Team for Research in
Ubiquitous Secure Technology

Stealthy Deception Attacks on Water SCADA Systems
Saurabh Amin

Citation
Saurabh Amin. "Stealthy Deception Attacks on Water SCADA Systems". Talk or presentation, 29, November, 2009.

Abstract
Dynamics of water flow networks, such as irrigation canal systems, can be modeled by differential equations evolving on graphs. Water flow networks are monitored and controlled at boundary nodes by supervisory control and data acquisition (SCADA) systems. Recently, there have been significant developments in the suite of automatic control methods for water SCADA systems such that a user specified performance criteria as well as certain robustness guarantees are achieved in closed-loop. Water SCADA systems often use commodity information technology (IT) solutions and are now being made accessible to remote users via corporate networks and the Internet. Thus, they inherit many of known IT vulnerabilities and threats. Indeed, recent incidents have confirmed that cyber-attacks on water SCADA systems have become a more attractive choice for the attackers in comparison to physical attacks; they are cheaper, less risky, and are becoming easier to execute. We believe that in order to increase the resilience of SCADA systems under attacks, a system theoretic characterization of cyber-attacks is needed. Motivated by this challenge, we will discuss stealthy deception attacks on a typical water SCADA system managing an irrigation canal network. We study scenarios in which an adversary—with financial or malicious intent—can carry out deception attacks on certain sensor and control processes. In particular, we focus on analysis of stealthy deception attacks in which the adversary degrades the intended purpose of commonly used proportional (P) or proportional-integral (PI) controllers by compromising certain sensor measurements and/or control actions. We use the theory of switching dynamical systems to model adversary's actions and show that due to the slow and distributed nature of these systems, detection of these attacks can be difficult for the SCADA system. We illustrate a deception attack scenario implemented on a real SCADA system that manages the Gignac canal in France.

Electronic downloads

Citation formats  
  • HTML
    Saurabh Amin. <a
    href="http://www.truststc.org/pubs/636.html"
    ><i>Stealthy Deception Attacks on Water SCADA
    Systems</i></a>, Talk or presentation,  29,
    November, 2009.
  • Plain text
    Saurabh Amin. "Stealthy Deception Attacks on Water
    SCADA Systems". Talk or presentation,  29, November,
    2009.
  • BibTeX
    @presentation{Amin09_StealthyDeceptionAttacksOnWaterSCADASystems,
        author = {Saurabh Amin},
        title = {Stealthy Deception Attacks on Water SCADA Systems},
        day = {29},
        month = {November},
        year = {2009},
        abstract = {Dynamics of water flow networks, such as
                  irrigation canal systems, can be modeled by
                  differential equations evolving on graphs. Water
                  flow networks are monitored and controlled at
                  boundary nodes by supervisory control and data
                  acquisition (SCADA) systems. Recently, there have
                  been significant developments in the suite of
                  automatic control methods for water SCADA systems
                  such that a user specified performance criteria as
                  well as certain robustness guarantees are achieved
                  in closed-loop. Water SCADA systems often use
                  commodity information technology (IT) solutions
                  and are now being made accessible to remote users
                  via corporate networks and the Internet. Thus,
                  they inherit many of known IT vulnerabilities and
                  threats. Indeed, recent incidents have confirmed
                  that cyber-attacks on water SCADA systems have
                  become a more attractive choice for the attackers
                  in comparison to physical attacks; they are
                  cheaper, less risky, and are becoming easier to
                  execute. We believe that in order to increase the
                  resilience of SCADA systems under attacks, a
                  system theoretic characterization of cyber-attacks
                  is needed. Motivated by this challenge, we will
                  discuss stealthy deception attacks on a typical
                  water SCADA system managing an irrigation canal
                  network. We study scenarios in which an
                  adversary—with financial or malicious
                  intent—can carry out deception attacks on
                  certain sensor and control processes. In
                  particular, we focus on analysis of stealthy
                  deception attacks in which the adversary degrades
                  the intended purpose of commonly used proportional
                  (P) or proportional-integral (PI) controllers by
                  compromising certain sensor measurements and/or
                  control actions. We use the theory of switching
                  dynamical systems to model adversary's actions and
                  show that due to the slow and distributed nature
                  of these systems, detection of these attacks can
                  be difficult for the SCADA system. We illustrate a
                  deception attack scenario implemented on a real
                  SCADA system that manages the Gignac canal in
                  France.},
        URL = {http://www.truststc.org/pubs/636.html}
    }
    

Posted by Larry Rohrbough on 5 Nov 2009.
For additional information, see the Publications FAQ or contact webmaster at www truststc org.

Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.