NOTICE: Due to a lapse in annual appropriations, most of this website is not being updated. Learn more.

Form submissions will still be accepted but will not receive responses at this time. Sections of this site for programs using non-appropriated funds (such as NVLAP) or those that are excepted from the shutdown (such as CHIPS and NVD) will continue to be updated.

U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

PUBLICATIONS

Survey and New Directions for Physics-Based Attack Detection in Control Systems

Published

Author(s)

David Urbina, Jairo Giraldo, Alvaro Cardenas, Junia Valente, Mustafa Faisal, Niles O. Tippenhauer, Justin Ruths, Rick Candell, Heinrik Sandberg

Abstract

Monitoring the "physics" of control systems to detect attacks is a growing area of research. In its basic form a security monitor creates time-series models of sensor readings for an industrial control system and identifies anomalies in these measurements in order to identify potentially false control commands or false sensor readings. In this paper, we review previous work based on a unified taxonomy that allows us to identify limitations, unexplored challenges, and new solutions. In particular, we propose a new adversary model and a way to compare previous work with a new valuation metric based on the trade-off between false alarms and the negative impact of undetected attacks. We also show the advantages and disadvantages of three experimental scenarios to test the performance of attacks and defenses: a) real-world network data captured from a largescale operational facility, b) a fully-functional testbed that can be used operationally for water treatment, and c) a simulation of frequency control in the power grid.
Citation
Grant/Contract Reports (NISTGCR) - 16-010
Report Number
16-010
NIST Pub Series
Grant/Contract Reports (NISTGCR)
Pub Type
NIST Pubs

Download Paper

https://doi.org/10.6028/NIST.GCR.16-010
Local Download

Keywords

cybersecurity, smart grid, manufacturing, industrial control systems
Manufacturing and Cybersecurity and privacy

Citation

Urbina, D. , Giraldo, J. , Cardenas, A. , Valente, J. , Faisal, M. , Tippenhauer, N. , Ruths, J. , Candell, R. and Sandberg, H. (2016), Survey and New Directions for Physics-Based Attack Detection in Control Systems, Grant/Contract Reports (NISTGCR), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.GCR.16-010, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=919827 (Accessed October 13, 2025)

Issues

If you have any questions about this publication or are having problems accessing it, please contact [email protected].

Created November 20, 2016, Updated October 12, 2021
Was this page helpful?