Abstract
Distributed control is a reality of today's industrial automation and systems. Parts of a system are on-site, and other elements are on the edge of the cloud. The overall system-functioning relies on the reliable operation of local and remote components. However, all system parts can be attacked. Typically, local entities of a cyber-physical system, such as robot arms or conveyor belts, get affected by cyber attacks. However, attacking the control and monitoring channels between a plant and its remote controller is attractive, too. There is a diversity of attacks, such as manipulating a plant's input signals, controller logic, and output signals. To detect and mitigate the impact of such various attacks and to make a plant more resilient, we introduce a self-learning controller proxy in the plant's communication channel to the controller. It acts as a local trust anchor to the commands received from a remote controller. It does black box self-learning of the controller algorithms and audits its operations. Once an attack is detected, the plant pivots into self-piloting mode. We investigate design alternatives for the controller proxy. We evaluate how complex the control algorithms can be to enable self-piloting resilience.
| Original language | English |
|---|---|
| Pages (from-to) | 35-46 |
| Number of pages | 12 |
| Journal | CEUR Workshop Proceedings |
| Volume | 3329 |
| Publication status | Published - 1 Jan 2022 |
| Event | 29th Computer and Electronics Security Application Rendezvous, C and ESAR 2022 - Rennes, France Duration: 15 Nov 2022 → 16 Nov 2022 |
Keywords
- Cyber-Physical System
- Networked-Control Systems
- incident response
- resilience
- security