IICPS 2014 workshop keynote: Computing through failures and cyber attacks: Case for resilient smart power grid

Abstract

Rapid proliferation of cyber physical systems (CPS) in our society makes them an attractive target for miscreants, in particular when CPS monitors and controls physical processes within a critical infrastructure such as power grid or water distribution. By integrating computation and physical processes in a tight control loop, CPS enables rapid response to changes in the controlled environment. However, regardless of how well a system is engineered, it is a matter of time for it to fail and hence, computing through failures and cyber-attacks becomes a norm rather than an exception. This talk first discusses challenges in achieving resilient smart cyber physical systems using examples from: (i) empirical studies on impact of failures/attacks on SCADA (Supervisory Control and Data Acquisition) systems used in power grid and (ii) data on real attacks on a commercial CPS. Then, we use an example of the SCADA deployed in the power grid, where a sophisticated attacker exploits system vulnerabilities and issues malicious control commands to drive remote facilities into an unsecure state without exhibiting any protocol-level anomalies. In order to detect such attacks, methods that combine system knowledge on both cyber and physical infrastructure in the power grid are needed to estimate execution consequences of control commands and thus, to reveal attacker's malicious intentions. We present an example method to address the challenge.