A Survey on Network Security for Cyber–Physical Systems: From Threats to Resilient Design

Abstract

Cyber-physical systems (CPS) are considered the integration of physical systems in the real world and control software in computing systems. In CPS, the real world and the computing systems are connected through networks with real-time information exchange. The introduction of networking technologies in CPS has substantial advantages in terms of system efficiency, scalability, maintenance, and many more. However, CPS are vulnerable to malicious attackers intruding on the network. The attackers aim to destroy the physical systems with cyber-physical attacks, in which the main objective is to remotely cause malfunctions in physical systems through networks. Therefore, extensive research on cyber-physical security has been conducted to detect cyber-physical attacks and guarantee the stability of the physical systems under cyber-physical attacks. In this survey, we conduct an exhaustive review of the literature on threats to CPS and on resilient CPS design strategies. First, we discuss the structure of CPS, considering physical dynamics, computing systems, and networks. Then, we provide a taxonomy of cyber-physical attacks with three properties (attack space, attack location, and stealthiness). These three attributes represent the requirements for the implementation of cyber-physical attacks. We review existing studies on anomaly-detection strategies against cyber-physical attacks in terms of physics, networks, and machine learning techniques. Moreover, we analyze the impact of typical cyber-physical attacks and the constraints on attack implementations. In particular, for each of the well-established cyber-physical attacks, we present numerical examples that clearly illustrate the time responses of the physical systems with a conventional physics-based anomaly detector. We also review advances in the typical cyber-physical attacks and the detection methods for these attacks. Furthermore, we review resilient CPS designs in the context of control theory, network management, and data-driven technologies. We conclude the survey by identifying future research directions.