University of Limerick
Browse
Azzam_2021_Grounds.pdf (9.51 MB)

Grounds for suspicion: physics-based early warnings for stealthy attacks on industrial control systems

Download (9.51 MB)
conference contribution
posted on 2022-01-31, 14:37 authored by Mazen Azzam, Liliana Pasquale, Gregory Provan, Bashar Nuseibeh
Stealthy attacks on Industrial Control Systems can cause significant damage while evading detection. In this paper, instead of focusing on the detection of stealthy attacks, we aim to provide early warnings to operators, in order to avoid physical damage and preserve in advance data that may serve as an evidence during an investigation. We propose a framework to provide grounds for suspicion, i.e. preliminary indicators reflecting the likelihood of success of a stealthy attack. We propose two grounds for suspicion based on the behaviour of the physical process: (i) feasibility of a stealthy attack, and (ii) proximity to unsafe operating regions. We propose a metric to measure grounds for suspicion in real-time and provide soundness principles to ensure that such a metric is consistent with the grounds for suspicion. We apply our framework to Linear Time-Invariant (LTI) systems and formulate the suspicion metric computation as a real-time reachability problem. We validate our framework on a case study involving the benchmark Tennessee-Eastman process. We show through numerical simulation that we can provide early warnings well before a potential stealthy attack can cause damage, while incurring minimal load on the network. Finally, we apply our framework on a use case to illustrate its usefulness in supporting early evidence collection.

Funding

Development of theoretical and experimental criteria for predicting the wear resistance of austenitic steels and nanostructured coatings based on a hard alloy under conditions of erosion-corrosion wear

Russian Foundation for Basic Research

Find out more...

History

Publication

IEEE Transactions on Dependable and Secure Computing;

Publisher

IEEE Computer Society

Note

peer-reviewed

Other Funding information

SFI

Language

English

Usage metrics

    University of Limerick

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC