Top

Published in:

2019 | OriginalPaper | Chapter

A Non-parametric Cumulative Sum Approach for Online Diagnostics of Cyber Attacks to Nuclear Power Plants

Authors : Wei Wang, Francesco Di Maio, Enrico Zio

Published in: Resilience of Cyber-Physical Systems

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Both stochastic failures and cyber attacks can compromise the correct functionality of Cyber-Physical Systems (CPSs). Cyber attacks manifest themselves in the physical system and, can be misclassified as component failures, leading to wrong control actions and maintenance strategies. In this chapter, we illustrate the use of a nonparametric cumulative sum (NP-CUSUM) approach for online diagnostics of cyber attacks to CPSs. This allows for (i) promptly recognizing cyber attacks by distinguishing them from component failures, and (ii) guiding decisions for the CPSs recovery from anomalous conditions. We apply the approach to the Advanced Lead-cooled Fast Reactor European Demonstrator (ALFRED) and its digital Instrumentation and Control (I&C) system. For this, an object-oriented model previously developed is embedded within a Monte Carlo (MC) engine that allows injecting into the I&C system both components (stochastic) failures (such as sensor bias, drift, wider noise and freezing) and cyber attacks (such as Denial of Service (DoS) attacks mimicking component failures).

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Flood Resilience of a Water Distribution System

Available only for authorised users

Aldemir T, Guarro S, Mandelli D, Kirschenbaum J, Mangan LA, Bucci P et al (2010) Probabilistic risk assessment modeling of digital instrumentation and control systems using two dynamic methodologies. Reliab Eng Syst Saf 95(10):1011–1039CrossRef

Alur R (2015) Principles of cyber-physical systems. MIT Press, Cambridge, MA

Authen S, Holmberg JE (2012) Reliability analysis of digital systems in a probabilistic risk analysis for nuclear power plants. Nucl Eng Technol 44(5):471–482CrossRef

Aven T (2009) Identification of safety and security critical systems and activities. Reliab Eng Syst Saf 94(2):404–411CrossRef

Boskvic JD, Mehra RK (2002) Stable adaptive multiple model-based control design for accommodation of sensor failures. In: American control conference, 2002. Proceedings of the 2002, IEEE, vol 3, pp 2046–2051

Bradley JM, Atkins EM (2015) Optimization and control of cyber-physical vehicle systems. Sensors 15(9):23020–23049CrossRef

Carl G, Kesidis G, Brooks RR, Rai S (2006) Denial-of-service attack-detection techniques. IEEE Internet Comput 10(1):82–89CrossRef

Debar H, Dacier M, Wespi A (1999) Towards a taxonomy of intrusion-detection systems. Comput Netw 31(8):805–822CrossRef

Di Maio F, Baraldi P, Zio E, Seraoui R (2013) Fault detection in nuclear power plants components by a combination of statistical methods. IEEE Trans Reliab 62(4):833–845CrossRef

10.

Duda RO, Hart PE, Stork DG (1973) Pattern classification, vol 2. Wiley, New York, pp 526–528MATH

11.

DYMOLA (2015) Dymola (Version 2015). France: Dassault Systèmes. Retrieved from http://www.3ds.com/products-services/catia/products/dymola

12.

Eames DP, Moffett J (1999) The integration of safety and security requirements. In: International conference on computer safety, reliability, and security. Springer, Berlin/Heidelberg, pp 468–480CrossRef

13.

Elhag S, Fernández A, Bawakid A, Alshomrani S, Herrera F (2015) On the combination of genetic fuzzy systems and pairwise learning for improving detection rates on intrusion detection systems. Expert Syst Appl 42(1):193–202CrossRef

14.

Fang Y, Sansavini G (2017) Optimizing power system investments and resilience against attacks. Reliab Eng Syst Saf 159:161–173CrossRef

15.

Fritzson P (2010) Principles of object-oriented modeling and simulation with Modelica 2.1. Wiley, HobokenCrossRef

16.

Frogheri M, Alemberti A, Mansani L (2015) The lead fast reactor: demonstrator (ALFRED) and ELFR design. In: Fast reactors and related fuel cycles: safe technologies and sustainable scenarios (FR13). V. 1. Proceedings of an international conference

17.

Grasso G, Petrovich C, Mikityuk K, Mattioli D, Manni F, Gugiu D (2013) Demonstrating the effectiveness of the European LFR concept: the ALFRED core design. In: Proceedings of the IAEA international conference on fast reactors and related fuel cycles: safe technologies and sustainable scenarios

18.

Gray R, Neuhoff D (1998) Quantization. IEEE Trans Inf Theory 44(6):2325–2383MATHCrossRef

19.

Hines JW, Garvey DR (2006) Development and application of fault detectability performance metrics for instrument calibration verification and anomaly detection. J Pattern Recogn Res 1(1):2–15CrossRef

20.

Hu X, Xu M, Xu S, Zhao P (2017) Multiple cyber attacks against a target with observation errors and dependent outcomes: characterization and optimization. Reliab Eng Syst Saf 159:119–133CrossRef

21.

IAEA (2009) Implementing digital instrumentation and control systems in the modernization of nuclear power plants. Technical report NP-T-1.4. IAEA

22.

Jockenhövel-Barttfeld M, Taurines A, Hessler C (2016) Quantification of application software failures of digital I&C in probabilistic safety analyses. In: 13th international conference on probabilistic safety assessment and management, Seoul, Korea

23.

Khaitan SK, McCalley JD (2015) Design techniques and applications of cyberphysical systems: a survey. IEEE Syst J 9(2):350–365CrossRef

24.

Kim KD, Kumar PR (2012) Cyber–physical systems: a perspective at the centennial. Proc IEEE 100(Special Centennial Issue):1287–1308CrossRef

25.

Kornecki AJ, Liu M (2013) Fault tree analysis for safety/security verification in aviation software. Electronics 2(1):41–56CrossRef

26.

Kriaa S, Pietre-Cambacedes L, Bouissou M, Halgand Y (2015) A survey of approaches combining safety and security for industrial control systems. Reliab Eng Syst Saf 139:156–178CrossRef

27.

Lee EA (2008) Cyber physical systems: design challenges. In: Object oriented real-time distributed computing (ISORC), 2008 11th IEEE international symposium on, IEEE, pp 363–369

28.

Levine WS (ed) (1996) The control handbook. CRC Press, Boca RatonMATH

29.

Li J, Huang X (2016) Cyber attack detection of I&C systems in NPPS based on physical process data. In: 2016 24th international conference on nuclear engineering, American Society of Mechanical Engineers, pp V002T07A011–V002T07A011

30.

Liang G, Zhao J, Luo F, Weller SR, Dong ZY (2017) A review of false data injection attacks against modern power systems. IEEE Trans Smart Grid 8(4):1630–1638CrossRef

31.

Machado, R. C., Boccardo, D. R., De Sá, V. G. P., & Szwarcfiter, J. L. (2016). Software control and intellectual property protection in cyber-physical systems. EURASIP J Inf Secur, 2016(1), 8

32.

McNelles P, Zeng ZC, Renganathan G, Lamarre G, Akl Y, Lu L (2016) A comparison of fault trees and the dynamic flowgraph methodology for the analysis of FPGA-based safety systems part 1: reactor trip logic loop reliability analysis. Reliab Eng Syst Saf 153:135–150CrossRef

33.

Mo Y, Chabukswar R, Sinopoli B (2014) Detecting integrity attacks on SCADA systems. IEEE Trans Control Syst Technol 22(4):1396–1407CrossRef

34.

Mohammadpourfard M, Sami A, Seifi AR (2017) A statistical unsupervised method against false data injection attacks: a visualization-based approach. Expert Syst Appl 84:242–261CrossRef

35.

Moteff JD (2012) Critical infrastructure resilience: the evolution of policy and programs and issues for congress. Congressional Research Service, Library of Congress, Washington, DC

36.

Ntalampiras S (2015) Detection of integrity attacks in cyber-physical critical infrastructures using ensemble modeling. IEEE Trans Ind Inf 11(1):104–111CrossRef

37.

Ntalampiras S (2016) Automatic identification of integrity attacks in cyber-physical systems. Expert Syst Appl 58:164–173CrossRef

38.

Obama B (2013) Presidential policy directive 21: critical infrastructure security and resilience. The White House, Washington, DC

39.

Page ES (1954) Continuous inspection schemes. Biometrika 41(1/2):100–115MathSciNetMATHCrossRef

40.

Pajic M, Weimer J, Bezzo N, Sokolsky O, Pappas GJ, Lee I (2017) Design and implementation of attack-resilient cyberphysical systems: with a focus on attack-resilient state estimators. IEEE Control Syst 37(2):66–81MathSciNetCrossRef

41.

Piètre-Cambacédès L, Bouissou M (2013) Cross-fertilization between safety and security engineering. Reliab Eng Syst Saf 110:110–126CrossRef

42.

Ponciroli R, Bigoni A, Cammi A, Lorenzi S, Luzzi L (2014) Object-oriented modelling and simulation for the ALFRED dynamics. Prog Nucl Energy 71:15–29CrossRef

43.

Ponciroli R, Cammi A, Della Bona A, Lorenzi S, Luzzi L (2015) Development of the ALFRED reactor full power mode control system. Prog Nucl Energy 85:428–440CrossRef

44.

Qiu P, Hawkins D (2003) A nonparametric multivariate cumulative sum procedure for detecting shifts in all directions. J R Stat Soc Ser D Stat 52(2):151–164MathSciNetCrossRef

45.

Rahman MS, Mahmud MA, Oo AM, Pota HR (2017) Multi-agent approach for enhancing security of protection schemes in cyber-physical energy systems. IEEE Trans Ind Inf 13(2):436–447CrossRef

46.

Roberts SW (1959) Control chart tests based on geometric moving averages. Technometrics 1(3):239–250CrossRef

47.

Shi D, Guo Z, Johansson KH, Shi L (2018) Causality countermeasures for anomaly detection in cyber-physical systems. IEEE Trans Autom Control 63(2):386–401MathSciNetMATHCrossRef

48.

Shin J, Son H, Heo G (2015) Development of a cyber security risk model using Bayesian networks. Reliab Eng Syst Saf 134:208–217CrossRef

49.

Skogestad S, Postlethwaite I (2007) Multivariable feedback control: analysis and design, vol 2. Wiley, New York, pp 359–368MATH

50.

Tan R, Nguyen HH, Foo EY, Yau DK, Kalbarczyk Z, Iyer RK, Gooi HB (2017) Modeling and mitigating impact of false data injection attacks on automatic generation control. IEEE Trans Inf Forensics Secur 12(7):1609–1624CrossRef

51.

Tartakovsky AG, Rozovskii BL, Blažek RB, Kim H (2006a) Detection of intrusions in information systems by sequential change-point methods. Stat Methodol 3(3):252–293MathSciNetMATHCrossRef

52.

Tartakovsky AG, Rozovskii BL, Blazek RB, Kim H (2006b) A novel approach to detection of intrusions in computer networks via adaptive sequential and batch-sequential change-point detection methods. IEEE Trans Signal Process 54(9):3372–3382MATHCrossRef

53.

Tartakovsky AG, Polunchenko AS, Sokolov G (2013) Efficient computer network anomaly detection by changepoint detection methods. IEEE J Sel Top Sign Proces 7(1):4–11CrossRef

54.

Teixeira A, Amin S, Sandberg H, Johansson KH, Sastry SS (2010) Cyber security analysis of state estimators in electric power systems. In: Decision and control (CDC), 2010 49th IEEE conference on, IEEE, pp 5991–5998

55.

Trabelsi Z, Rahmani H (2005) An anti-sniffer based on ARP cache poisoning attack. Inf Syst Secur 13(6):23–36CrossRef

56.

Wang W, Di Maio F, Zio E (2016) Component-and system-level degradation modeling of digital instrumentation and control systems based on a multi-state physics modeling approach. Ann Nucl Energy 95:135–147CrossRef

57.

Wang W, Cammi A, Di Maio F, Lorenzi S, Zio E (2017a) A Monte Carlo-based exploration framework for identifying components vulnerable to cyber threats in nuclear power plants. Reliab Eng Syst Saf 175:24–37CrossRef

58.

Wang W, Di Maio F, Zio E (2017b) Estimation of failure on-demand probability and malfunction rate values in cyber-physical systems of nuclear power plants. In: The 2017 international topical meeting on probabilistic safety assessment and analysis (PSA2017), Pittsburgh, USA, September, 2017, pp 24–28

59.

Wald A (1973) Sequential analysis. Courier Corporation, New YorkMATH

60.

Widrow B (1961) Analysis of amplitude-quantized sampled-data systems. Electr Eng 80(6):450–450CrossRef

61.

Xiang Y, Wang L, Liu N (2017) Coordinated attacks on electric power systems in a cyber-physical environment. Electr Power Syst Res 149:156–168CrossRef

62.

Xie M, Goh TN, Ranjan P (2002) Some effective control chart procedures for reliability monitoring. Reliab Eng Syst Saf 77(2):143–150CrossRef

63.

Yuan Y, Zhu Q, Sun F, Wang Q, Başar T (2013) Resilient control of cyber-physical systems against denial-of-service attacks. In: Resilient control systems (ISRCS), 2013 6th international symposium on, IEEE, pp 54–59

64.

Yuan W, Zhao L, Zeng B (2014) Optimal power grid protection through a defender–attacker–defender model. Reliab Eng Syst Saf 121:83–89CrossRef

65.

Zalewski J, Buckley IA, Czejdo B, Drager S, Kornecki AJ, Subramanian N (2016) A framework for measuring security as a system property in cyberphysical systems. Information 7(2):33CrossRef

66.

Zargar ST, Joshi J, Tipper D (2013) A survey of defense mechanisms against distributed denial of service (DDoS) flooding attacks. IEEE Commun Surv Tutorials 15(4):2046–2069CrossRef

67.

Zaytoon J, Lafortune S (2013) Overview of fault diagnosis methods for discrete event systems. Annu Rev Control 37(2):308–320CrossRef

68.

Zhao X, Chu PS (2010) Bayesian changepoint analysis for extreme events (typhoons, heavy rainfall, and heat waves): an RJMCMC approach. J Clim 23(5):1034–1046CrossRef

69.

Zio E (2009) Reliability engineering: old problems and new challenges. Reliab Eng Syst Saf 94(2):125–141CrossRef

70.

Zio E (2016) Challenges in the vulnerability and risk analysis of critical infrastructures. Reliab Eng Syst Saf 152:137–150CrossRef

71.

Zio E, Di Maio F (2009) Processing dynamic scenarios from a reliability analysis of a nuclear power plant digital instrumentation and control system. Ann Nucl Energy 36(9):1386–1399CrossRef

72.

Zio E, Zoia A (2009) Parameter identification in degradation modeling by reversible-jump Markov Chain Monte Carlo. IEEE Trans Reliab 58(1):123–131CrossRef

Title: A Non-parametric Cumulative Sum Approach for Online Diagnostics of Cyber Attacks to Nuclear Power Plants
Authors: Wei Wang
Francesco Di Maio
Enrico Zio
Publisher: Springer International Publishing
Book: Resilience of Cyber-Physical Systems
Print ISBN: 978-3-319-95596-4

Electronic ISBN: 978-3-319-95597-1

Copyright Year: 2019
DOI: https://doi.org/10.1007/978-3-319-95597-1_9

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner