Go to content
SV På svenska

Secure and resilient control systems

Reference number
FFL18-0175
Project leader
Teixeira, André
Start and end dates
200401-260331
Amount granted
12 000 000 SEK
Administrative organization
Uppsala University
Research area
Information, Communication and Systems Technology

Summary

Reports of cyber-attacks on digitally controlled systems supporting modern societies, such as Stuxnet, have shown their devastating consequences to safety and human lives, and shed light on the attackers' modus operandi: first learn the system, then tamper the visible information so the attack is undetected, and meanwhile have significant impact on the physical system. It is of the utmost importance to be able to detect and mitigate such malicious cyber-attacks. Unfortunately, existing methods in control engineering consider impact on the physical system and detectability separately, and thus fail to accurately tackle cyber-attacks that strategically mix high impact with low detectability. On the other hand, approaches from secure control assume adversaries with perfect knowledge, resulting in overly pessimistic, unrealistic conclusions. The project will produce approaches to analyze and mitigate cyber-attacks on control systems, through the following actions: 1) to construct novel sensitivity metrics that jointly consider the impact and detectability of attacks; 2) to design optimal anomaly detectors, controllers, and security measure deployment that minimize the novel sensitivity metrics, and thus increase security; 3) to experimentally validate the developed scientific approaches in testbeds and numerical benchmarks. The developed science and tools will induce a paradigm change in robust control and fault detection, and allow for more effective handling of anomalies.

Popular science description

Digital control systems use the IT infrastructure to autonomously operate physical processes, such as chemical plants, energy grids, and transportation systems. Cyber-attacks on digitally controlled systems can therefore have devastating consequences in terms of physical damage, safety incidents, and the loss of human lives, as illustrated by the destruction of centrifuges due to the Stuxnet malware in 2010. Cyber security becomes even more relevant as the digitalization of industries increases. Novel paradigms such as autonomous driving are prime examples of disruptive technologies that are threatened by the possible vulnerabilities to malicious cyber-attacks, and their devasting consequences to safety and human lives. Cyber security is of high strategic importance for Sweden: “There is a great need to develop cyber security in Sweden.” This is the opening sentence of the official document “A national cyber security strategy” (Skr. 2016/17:213) from the Swedish Government. The document identifies cyber security as a key societal challenge in the long term, and it specifies a set of strategic priorities. One such priority is “Security in industrial information and control systems”, which is the scope of this project. Current approaches to secure ICS typically leverage existing approaches from IT system security, which are not tailored for the specific needs and constraints of control systems, and therefore have limited applicability. Risk management frameworks do not consider specific low-level aspects of ICSs and the interactions between IT systems and physical processes. On the other hand, IT security mechanisms (e.g., encryption) often require additional computational time. Since ICS have strict real-time constraints, in many cases classical security mechanisms cannot be deployed. There is thus a need for solutions that complement existing IT system-centered security mechanisms and address the specific objectives and constraints of ICS. This project has two main contributions to current practices in cyber security and resilience of control systems. First, the project will develop tools to support control engineers in the analysis of cyber security risks in control systems. Second, the project will provide new systematic design methods that can be used in the development attack-tolerant control schemes. Both of these contributions shall be validated and demonstrated though experimental testbeds.