Cybersecurity for Control Systems: A Process-Aware Perspective

摘要

Modern industrial control systems and other complex cyber-physical systems such as smart grid, unmanned vehicles, manufacturing plants, chemical plants, and nuclear reactors are complex interconnected systems with extensive cyber and physical components, necessitating robust cyber-security techniques. These systems are complex interconnected combinations of heterogeneous hardware and software components and include sensors, actuators, physical systems and processes being controlled or monitored, computational nodes, communication protocols, and controllers. Besides computing/communicationsetworking based cyber-attacks, CPS are vulnerable to process-aware attacks that aim to disrupt the proper functioning or hamper performance, efficiency, stability, and safety of the physical systems/processes of the CPS. By modifying the information flow or the computational behavior of the system, process-aware attacks can disrupt the functioning the CPS to thereby hamper the performance or stability of the overall system or its components. Increasing network connectivity of the computational nodes of a CPS facilitates the maintenance and on-demand reprogrammability of computational nodes, greatly reducing the operator workload. However, this increasing connectivity raises the potential for cyber-attacks that attempt unauthorized modifications of the run-time parameters or control logic in the computational nodes. Hence, to improve the assurance of CPS, it is vital to develop effective real-time attack monitoring and threat mitigation mechanisms.