Though recent advancements in dc microgrids are largely based on distributed control strategies to enhance reliability and scalability, the absence of a centralized controller to check the global ...information makes these schemes highly susceptible to cyber attacks. Since false data injection attacks (FDIAs) are considered as a prominent attack methodology in dc microgrids, prior emphasis is usually laid on compromised sensors and controllers only related to dc voltages. Hence, this article first segregates the FDIAs on the output currents into destablization and deception attacks, based on the modeling of attack elements with respect to the consensus theory. Second, a discordant element based detection approach is designed to detect the attacked nodes accurately, using an extended analysis of the cooperative control network. A risk assessment framework for dc microgrids against cyber attacks is provided alongside all the case studies. An evaluation theory is also presented to assist the proposed detection scheme to differentiate between cyber attacks and faults. Further, the proposed detection approach is theoretically verified and validated using simulation and experimental conditions.
Although distributed control in microgrids is well known for reliability and scalability, the absence of a global monitoring entity makes it highly vulnerable to cyber attacks. Considering that the ...detection of cyber attacks becomes fairly easy for distributed observers, a well-planned set of balanced attacks, commonly termed as stealth attack, can always bypass these observers with the control objectives being successfully met. In this letter, a mitigation technique is thus introduced to remove stealth attack on the frequency control input in ac microgrids. The mitigation is carried out using a novel event-driven attack-resilient controller for <inline-formula><tex-math notation="LaTeX">N</tex-math></inline-formula> cooperative grid-forming converters, which guarantees resilient synchronization for up to <inline-formula><tex-math notation="LaTeX">N-1</tex-math></inline-formula> attacked units. Finally, the resilience capabilities and robustness of the proposed controller are discussed and verified under various scenarios.
As the deployment of Internet of Things (IoT) is experiencing an exponential growth, it is no surprise that many recent cyber attacks are IoT-enabled : the attacker initially exploits some vulnerable ...IoT technology as a first step toward compromising a critical system that is connected, in some way, with the IoT. For some sectors, like industry, smart grids, transportation, and medical services, the significance of such attacks is obvious, since IoT technologies are part of critical back-end systems. However, in sectors where IoT is usually at the end-user side, like smart homes, such attacks can be underestimated, since not all possible attack paths are examined. In this paper, we survey IoT-enabled cyber attacks, found in all application domains since 2010. For each sector, we emphasize on the latest, verified IoT-enabled attacks, based on known real-world incidents and published proof-of-concept attacks. We methodologically analyze representative attacks that demonstrate direct, indirect, and subliminal attack paths against critical targets. Our goal is threefold: 1) to assess IoT-enabled cyber attacks in a risk-like approach, in order to demonstrate their current threat landscape; 2) to identify hidden and subliminal IoT-enabled attack paths against critical infrastructures and services; and 3) to examine mitigation strategies for all application domains.
Multiagent systems (MASs) are distributed systems with two or more intelligent agents. Formation control is a significant control technique of MASs. To date, formation control on MASs is widely used ...in various fields, such as robots, spacecrafts, satellites, and unmanned aerial/surface/underwater vehicles. However, there is a relatively small body of literature that is concerned with security problems of formation control on MASs in past years. Our research represents the first step toward developing security attacks of formation control on MASs. Our study aims to investigate potential security problems of formation control on a multirobot system for the first time. We propose two kinds of control-level attacks and each kind of attack includes several specific attack forms. Then, we discuss specific features of formation control on a classical multirobot system and utilize theoretical analyses to illustrate how cyberattacks can influence the physical movements of robots. The experimental results of the proposed attacks show that attacks can easily interrupt formation movements of a multirobot system and several carefully designed attacks even can cause irreversible loss.
Cyber-physical systems (CPSs), which are an integration of computation, networking, and physical processes, play an increasingly important role in critical infrastructure, government and everyday ...life. Due to physical constraints, embedded computers and networks may give rise to some additional security vulnerabilities, which results in losses of enormous economy benefits or disorder of social life. As a result, it is of significant to properly investigate the security issue of CPSs to ensure that such systems are operating in a safe manner. This paper, from a control theory perspective, presents an overview of recent advances on security control and attack detection of industrial CPSs. First, the typical system modeling on CPSs is summarized to cater for the requirement of the performance analysis. Then three typical types of cyber-attacks, i.e. denial-of-service attacks, replay attacks, and deception attacks, are disclosed from an engineering perspective. Moreover, robustness, security and resilience as well as stability are discussed to govern the capability of weakening various attacks. The development on attack detection for industrial CPSs is reviewed according to the categories on detection approaches. Furthermore, the security control and state estimation are discussed in detail. Finally, some challenge issues are raised for the future research.
In this paper, a brief survey of measurable factors affecting the adoption of cybersecurity enhancement methods in the smart grid is provided. From a practical point of view, it is a key point to ...determine to what degree the cyber resilience of power systems can be improved using cost-effective resilience enhancement methods. Numerous attempts have been made to the vital resilience of the smart grid against cyber-attacks. The recently proposed cybersecurity methods are considered in this paper, and their accuracies, computational time, and robustness against external factors in detecting and identifying False Data Injection (FDI) attacks are evaluated. There is no all-inclusive solution to fit all power systems requirements. Therefore, the recently proposed cyber-attack detection and identification methods are quantitatively compared and discussed.
Though recent advancements in dc microgrids are largely based on distributed control strategies to enhance reliability, their susceptibility to cyber attacks still remains a challenging issue. ...Additionally in converter-dominated dc microgrids, mitigation of cyber attacks upon detection in a timely manner is the need of the hour to prevent the system from immediate shutdown. Since most of the existing research is primarily focused on the detection of cyber attacks in dc microgrids without giving prior attention to comprehensive steps of mitigation, this article classifies cyber attacks as events and introduces an event-driven cyber attack resilient strategy for dc microgrids, which immediately replaces the attacked signal with a trusted event-driven signal constructed using True transmitted measurements. This mechanism not only disengages the attack element from the control system, but also replaces it with an event-triggered estimated value to encompass normal consensus operation during both steady state as well as transient conditions even in the presence of attacks. Finally, the event detection criteria and its sensitivity are theoretically verified and validated using simulation and experimental conditions in the presence of both stealth voltage and current attacks.
With the advent of the smart industry, Industrial Control Systems (ICS) moved from isolated environments to connected platforms to meet Industry 4.0 targets. The inherent connectivity in these ...services exposes such systems to increased cybersecurity risks. To protect ICSs against cyberattacks, intrusion detection systems (IDS) empowered by machine learning are used to detect abnormal behavior of the systems. Operational ICSs are not safe environments to research IDSs due to the possibility of catastrophic risks. Therefore, realistic ICS testbeds enable researchers to analyze and validate their IDSs in a controlled environment. Although various ICS testbeds have been developed, researchers’ access to a low-cost, extendable, and customizable testbed that can accurately simulate ICSs and suits security research is still an important issue.
In this paper, we present ICSSIM, a framework for building customized virtual ICS security testbeds in which various cyber threats and network attacks can be effectively and efficiently investigated. This framework contains base classes to simulate control system components and communications. Simulated components are deployable on actual hardware such as Raspberry Pis, containerized environments like Docker, and simulation environments such as GNS-3. ICSSIM also offers physical process modeling using software and hardware in the loop simulation. This framework reduces the time for developing ICS components and aims to produce extendable, versatile, reproducible, low-cost, and comprehensive ICS testbeds with realistic details and high fidelity. We demonstrate ICSSIM by creating a testbed and validating its functionality by showing how different cyberattacks can be applied.
•Framework for building customized industrial control system testbeds.•Extendable and reproducible testbed equipped with various cyber attacks.•Using Docker container technology, which provides realistic network emulation.•Open-Source Framework for examination of DDoS, Scan, Replay, Injection and MitM attack.
Cyber-physical systems (CPSs) are increasingly threatened by stealthy false data injection (SFDI) attacks, which compromise system integrity by manipulating control signals and introducing false ...sensor data. These attacks are particularly challenging due to their diversity and often indistinguishable nature. In response to this issue, our work uncovers the fundamental causes behind SFDI attacks in linear time-invariant (LTI) systems and elucidates the principles enabling their stealth. We present a novel virtual extended system framework designed to eliminate strictly stealthy attacks within the entire CPS. Utilizing deep reinforcement learning (DRL) methodologies, we pioneer the use of detection results for real-time SFDI attack classification. Through numerical simulations, we validate our proposed method's effectiveness, demonstrating a classification accuracy of no less than 95%. Notably, even in scenarios where attackers manage to breach the framework partially, our method continues to provide a reliable success rate in SFDI attack detection and classification, showcasing its robustness and efficacy. Note to Practitioners -Cyber-physical systems (CPSs), a critical component of modern industries, are becoming increasingly susceptible to stealthy false data injection (SFDI) attacks. These attacks compromise system integrity by subtly manipulating control signals and feeding false sensor data, making them challenging to detect. Our research presents an innovative framework that uses deep reinforcement learning techniques to detect and classify these elusive attacks, achieving a classification accuracy of over 95%. The information on SFDI attack categories, ascertained by this method, lays the groundwork for the development of subsequent defence strategies. For professionals working in sectors reliant on CPSs, such as manufacturing, healthcare, and transportation, this framework offers a promising tool to enhance system security. Even in scenarios where the system has been partially compromised, our method continues to provide reliable detection and classification, underscoring its robustness and practical utility. The system remains effective despite full breach attempts on specific attack types, ensuring resilience against a broad range of SFDI attacks. In conclusion, our research offers a substantial advancement in protecting CPSs against cyber threats.
This article concentrates on event-based secure leader-following consensus control for multiagent systems (MASs) with multiple cyber attacks, which contain replay attacks and denial-of-service (DoS) ...attacks. A new multiple cyber-attacks model is first built by considering replay attacks and DoS attacks simultaneously. Different from the existing researches on MASs with a fixed topological graph, the changes of communication topologies caused by DoS attacks are considered for MASs. Besides, an event-triggered mechanism is adopted for mitigating a load of network bandwidth by scheduling the transmission of sampled data. Then, an event-based consensus control protocol is first developed for MASs subjected to multiple cyber attacks. In view of this, by using the Lyapunov stability theory, sufficient conditions are obtained to ensure the mean-square exponential consensus of MASs. Furthermore, the event-based controller gain is derived by solving a set of linear matrix inequalities. Finally, an example is simulated for confirming the effectiveness of the theoretical results.