Understanding the physical and economic consequences of attacks on control systems

被引:177
作者
Huang, Yu-Lun [1 ]
Cardenas, Alvaro A. [2 ]
Amin, Saurabh [3 ]
Lin, Zong-Syun [1 ]
Tsai, Hsin-Yi [1 ]
Sastry, Shankar [2 ]
机构
[1] Natl Chiao Tung Univ, Dept Elect & Control Engn, Hsinchu 30010, Taiwan
[2] Univ Calif Berkeley, Dept Elect Engn & Comp Sci, Berkeley, CA 94720 USA
[3] Univ Calif Berkeley, Dept Civil & Environm Engn, Berkeley, CA 94720 USA
关键词
Control systems; Integrity attacks; Denial-of-service attacks; Consequences;
D O I
10.1016/j.ijcip.2009.06.001
中图分类号
TP [自动化技术、计算机技术];
学科分类号
080201 [机械制造及其自动化];
摘要
This paper describes an approach for developing threat models for attacks on control systems. These models are useful for analyzing the actions taken by an attacker who gains access to control system assets and for evaluating the effects of the attacker's actions on the physical process being controlled. The paper proposes models for integrity attacks and denial-of-service (DoS) attacks, and evaluates the physical and economic consequences of the attacks on a chemical reactor system. The analysis reveals two important points. First, a DoS attack does not have a significant effect when the reactor is in the steady state; however, combining the DoS attack with a relatively innocuous integrity attack rapidly causes the reactor to move to an unsafe state. Second, an attack that seeks to increase the operational cost of the chemical reactor involves a radically different strategy than an attack on plant safety (i.e., one that seeks to shut down the reactor or cause an explosion). (C) 2009 Elsevier B.V. All rights reserved.
引用
收藏
页码:73 / 83
页数:11
相关论文
共 11 条
[1]
BYRES E, 2004, VDE C
[2]
Designing secure networks for process control [J].
Byres, EJ .
IEEE INDUSTRY APPLICATIONS MAGAZINE, 2000, 6 (05) :33-39
[3]
Security issues in SCADA networks [J].
Igure, Vinay M. ;
Laughter, Sean A. ;
Williams, Ronald D. .
COMPUTERS & SECURITY, 2006, 25 (07) :498-506
[4]
Forensic analysis of SCADA systems and networks [J].
Kilpatrick, Tim ;
Gonzalez, Jesus ;
Chandia, Rodrigo ;
Papa, Mauricio ;
Shenoi, Sujeet .
International Journal of Security and Networks, 2008, 3 (02) :95-102
[5]
Oman P., 2002, Utility Automation, V7, P25
[6]
Ricker N. L., 1993, Journal of Process Control, V3, P109, DOI 10.1016/0959-1524(93)80006-W
[7]
Tsang PP, 2008, PROCEEDINGS OF THE IFIP TC 11/ 23RD INTERNATIONAL INFORMATION SECURITY CONFERENCE, P445
[8]
Wright AK, 2004, LECT NOTES COMPUT SC, V3089, P263
[9]
[No title captured]
[10]
[No title captured]