Abstract
Cyber-physical systems (CPSs) are integrations of computation, communication, control and physical processes. Typical examples where CPSs are deployed include smart grids, civil infrastructure, medical devices and manufacturing. Security is one of the most important issues that should be investigated in CPSs and hence has received much attention in recent years. This paper surveys recent results in this area and mainly focusses on three important categories: attack detection, attack design and secure estimation and control. We also discuss several future research directions including risk assessment, modeling of attacks and attacks design, counter-attack strategy and testbed and validation.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
A. Teixeira, H. Sandberg, K. H. Johansson. Networked control systems under cyber attacks with applications to power networks. Proceedings of the American Control Conference, Maryland: IEEE, 2010: 3690–3696.
S. Sundaram, M. Pajic, C. N. Hadjicostis, et al. The wireless control network: Monitoring for malicious behavior. IEEE Conference on Decision and Control, Atlanta: IEEE, 2010: 5979–5984.
R. Chabukswar, Y. Mo, B. Sinopoli. Detecting integrity attacks on SCADA systems. Proceedings of the 18th IFAC World Congress, Milano: IEEE, 2014: 11239–11244.
T. T. Kim, H. V. Poor. Strategic protection against data injection attacks on power grids. IEEE Transactions on Smart Grid, 2011, 2(2): 326–333.
B. Tang, L. D. Alvergue, G. Gu. Secure networked control systems against replay attacks without injecting authentication noise. Proceedings of the American Control Conference, Montreal: IEEE, 2012: 60280–6036.
Y. Mo, R. Chabukswar, B. Sinopoli. Detecting integrity attacks on SCADA systems. IEEE Transactions on Control Systems Technology, 2013, 22(4): 1396–1407.
F. Pasqualetti, F. Dorfler, F. Bullo. Attack detection and identification in cyber-physical systems. IEEE Transactions on Automatic Control, 2013, 22(4): 1396–1407.
A. N. Bishop, A. V. Savkin. Set-valued state estimation and attack detection for uncertain descriptor systems. IEEE Signal Processing Letters, 2015, 20(11): 1102–1105.
M. Esmalifalak, G. Shi, Z. Han, et al. Bad data injection attack and defense in electricity market using game theory study. IEEE Transactions on Smart Grid, 2013, 4(1): 160–169.
F. Miao, M. Pajic, G. J. Pappas. Stochastic game approach for replay attack detection. IEEE Conference on Decision and Control, Firenze: IEEE, 2013: 1854–1859.
Y. Mo, J. P. Hespanha, B. Sinopoli. Resilient detection in the presence of integrity attacks. IEEE Transactions on Signal Processing, 2015, 62(1): 31–43.
L. Liu, M. Esmalifalak, Z. Han. Detection of false data injection in power grid exploiting low rank and sparsity. IEEE Conference on Communications, Budapest: IEEE, 2014: 4461–4465.
L. Liu, M. Esmalifalak, Q. Ding, et al. Detecting false data injection attacks on power grid by sparse optimization. IEEE Transactions on Smart Grid, 2014, 5(2): 612–621.
Y. Mo, E. Garone, A. Casavola, et al. False data injection attacks against state estimation in wireless sensor networks. IEEE Conference on Decision and Control, Atlanta: IEEE, 2010: 5967–5972.
A. Teixeira, S. Amin, H. Sandberg, et al. Cyber security analysis of state estimators in electric power systems. IEEE Conference on Decision and Control, Firenze: IEEE, 2013: 5991–5998.
L. Xie, Y. Mo, B. Sinopoli. False data injection attacks in electricity markets. IEEE Conference on Smart Grid Communications, Maryland: IEEE, 2010: 226–231.
O. Kosut, Y. Jia, R. J. Thomas, et al. Malicious data attacks on the smart grid. IEEE Transactions on Smart Grid, 2011, 2(4): 645–658.
M. A. Rahman, H. Mohsenian-Rad. False data injection attacks with incomplete information against smart power grids. Global Communications Conference, Anaheim: IEEE, 2012: 3153–3158.
F. Pasqualetti, F. Dorfler, F. Bullo. Cyber-physical security via geometric control: Distributed monitoring and malicious attacks. IEEE Conference on Decision and Control, Hawaii: IEEE, 2012: 1–8.
H. Zhang, P. Cheng, L. Shi, et al. Optimal dos attack policy against remote state estimation. IEEE Conference on Decision and Control, Firenze: IEEE, 2013: 5444–5449.
A. Giani, E. Bitar, M. Garcia, et al. Smart grid data integrity attacks. IEEE Transactions on Smart Grid, 2013, 4(3): 1244–1253.
H. Zhang, P. Cheng, L. Shi, et al. Optimal denial-of-service attack scheduling against linear quadratic Gaussian control. Proceedings of the American Control Conference, Portland: IEEE, 2014: 3996–4001.
Q. Yang, J. Yang, W. Yu, et al. On false data-injection attacks against power system state estimation: Modeling and countermeasures. IEEE Transactions on Parallel and Distributed Systems, 2014, 25(3): 717–729.
J. Kim, L. Tong, R. J. Thomas. Subspace methods for data attack on state estimation: A data driven approach. IEEE Transactions on Signal Processing, 2015, 63(5): 1102–1114.
J. Hao, R. J. Piechocki, D. Kaleshi, et al. Sparse malicious false data injection attacks and defense mechanisms in smart grids. IEEE Transactions on Smart Grid, 2015, 11(5): 1198–1209.
S. Amin, A. A. Cardenas, S. S. Sastry. Safe and secure networked control systems under denial-of-service attacks. International Conference on Hybrid Systems: Computation and Control, Stockholm: Springer, 2009: 31–45.
F. Pasqualetti, F. Dorfler, F. Bullo. Cyber-physical security via geometric control: Distributed monitoring and malicious attacks. IEEE Conference on Decision and Control, Atlanta: IEEE, 2010: 1096–1101.
M. Zhu, S. Martinez. Stackelberg-game analysis of correlated attacks in cyber-physical systems. Proceedings of the American Control Conference, San Francisco: IEEE, 2011: 4063–4068.
Q. Zhu, T. Basar. Robust and resilient control design for cyberphysical systems with an application to power systems. IEEE Conference on Decision and Control and European Control Conference, Orlando: IEEE, 2011: 4066–4071.
Z. Pang, G. Liu. Design and implementation of secure networked predictive control systems under deception attacks. IEEE Transactions on Control Systems Technology, 2012, 20(5): 1334–1342.
H. Fawzi, P. Tabuada, S. Diggavi. Security for control systems under sensor and actuator attacks. IEEE Conference on Decision and Control, Hawaii: IEEE, 2012: 3412–3417.
H. S. Foroush, S. Martinez. On event-triggered control of linear systems under periodic denial-of-service jamming attacks. IEEE Conference on Decision and Control, Hawaii: IEEE, 2012: 2551–2556.
C. Kwon, W. Liu, I. Hwang. Security analysis for cyber-physical systems against stealthy deception attacks. Proceedings of the American Control Conference, Washington: IEEE, 2013: 3344–3349.
C. Kwon, I. Hwang. Hybrid robust controller design: Cyber attack attenuation for cyber-physical systems. IEEE Conference on Decision and Control, Firenze: IEEE, 2013: 188–193.
H. Fawzi, P. Tabuada, S. Diggavi. Secure estimation and control for cyber-physical systems under adversarial attacks. IEEE Transactions on Automatic Control, 2014, 59(6): 1454–1467.
Y. Mo, B. Sinopoli. Secure estimation in the presence of integrity attacks. IEEE Transactions on Automatic Control, 2015, 60(4): 1145–1151.
M. Zhu, S. Martinez. On distributed constrained formation control in operator-vehicle adversarial networks. Automatica, 2013, 49(12): 3571–3582.
S. Amin, G. A. Schwartz, S. S. Sastry. Security of interdependent and identical networked control systems. Automatica, 2013, 49(1): 186–192.
M. Zhu, S. Martinez. On the performance analysis of resilient networked control systems under replay attacks. IEEE Transactions on Automatic Control, 2014, 59(3): 804–808.
S. M. Djouadi, A. M. Melin, E. M. Ferragut, et al. Finite energy and bounded attacks on control system sensor signals. Proceedings of the American Control Conference, Portland: IEEE, 2014: 3690–3696.
Y. Mo, J. Hespanha, B. Sinopoli. Robust detection in the presence of integrity attacks. Proceedings of the American Control Conference, Montreal: IEEE, 2012: 3541–3546.
C. Kwon, I. Hwang. Hybrid robust controller design: Cyber attack attenuation for cyber-physical systems. IEEE Conference on Decision and Control, Firenze: IEEE, 2013: 188–193.
Author information
Authors and Affiliations
Corresponding author
Additional information
This work was supported in part by the Natural Science Foundation of China (Nos. 61321002, 61120106010, 61522303, U1509215), the Program for New Century Excellent Talents in University (No. NCET-13-0045), and the Beijing Higher Education Young Elite Teacher Project.
Guangyu WU received the B.Sc. and M.Sc. degrees from Xi’an University of Technology in 2010 and 2014, respectively. Currently, he was a Ph.D. candidate at the School of Automation, Beijing Institute of Technology. His research interests include security of CPSs and networked control systems.
Jian SUN received his Ph.D. degree from the Institute of Automation, Chinese Academy of Sciences in 2007. From April 2008 to October 2009, he was a visiting research fellow in University of Glamorgan, U.K. He is currently a professor in the School of Automation, Beijing Institute of Technology. His current research interests include security of CPSs, networked control systems, time-delay systems, and robust control.
Jie CHEN received the B.Sc., M.Sc. and Ph.D. degrees in Control Theory and Control Engineering from the Beijing Institute of Technology, Beijing, China, in 1986, 1993 and 2000, respectively. He is currently a professor with the School of Automation, Beijing Institute of Technology. His research interest covers complex system multi-objective optimization and decision, constrained nonlinear control, and optimization methods.
Rights and permissions
About this article
Cite this article
Wu, G., Sun, J. & Chen, J. A survey on the security of cyber-physical systems. Control Theory Technol. 14, 2–10 (2016). https://doi.org/10.1007/s11768-016-5123-9
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11768-016-5123-9