(702b) Keynote 2 - Approaches for Active Detection of False Data Injection Attacks Via Process Control System Design

Modern day process control systems (PCSs) may integrate new technologies, including Internet of Things (IoT) and cloud computing into chemical manufacturing facilities to enhance the productivity [1]. Technologies such as IoT may allow malicious actors to side-step information technology-based protections and alter data over PCS communication channels to compromise manufacturing operations using false data injection (FDI) cyberattacks [2]. Design of controller-based approaches for cyberattack detection, identification, and mitigation for the fortification of PCS cybersecurity have received interest in the literature [3], [4].

Cyberattack detection approaches are an important component of PCS cybersecurity fortification and detect an attack based on anomalies in data over PCS communication channels [5]. Broadly, detection approaches may be categorized as: passive detection schemes which monitor for attacks without an external intervention (e.g., [6]) and active detection methods which utilize an external intervention to detect an attack (e.g., [7]). The design of a detection approach may consider the class of FDI attack to be detected (see [10] for an elaborate taxonomy of FDI attacks). Passive detection schemes have been proposed for the detection of multiplicative [9] and additive FDI attacks [7], under which data over the compromised PCS communication channel is altered by the multiplication or addition of a factor, respectively. A passive detection method may fail to detect FDI attacks under which the behavior of the altered PCS data is indistinguishable from its attack-free behavior (e.g., a replay attack under which the real-time process data are replaced with their historic “attack-free” values [7]). To detect attacks that a passive detection scheme fails to detect, an active detection method utilizing an external intervention is used. Several approaches for active detection have been proposed. Examples include, a method using a watermarking signal to detect attacks [7], and a moving target defense under which an auxiliary system with time-varying dynamics is added to the process [8]. However, the influence of controller design on the ability (or lack thereof) of a detection method [9] for the design of an active detection method has not been explored extensively.

In this work, approaches for the design of an active detection method that leverages the influence of controller design on the ability of a detection scheme to detect an attack are presented. The detection of multiplicative and replay FDI attacks is considered. Implementing an external intervention on the attack-free process may induce transients in the process and trigger false alarms in a detection scheme. A reachable set-based detection scheme that guarantees a zero false alarm rate from an external intervention is utilized. Attacks are classified as detectable, undetectable, and potentially detectable based on the ability of the detection scheme to detect them (called attack detectability). The interdependence between controller design, the closed-loop stability of the attacked process, and attack detectability is rigorously analyzed. Leveraging the analysis, approaches for the design of an active detection method that enables attack detection by enhancing attack detectability is presented. The active detection method may use one of two different types of controller design-based interventions. Under the first intervention, a control design parameter switch is implemented to operate the process under the so-called “attack-sensitive” parameters. The attack-sensitive parameters are chosen such that an attack on the process destabilizes it, thereby enabling attack detection. However, attack-sensitive parameters may not exist for all classes of FDI attacks. To guarantee the detection of FDI attacks for which attack-sensitive parameters may not exist (e.g., replay FDI attacks), the second intervention with a setpoint change to induce the so-called “attack-revealing” perturbations in the process may be used. Using either intervention may result in undesirable performance degradation in the process, and a tradeoff between attack detection and performance degradation may exist. Approaches for managing the tradeoff through active detection method design are discussed. Finally, the design and implementation of an appropriate active detection method is demonstrated using simulations of an illustrative process example. The results demonstrate that the detection of multiplicative and replay FDI attacks may be facilitated by an active detection method utilizing an appropriate controller design-based intervention.

References:

[1] IBM., “What is Industry 4.0?”, https://www.ibm.com/topics/industry-4-0. Accessed: 9th June 2024.

[2] Liang, G., Zhao, J., Luo, F., Weller, S.R., and Dong, Z.Y., “A review of false data injection attacks against modern power systems”, IEEE Transactions on Smart Grid, vol. 8(4), pp.1630-1638, 2016.

[3] Mtukushe, N., Onaolapo, A.K., Aluko, A., and Dorrell, D.G., “Review of cyberattack implementation, detection, and mitigation methods in cyber-physical systems”, Energies, vol. 16(13), p.5206, 2023.

[4] Aljundi, I., Rawashdeh, M., Al-Fayoumi, M., Al-Badarneh, A., and Al-Haija, Q.A., “Protecting Critical National Infrastructures: An Overview of Cyberattacks and Countermeasures”, In proceedings of the international conference on WorldS4, Singapore, pp. 295-317, 21-24 August, 2023.

[5] Zhang, D., Wang, Q.G., Feng, G., Shi, Y., and Vasilakos, A.V., “A survey on attack detection, estimation and control of industrial cyber–physical systems”, ISA transactions, vol. 116, pp. 1-16, 2021.

[6] Murguia, C. and Ruths, J., “CUSUM and chi-squared attack detection of compromised sensors”, In proceedings of the 2016 IEEE Conference on Control Applications, pp. 474-480, Buenos Aires, Argentina, Sep. 19 - 22, 2016

[7] Liu, H., Mo, Y., and Johansson, K. H., “Active detection against replay attack: A survey on watermark design for cyber-physical systems,” in Lecture Notes in Control and Information Sciences. Springer, 2021, pp. 145–171.

[8] Babadi, N. and Doustmohammadi, N., “A moving target defence approach for detecting deception attacks on cyber-physical systems,” Computers and Electrical Engineering, vol. 100, p. 107931, 2022.

[9] Narasimhan, S., El-Farra, N. H., and Ellis, M. J., “Detectability-based controller design screening for processes under multiplicative cyberattacks,” AIChE Journal, 68:e17430, 2022.

[10] Reda, H.T., Anwar, A. and Mahmood, A., “Comprehensive survey and taxonomies of false data injection attacks in smart grids: attack models, targets, and impacts”, Renewable and Sustainable Energy Reviews, vol. 163, p.112423, 2022.