Cyber-Physical Stress-Testing Platform for Water Distribution Networks

Dionysios Nikolopoulos,Dimitrios Bouziotas,Archontia Lykou,Christos Makropoulos,George Karavokiros,Georgios Moraitis

doi:10.1061/(asce)ee.1943-7870.0001722

Abstract

The water sector is facing emerging challenges, as cyber-physical threats target Supervisory Control and Data Acquisition (SCADA) systems of water utilities. A cyber-physical stress-testing platform is presented in this work, named RISKNOUGHT, which is able to model water distribution networks as cyber-physical systems, simulating the information flow of the cyber layer and the feedback interactions with the physical processes under control. RISKNOUGHT utilizes an EPANET-based solver for the physical process and a customizable network model for the SCADA system, capable of implementing complex control logic schemes within a simulation. The platform enables the development of composite cyber-physical attacks on various elements of the SCADA, including sensors, actuators, and PLCs, assessing the impact they have on the hydraulic response of the distribution network and the level of service. The platform is tested on a proof-of-concept benchmark network with promising results that demonstrate that the platform can form an innovative cyber-physical tool to support strategic planning and risk management.

Highlights

Cyber-physical systems (CPSs) are an integration of physical processes with computational engineered systems (Lee 2008)
A major disadvantage of the networking, communication, and remote control schemes within the critical infrastructures (CIs) of CPSs is their exposure to an expanded attack surface (Rasekh et al 2016), which aside from typical physical attacks includes cyber-attacks [e.g., Denial of Service (DoS) attacks to disrupt communication between components or Structured Query Language (SQL) injection to destroy databases] or combinations in the form of cyber-physical attacks (CPA) (Taormina et al 2017)
The deceptive signal of ST1, leads the control logic of PLC1 to shut down the main pumps PU1 and PU2, and the primary tanks T1 and T2 start to empty, when they are supposed to refill with water

Summary

Introduction

Cyber-physical systems (CPSs) are an integration of physical processes with computational engineered systems (Lee 2008). A major disadvantage of the networking, communication, and remote control schemes within the critical infrastructures (CIs) of CPSs is their exposure to an expanded attack surface (Rasekh et al 2016), which aside from typical physical attacks (e.g., component destruction, sabotage) includes cyber-attacks [e.g., Denial of Service (DoS) attacks to disrupt communication between components or Structured Query Language (SQL) injection to destroy databases] or combinations (e.g., in the case of water CPS, manipulation of quality sensor readings, and deliberate contamination of water sources) in the form of cyber-physical attacks (CPA) (Taormina et al 2017). Attacks are focused on the supervisory control and data acquisition (SCADA) system, which forms part of the cyber layer of the

Results

Discussion

Conclusion