Synthesis of Runtime Monitors for Safe and Secure Industrial Systems

Abstract

Industrial control systems (ICS) are cyber-physical systems that implement industrial processes. Their use has expanded from typical industrial environments to the control and management of a wide range of processes, ranging from avionics and traffic management to power grids, transport systems and water management. Today, ICS are employed for management and control of most critical infrastructures. Critical infrastructures are increasingly targeted by attackers; Stuxnet, the Miraj attack and the pre-war attacks on the Ukrainian power grid are a few known examples. Safety in critical infrastructures has become a major concern, because failures can affect economies and services at a large scale, influencing the well-being of large populations and even endangering human life. As security attacks become more prevalent, safety problems become worse. A significant problem in safety and security of critical infrastructures is the development of runtime monitors that detect safety and security incidents. In this talk, we address the problem of synthesis of runtime security monitors for applications of industrial processes. We present an approach that detects computational and false data injection attacks, employing and combining different detection methods, such as verification techniques for computational attacks and fault diagnosis techniques for dynamic systems to detect false data injection attacks. Finally, we present research directions and challenges towards automatically synthesizing effective and efficient monitors.