Cyber-Physical System Security Open Challenges in Smart Water Networks

Abstract

Cyber Physical Systems (CPSs) are at the core of Water 4.0. As water networks are upgraded to Smart Water Networks (SWNs), however, the number of potential entry points for malicious attackers grows. Therefore, there is a pressing need for mitigating the related risks using cyber and physical security frameworks. This pressing need is evidenced by the fact that Cyber-Physical System Security (CPSS) has attracted a lot of research attention in recent years. Examples of reported CPSs attacks are the ransomware attack in the city of Atlanta in March 2018 and the Ukraine attack in December 2015. Bearing this in mind, there are many other attacks that are expected to occur in SWNs such as compromising remote sites, hot pivots, cell-phone WIFI, Stuxnet, etc. [1]. A recent study [2] reported that, every sixty seconds, the cyber-crime costs more than $1.1 million and impacts more than 1,800 people along with affecting infrastructures and the services. SWNs are complex systems consisting of a physical layer of reservoirs, valves, pumps and pipes, among the others. According to the SWAN forum, the other SWN layers are: 1) sensing and control, 2) collection and communication, 3) data management and display and 4) data fusion and analysis. This paper reviews the potential attacks and prevention approaches with focus on each layer of the SWN architecture. The attacks and possible countermeasures are explained and references to relevant literature that has attempted to deal with these issues are provided. Moreover, the impact of these attacks on SWNs is discussed and recommendations for security procedures to be followed by water utilities are proposed.