当前位置:
X-MOL 学术
›
arXiv.cs.SY
›
论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Intrusion Detection and Localization for Networked Embedded Control Systems
arXiv - CS - Systems and Control Pub Date : 2021-06-17 , DOI: arxiv-2106.09826 Vuk Lesi, Marcio Juliato, Shabbir Ahmed, Christopher Gutierrez, Qian Wang, Manoj Sastry
arXiv - CS - Systems and Control Pub Date : 2021-06-17 , DOI: arxiv-2106.09826 Vuk Lesi, Marcio Juliato, Shabbir Ahmed, Christopher Gutierrez, Qian Wang, Manoj Sastry
Closed-loop control systems employ continuous sensing and actuation to
maintain controlled variables within preset bounds and achieve the desired
system output. Intentional disturbances in the system, such as in the case of
cyberattacks, can compromise reachability of control goals, and in several
cases jeopardize safety. The increasing connectivity and exposure of networked
control to external networks has enabled attackers to compromise these systems
by exploiting security vulnerabilities. Attacks against safety-critical control
loops can not only drive the system over a trajectory different from the
desired, but also cause fatal consequences to humans. In this paper we present
a physics-based Intrusion Detection System (IDS) aimed at increasing the
security in control systems. In addition to conventional process state
estimation for intrusion detection, since the controller cannot be trusted, we
introduce a controller state estimator. Additionally, we make our detector
context-aware by utilizing sensor measurements from other control loops, which
allows to distinguish and characterize disturbances from attacks. We introduce
adaptive thresholding and adaptive filtering as means to achieve
context-awareness. Together, these methodologies allow detection and
localization of attacks in closed-loop controls. Finally, we demonstrate
feasibility of the approach by mounting a series of attacks against a networked
Direct Current (DC) motor closed-loop speed control deployed on an ECU testbed,
as well as on a simulated automated lane keeping system. Among other
application domains, this set of approaches is key to support security in
automotive systems, and ultimately increase road and passenger safety.
中文翻译:
网络嵌入式控制系统的入侵检测和定位
闭环控制系统采用连续传感和驱动来将受控变量保持在预设范围内,并实现所需的系统输出。系统中的故意干扰(例如在网络攻击的情况下)可能会危及控制目标的可达性,并在某些情况下危及安全。网络控制对外部网络的连接性和暴露程度的增加使攻击者能够通过利用安全漏洞来破坏这些系统。针对安全关键控制回路的攻击不仅可以驱动系统运行与预期不同的轨迹,而且还会对人类造成致命的后果。在本文中,我们提出了一种基于物理的入侵检测系统 (IDS),旨在提高控制系统的安全性。除了用于入侵检测的传统进程状态估计之外,由于控制器不可信任,我们引入了控制器状态估计器。此外,我们通过利用来自其他控制回路的传感器测量值使我们的检测器具有上下文感知能力,从而可以区分和表征来自攻击的干扰。我们引入自适应阈值和自适应过滤作为实现上下文感知的手段。总之,这些方法允许在闭环控制中检测和定位攻击。最后,我们通过对部署在 ECU 测试台以及模拟自动车道保持系统上的联网直流 (DC) 电机闭环速度控制进行一系列攻击来证明该方法的可行性。在其他应用领域中,
更新日期:2021-06-25
中文翻译:
网络嵌入式控制系统的入侵检测和定位
闭环控制系统采用连续传感和驱动来将受控变量保持在预设范围内,并实现所需的系统输出。系统中的故意干扰(例如在网络攻击的情况下)可能会危及控制目标的可达性,并在某些情况下危及安全。网络控制对外部网络的连接性和暴露程度的增加使攻击者能够通过利用安全漏洞来破坏这些系统。针对安全关键控制回路的攻击不仅可以驱动系统运行与预期不同的轨迹,而且还会对人类造成致命的后果。在本文中,我们提出了一种基于物理的入侵检测系统 (IDS),旨在提高控制系统的安全性。除了用于入侵检测的传统进程状态估计之外,由于控制器不可信任,我们引入了控制器状态估计器。此外,我们通过利用来自其他控制回路的传感器测量值使我们的检测器具有上下文感知能力,从而可以区分和表征来自攻击的干扰。我们引入自适应阈值和自适应过滤作为实现上下文感知的手段。总之,这些方法允许在闭环控制中检测和定位攻击。最后,我们通过对部署在 ECU 测试台以及模拟自动车道保持系统上的联网直流 (DC) 电机闭环速度控制进行一系列攻击来证明该方法的可行性。在其他应用领域中,
京公网安备 11010802027423号