect (stealthy) attacks.

Abstract

Cyber-physical systems (CPS) play a pivotal role in numerous critical real-world applications that have stringent requirements for safety. To enhance the CPS resiliency against attacks, redundancy can be integrated in real-time controller implementations by designing strategies that switch among multiple controllers. However, existing switching strategies typically overlook remediation measures for compromised controllers, opting instead to simply exclude them. Such a solution reduces the CPS redundancy since only a subset of controllers are used. To address this gap, this work proposes a multi-controller switching strategy with periodic re-initialization to remove attacks. Controllers that finish re-initialization can be reused by the switching strategy, preserving the CPS redundancy and resiliency. The proposed switching strategy is designed to ensure that at each switching moment, a controller that has just completed re-initialization is available, minimizing the likelihood of compromise. Additionally, the controller's working period decreases with the number of involved controllers, reducing the controller's exposure time to attacks. An anomaly detector is used to detect CPS attacks during the controller's working period. Upon alarm activation, the current control signal is set to a predefined value, and a switch to an alternative controller occurs at the earliest switching moment. Our switching strategy is shown to be still effective even if the anomaly detector fails to detect (stealthy) attacks.
Paper Structure (15 sections, 40 equations, 15 figures, 1 algorithm)

This paper contains 15 sections, 40 equations, 15 figures, 1 algorithm.

Table of Contents

  1. Introduction
  2. CPS, Attack, and Defense Models
  3. The CPS Dynamics and Its Assumptions
  4. The Adversary and Attack Model
  5. The Defender and Attack-Defense Model
  6. The Proposed Switching Strategy
  7. Analysis of the Attacks and Defenses
  8. Performance of the Defense in Fig. \ref{['fig:a-d-model']}
  9. Performance of the Defense in Fig. \ref{['fig:rcp']}
  10. Performance of Alg. \ref{['alg:RRS2']}
  11. Unbounded Re-Initialization Period
  12. Simulation Studies
  13. Example of A Third-Order System
  14. Example of A SMIB System
  15. Conclusion

Figures (15)

  • Figure 1: Structure of cyber-physical systems. OT: operational technology. IT: information technology.
  • Figure 2: Illustration of how each component of our defense strategy compensates for the limitations of the others. 1: Compromised controllers are re-initialized to remove attacks and then reintroduced into the switching rotation. 2: The switching strategy ensures that the control law is in effect, even when the current controller undergoes re-initialization. 3: The anomaly detector alerts the switching strategy to initiate protective measures. 4: Stealthy attacks that evade the anomaly detector are removed through re-initialization.
  • Figure 3: Our approach combines the re-initialization, anomaly detection, and switching defense for the CPS resiliency.
  • Figure 4: The sequence of events under the re-initialization defense. $t_a=\min\{t_a^\prime, T_0-t_c\}$. White: The CPS works normally. Dark: The CPS attack successfully compromises the controller. Dark gray: The controller is being re-initialized. Shallow gray: The CPS is authenticating the controller.
  • Figure 5: Combining re-initialization with anomaly detection.
  • ...and 10 more figures

Theorems & Definitions (9)

  • Remark 2.1
  • Example 1
  • Example 2
  • Remark 2.2
  • Remark 4.1
  • Remark 4.2
  • Remark 4.3
  • Remark 4.4
  • Remark 4.5