Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Survey and New Directions for Physics-Based Attack Detection in Control Systems

Published

Author(s)

David Urbina, Jairo Giraldo, Alvaro Cardenas, Junia Valente, Mustafa Faisal, Niles O. Tippenhauer, Justin Ruths, Rick Candell, Heinrik Sandberg

Abstract

Monitoring the "physics" of control systems to detect attacks is a growing area of research. In its basic form a security monitor creates time-series models of sensor readings for an industrial control system and identifies anomalies in these measurements in order to identify potentially false control commands or false sensor readings. In this paper, we review previous work based on a unified taxonomy that allows us to identify limitations, unexplored challenges, and new solutions. In particular, we propose a new adversary model and a way to compare previous work with a new valuation metric based on the trade-off between false alarms and the negative impact of undetected attacks. We also show the advantages and disadvantages of three experimental scenarios to test the performance of attacks and defenses: a) real-world network data captured from a largescale operational facility, b) a fully-functional testbed that can be used operationally for water treatment, and c) a simulation of frequency control in the power grid.
Citation
Grant/Contract Reports (NISTGCR) - 16-010
Report Number
16-010

Keywords

cybersecurity, smart grid, manufacturing, industrial control systems

Citation

Urbina, D. , Giraldo, J. , Cardenas, A. , Valente, J. , Faisal, M. , Tippenhauer, N. , Ruths, J. , Candell, R. and Sandberg, H. (2016), Survey and New Directions for Physics-Based Attack Detection in Control Systems, Grant/Contract Reports (NISTGCR), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.GCR.16-010, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=919827 (Accessed October 11, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created November 20, 2016, Updated October 12, 2021