Vulnerability Analysis of Cyber-Physical Systems
Cyber-physical systems (CPS) consist of computing and physical components, such as sensors, actuators, and processors, and these components communicate through network to control and monitor the physical processes. Although many cyber-physical systems (CPS) operate in safety critical scenarios and the heterogeneous component connectivity provides numerous possible points of attack, most of existing systems are only weakly protected by legacy components, such as intrusion detectors. On the other hand, security-aware resource allocation can significantly reduce the security-related overhead and thus system cost; where the idea is to focus on protecting the critical system components and communication links, which if compromised could significantly degrade system performance. Yet, to achieve this, we need methods to analyze system vulnerability, in terms of performance degradation under attack, for different types of attacks especially the ones that are potentially stealthy to the deployed intrusion detection mechanisms. In this dissertation, we analyze the vulnerability cyber-physical systems modeled by a control system to adversarial attacks. The contribution of the thesis is fivefold. First, the vulnerability of systems with linear time invariant (LTI) model subject to bounded noise is analyzed. For such systems, we also show how performance guarantees can be achieved when the system is equipped to intermittent data authentication. Second, for a nonlinear dynamical system equipped with extended Kalman filter and Chi-square ID, we leverage machine learning methods and develop learning-enabled attack generators capable of designing stealthy attacks that maximally degrade system operation. We show how such problem can be cast within a learning-based grey-box framework where only parts of the run-time information are known to the attacker. Third, we study performance of perception-based cyber-physical systems in the presence of attacks and provide methods for modeling and analysis of their vulnerability to stealthy attacks on both physical and perception-based sensing. Here, we define the notion stealthiness which is independent of the deployed ID and we provide the condition for which the system will be vulnerable to such stealthy yet impactful attacks. Fourth, we focus on analyzing vulnerability of general nonlinear dynamical control systems to stealthy false data injection attack on sensors. We use a similar notion of stealthiness as in the third contribution where the attack is considered to be stealthy if it undetected from any existing ID. We show that even for such strong notion of stealthiness, there are a large class of systems that are vulnerable to these stealthy effective attacks. Finally, we consider stealthy perception-based attacks on unmanned aerial vehicles. Specifically, we introduce a method to consistently attack both the sensor measurements and camera images over time, in order to cause control performance degradation (e.g., by failing the mission) while remaining stealthy (i.e., undetected by the deployed anomaly detector). We show that stealthy, yet effective attacks can be designed by changing images of the ground vehicle’s landing markers as well as suitably falsifying sensing data. We illustrate the effectiveness of our attacks in Gazebo 3D robotics simulator.
attack resilient control systems
Stealthy attacks on control systems
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 United States License.
Rights for Collection: Duke Dissertations
Works are deposited here by their authors, and represent their research and opinions, not that of Duke University. Some materials and descriptions may include offensive content. More info
Showing items related by title, author, creator, and subject.
Ivanov, R.; Pajic, M; Lee, I. (ACM Transactions on Embedded Computing Systems, 2016-02-01)© 2016 ACM.This article focuses on the design of safe and attack-resilient Cyber-Physical Systems (CPS) equipped with multiple sensors measuring the same physical variable. A malicious attacker may be able to disrupt system ...
Chakrabarty, K; Liang, Tung-Che; Shayan, Mohammed; Karri, Ramesh (2018)Digital microfluidic biochips (DMFBs) have emerged as a promising platform for DNA sequencing, clinical chemistry, and point-of-care diagnostics. Recent research has shown that DMFBs are susceptible to various types of malicious ...
Pajic, M; Weimer, J; Bezzo, N; Tabuada, P; Sokolsky, O; Lee, Insup; Pappas, GJ (2014 ACM/IEEE International Conference on Cyber-Physical Systems, ICCPS 2014, 2014-01-01)The interaction between information technology and phys ical world makes Cyber-Physical Systems (CPS) vulnerable to malicious attacks beyond the standard cyber attacks. This has motivated the need for attack-resilient state ...