Visible to the public Trust-Based Framework for Resilience to Sensor-Targeted Attacks in Cyber-Physical Systems

TitleTrust-Based Framework for Resilience to Sensor-Targeted Attacks in Cyber-Physical Systems
Publication TypeConference Paper
Year of Publication2018
AuthorsSeverson, T., Rodriguez-Seda, E., Kiriakidis, K., Croteau, B., Krishnankutty, D., Robucci, R., Patel, C., Banerjee, N.
Conference Name2018 Annual American Control Conference (ACC)
Date Publishedjun
Keywordsclosed loop systems, closed-loop control, Collaboration, communication infrastructure, compromised sensors, computer network security, cyber-physical plants, Cyber-physical systems, entire plant, false data injections, false trust, far-flung locations, feedback, feedback signal, interconnected processes, local data, local process, malicious agents, Measurement, Monitoring, multisensor networked physical experiment, networked control systems, Observers, policy-based governance, primary sensor, process control, process state, pubcrawl, resilience, Resiliency, Safety, Scalability, security, sensor-targeted attacks, Sensors, Silicon, stability, standard protocols, state estimates, state estimation, trust-based framework, Trusted Computing, weighted consensus, Wireless sensor networks

Networked control systems improve the efficiency of cyber-physical plants both functionally, by the availability of data generated even in far-flung locations, and operationally, by the adoption of standard protocols. A side-effect, however, is that now the safety and stability of a local process and, in turn, of the entire plant are more vulnerable to malicious agents. Leveraging the communication infrastructure, the authors here present the design of networked control systems with built-in resilience. Specifically, the paper addresses attacks known as false data injections that originate within compromised sensors. In the proposed framework for closed-loop control, the feedback signal is constructed by weighted consensus of estimates of the process state gathered from other interconnected processes. Observers are introduced to generate the state estimates from the local data. Side-channel monitors are attached to each primary sensor in order to assess proper code execution. These monitors provide estimates of the trust assigned to each observer output and, more importantly, independent of it; these estimates serve as weights in the consensus algorithm. The authors tested the concept on a multi-sensor networked physical experiment with six primary sensors. The weighted consensus was demonstrated to yield a feedback signal within specified accuracy even if four of the six primary sensors were injecting false data.

Citation Keyseverson_trust-based_2018