The More the Merrier: Adding Hidden Measurements for Anomaly Detection and Mitigation in Industrial Control Systems

pdf
Industrial Control Systems (ICS) collect information from a variety of sensors throughout the process, and then use that information to control some physical components. Control engineers usually have to pick which measurements they are going to use and then they purchase sensors to take these measurements. However, in most cases they only need a small subset of all possible measure-ments that can be used. Economic and efficiency reasons motivate engineers to use only a small number of sensors for controlling a system; however, as attacks against industrial systems continue to increase, we need to study a systematic way to add sensors to the system to identify potentially malicious attacks.

We propose the addition of hidden sensor measurements to a system to improve its security. Hidden sensor measurements are by our definition mea-surements that were not considered in the original design of the system, and are not used for any operational reason. We only add them to improve the security of the system and using them in anom-aly detection and mitigation. We show the addition of these new, independent, but correlated measurements to the system makes it harder for adversaries to launch false-data injection stealthy attacks and, even if they do, it is possible to limit the impact caused by those attacks. When an attack is detected, we replace the compromised sensor measurements with estimated ones from the new sensors improving the risky open-loop simulations proposed by previous work.

Alvaro A. Cardenas is an Associate Professor of Computer Science and Engineering at the University of California, Santa Cruz. Before this, he was the Eugene McDermott Associate Professor of Computer Science at the University of Texas at Dallas. He was also a postdoctoral scholar at the University of California, Berkeley, and a research staff at Fujitsu Laboratories. He holds M.S. and Ph.D. degrees from the University of Maryland, College Park and a B.S. from Universidad de Los Andes. His research interests focus on cyber-physical systems and IoT security and privacy. He is the recipient of the NSF CAREER award, the 2018 faculty excellence in research award from the Erik Johnson School of Engineering and Computer Science, the Eugene McDermott Fellow Endowed Chair at the University of Texas at Dallas, and he is the receipient of best paper awards from the IEEE Smart Grid Communications Conference and the U.S. Army Research Conference, and a finalist of the CSAW competition in Israel.

Tags:
License: CC-2.5
Submitted by Alvaro Cardenas on