A FRAMEWORK FOR ANALYZING THE IMPACT OF ACTUATION LIMITS ON CYBER-PHYSICAL SYSTEMS
MetadataShow full item record
Type of Workapplication:pdf
DepartmentComputer Science and Electrical Engineering
RightsDistribution Rights granted to UMBC by the author.
This item may be protected under Title 17 of the U.S. Copyright Law. It is made available by UMBC for non-commercial research and education. For permission to publish or reproduce, please see http://aok.lib.umbc.edu/specoll/repro.php or contact Special Collections at speccoll(at)umbc.edu
Cyber-physical systems (CPS) are smart systems of networked computing and physical components. CPS are ubiquitous in industrial and consumer applications, ranging from control systems in smart power grids to phone touch screens. Unfortunately, the cyber component of CPS may introduce attack vectors by which a bad actor can cause harm to the physical system. A famous example includes the Stuxnet computer worm which inflicted physical damage to Iranian nuclear centrifuges. A cyber-physical mitigation strategy against CPS attacks is actuation limits. Actuation limits are constraints intentionally imposed on the actuators of a CPS to mitigate actuation behaviors which lead to dangerous states. Actuation limits, while able to constrain an attacker, may introduce performance penalties. In this research, a framework is presented which scores actuation limit schemes on their attack resilience and performance integrity. Attack resilience is measured by subjecting the CPS to a battery of cyber-physical attacks and observing if actuation limits were successful in mitigation. Performance integrity is measured by comparing the performance of the CPS with and without actuation limits. An algorithm to combine actuation limit schemes to yield an amalgam scheme with improved scores is presented. Actuation limits for a simulated ship autopilot are scored to demonstrate the utility of the framework. Low scores were observed in two general cases. Overly constraining actuation limits scored poorly in attack resilience and performance integrity as the required operating behaviors were compromised by the limits. Overly broad actuation limits preserved performance integrity yet did not sufficiently constrain an attacker and exhibited poor attack resilience. Amalgam schemes demonstrated high scores overall by only constraining the CPS in high risk states. The results of the research indicate the proposed framework can be a useful tool in evaluating the effectiveness of actuation limits as an attack mitigation strategy in CPS.