7-days of FREE Audio papers, translation & more with Prime
7-days of FREE Prime access
7-days of FREE Audio papers, translation & more with Prime
7-days of FREE Prime access
https://doi.org/10.1080/24725854.2024.2439856
Copy DOIJournal: IISE Transactions | Publication Date: Dec 9, 2024 |
Industrial Control Systems (ICSs) are widely used in critical infrastructures that face various cyberattacks causing physical damage. With the increasing integration of the ICSs and information technology (IT), ensuring the security of ICSs is of paramount importance. In an ICS, cyberattacks exploit vulnerabilities to compromise sensors and controllers, aiming to cause physical damage. Maliciously accessing different components poses varying risks, highlighting the importance of identifying worst-case cyberattacks. This aids in designing effective detection schemes and mitigation strategies. This paper proposes an optimization framework that integrates cyber and physical systems of ICSs to identify the worst-case attack. The framework models cyberattacks with varying resources by 1) maximizing physical impact in terms of time to failure of the physical system, 2) quickly accessing the sensors and controllers in the cyber system while exploiting limited vulnerabilities, 3) avoiding detection in the physical system, and 4) complying with the cyber and physical restrictions. These objectives enable us to model the interactions between the cyber and physical systems jointly and study the critical cyberattacks that cause the highest impact on the physical system under certain resource constraints. Our framework serves as a tool to understand the critical vulnerabilities of an ICS by holistically considering the interactions between cyber and physical systems. It also assesses the robustness of existing detection schemes and mitigation strategies by generating worst-case attack strategies. We illustrate and verify the effectiveness of our proposed method in a numerical and a case study. The results show that a worst-case strategic attacker causes almost 19% further acceleration in the time to failure of the physical system while remaining undetected compared to a random attacker. Moreover, by considering the interactions and interdependencies between cyber and physical systems, our framework identifies worst-case attacks that reveal critical vulnerabilities and deficiencies in existing detection schemes, which can remain hidden when the two layers are analyzed separately.
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.