Search for: All records

In recent years, there has been an increasing need to understand the SCADA networks that oversee our essential infrastructures. While previous studies have focused on networks in a single sector, few have taken a comparative approach across multiple critical infrastructures. This paper dissects operational SCADA networks of three essential services: power grids, gas distribution, and water treatment systems. Our analysis reveals some distinct and shared behaviors of these networks, shedding light on their operation and network configuration. Our findings challenge some of the previous perceptions about the uniformity of SCADA networks and emphasize the need for specialized approaches tailored to each critical infrastructure. With this research, we pave the way for better network characterization for cybersecurity measures and more robust designs in intrusion detection systems. 

Most proposals for securing control systems are heuristic in nature, and while they increase the protection of their target, the security guarantees they provide are unclear. This paper proposes a new way of modeling the security guarantees of a Cyber-Physical System (CPS) against arbitrary false command attacks. As our main case study, we use the most popular testbed for control systems security. We first propose a detailed formal model of this testbed and then show how the original configuration is vulnerable to a single-actuator attack. We then propose modifications to the control system and prove that our modified system is secure against arbitrary, single-actuator attacks. 

Anomaly detection can ensure the operational integrity of control systems by identifying issues such as faulty sensors and false data injection attacks. At the same time, we need privacy to protect personal data and limit the information attackers can get about the operation of a system. However, anomaly detection and privacy can sometimes be at odds, as monitoring the system’s behavior is impeded by data hiding. Cryptographic tools such as garbled circuits and homomorphic encryption can help, but each of these is best suited for certain different types of computation. Control with anomaly detection requires both types of computations so a naive cryptographic implementation might be inefficient. To address these challenges, we propose and implement protocols for privacy-preserving anomaly detection in a linear control system using garbled circuits, homomorphic encryption, and a combination of the two. In doing so, we show how to distribute private computations between the system and the controller to reduce the amount of computation–in particular at the low-power system. Finally, we systematically compare our proposed protocols in terms of precision, computation, and communication costs.