The literature regarding attacks in Networked Control Systems (NCS) indicates that covert and accurate attacks must be designed based on an accurate knowledge about the model of the attacked system. In this context, the literature on NCS presents the Passive System Identification attack as a metaheuristic-based tool to provide the attacker with the required system models. However, the scientific literature does not report countermeasures to mitigate the identification process performed by such passive metaheuristic-based attack. In this sense, this work proposes the use of a randomly switching controller as a countermeasure for the Passive System Identification attack, in case of failure of other conventional security mechanisms – such as encryption, network segmentation and firewall policies. This novel countermeasure aims to hinder the identification of the controller, so that the model obtained by the attacker is imprecise or ambiguous, in such a way that the attacker hesitates to launch covert or model-dependent attacks against the NCS. The simulation results indicate that this countermeasure is capable to mitigate the mentioned attack at the same time that it performs a satisfactory plant control.

中文翻译：

---

用于减轻网络控制系统中的被动系统识别攻击的控制器设计

有关网络控制系统（NCS）中攻击的文献表明，必须基于对被攻击系统模型的准确了解来设计隐蔽且准确的攻击。在这种情况下，有关NCS的文献将“被动系统识别”攻击作为一种基于元启发式的工具来提供，以为攻击者提供所需的系统模型。但是，科学文献没有报告减轻这种基于元启发式攻击的被动攻击所采取的对策的对策。从这个意义上讲，这项工作建议在其他常规安全机制（例如加密，网络分段和防火墙策略）失败的情况下，使用随机切换控制器作为被动系统识别攻击的对策。这种新颖的对策旨在阻碍控制器的识别，从而使攻击者获得的模型不精确或模棱两可，从而使攻击者不愿对NCS发起隐蔽或依赖模型的攻击。仿真结果表明，该对策能够在执行令人满意的工厂控制的同时减轻上述攻击。