Search for: All records

Most proposals for securing control systems are heuristic in nature, and while they increase the protection of their target, the security guarantees they provide are unclear. This paper proposes a new way of modeling the security guarantees of a Cyber-Physical System (CPS) against arbitrary false command attacks. As our main case study, we use the most popular testbed for control systems security. We first propose a detailed formal model of this testbed and then show how the original configuration is vulnerable to a single-actuator attack. We then propose modifications to the control system and prove that our modified system is secure against arbitrary, single-actuator attacks. 

Anomaly detection can ensure the operational integrity of control systems by identifying issues such as faulty sensors and false data injection attacks. At the same time, we need privacy to protect personal data and limit the information attackers can get about the operation of a system. However, anomaly detection and privacy can sometimes be at odds, as monitoring the system’s behavior is impeded by data hiding. Cryptographic tools such as garbled circuits and homomorphic encryption can help, but each of these is best suited for certain different types of computation. Control with anomaly detection requires both types of computations so a naive cryptographic implementation might be inefficient. To address these challenges, we propose and implement protocols for privacy-preserving anomaly detection in a linear control system using garbled circuits, homomorphic encryption, and a combination of the two. In doing so, we show how to distribute private computations between the system and the controller to reduce the amount of computation–in particular at the low-power system. Finally, we systematically compare our proposed protocols in terms of precision, computation, and communication costs.