1. Secure Control Systems - A Quantitative Risk Management Approach
Teixeira Andre, Kin Cheong Sou,
Sandberg, H., Johansson, K.H.
IEEE Control Systems Magazine, Feb. 2015
Presented by Kyoungbok Kim

2. INDEX Introduction Networked Control System Adversary Model
Risk Management Framework
For Static & Dynamic System cases
Conclusion

3. Cyber-Physical Systems Integration Group.
01. Introduction
Critical infrastructures must continuously operate safely and reliably, despite a variety of potential system disturbances
Physical systems are often spatially distributed, there is a need for IT infrastructures (e.g., electric power network, intelligent transport systems, industrial processes)
Networked control systems are vulnerable to cyber threats through the use of open communication networks
This article shows some approaches to address cyber security of networked control systems under perspective of risk management (for stealthy deception attacks)
Cyber-Physical Systems Integration Group.

4. 02. Networked Control System Under Attacks
Typical networked control system structure
: Control signal
: Measurement signal
: false data injection of adversary through Comm
An alarm is triggered by anomaly
detector when norm of residue
signal r over time interval [k0, kf]
exceeds a given threshold
Anomaly detector은 residue signal을 계산하는데,
Dynamic model of plant
Cyber-Physical Systems Integration Group.

5. Cyber-Physical Systems Integration Group.
03. Adversary Model in NCSs
Adversary’s goal to force the process state into an unsafe region
Attack should be stealthy, i.e., no alarms
Adversary constrained by limited resources
Stealthy signal is that the magnitude of residue signal is smaller than detection threshold, so that no alarm is triggered
Cyber-Physical Systems Integration Group.

6. Cyber-Physical Systems Integration Group.
03. NCS with Adversary Model
Cyber-Physical Systems Integration Group.

7. Cyber-Physical Systems Integration Group.
03. Attack Space
Cyber-Physical Systems Integration Group.

8. Cyber-Physical Systems Integration Group.
03. Example of Stealthy Deception Attack
Actual residue signal is computed by anomaly detector
Actual residue signal (red) and ideal one (green)
Attack is not detected while adversary succeeds
S는 safe set
Cyber-Physical Systems Integration Group.

9. Cyber-Physical Systems Integration Group.
04. Risk Management Framework
Objective of risk management is assess and minimize
risk of threats
Quantitative methods can be used
<A diagram of risk management cycle>
Cyber-Physical Systems Integration Group.

10. Cyber-Physical Systems Integration Group.
04. Risk Management Framework
Concept of risk is defined as function of threat’s likelihood and threat’s impact to the system
<A risk matrix plot>
Cyber-Physical Systems Integration Group.

11. Cyber-Physical Systems Integration Group.
05. Approach for Static Control Systems
Static system model
: static plant states
: measurement received
: measurement matrix
: measurement data attack
Stealthy attack
The number of nonzero entries of the attack vector means an indicator of likelihood of the success of attack
Security index
-> Quantitative tool but NP-hard problem
Cyber-Physical Systems Integration Group.

12. 05. Security Index for Risk Analysis
IEEE 14-bus benchmark system
Security index
Different colors according to their resilience against stealthy data attack
Cyber-Physical Systems Integration Group.

13. Cyber-Physical Systems Integration Group.
05. Approach for Dynamic Control Systems
Dynamic system model (deception attack [13])
n : system state
x : attack signals
r : residue
Maximum Impact, Minimum-Resource Attack
: Attack impact
: number of resource used in attack
: attack signal
: used resource
if is nonzero
Cyber-Physical Systems Integration Group.

14. 05. Approach for Dynamic Control Systems
Wireless Quadruple-Tank Process
- Plant model [66]
2 actuators and 2 measurements
LQG (Linear-quadratic-Gaussian) Controller
Kalman filter based anomaly detector
Cyber-Physical Systems Integration Group.

15. Cyber-Physical Systems Integration Group.
05. Approach for Dynamic Control Systems
Simulation Results
Minimum phase system – zero와 pole이 Unit circle안에 있는 시스템
Cyber-Physical Systems Integration Group.

16. Cyber-Physical Systems Integration Group.
05. Approach for Dynamic Control Systems
Simulation Results (Non-minimum phase system)
Cyber-Physical Systems Integration Group.

17. Cyber-Physical Systems Integration Group.
06. Conclusions
Networked control systems have vulnerabilities according to the use of IT infrastructures
Quantitative risk management is needed considering threat’s likelihood and impact
Adversary model
Approach for Static system & Dynamic system
Possible to extend this work under noise and uncertain communication channel
Cyber-Physical Systems Integration Group.

18. Thank you!

19. 05. Approach for Static Control Systems
Electric power network and SCADA systems
Focus on active power flows and
active power injection at buses
DC power flow model depends on
voltage phase angles
Linear measurement model
x : vector of voltage phase angles
y : vector of active power flow
Cyber-Physical Systems Integration Group.