Cyber Security of Water SCADA Systems - Part II: Attack Detection Using Enhanced Hydrodynamic Models

TitleCyber Security of Water SCADA Systems - Part II: Attack Detection Using Enhanced Hydrodynamic Models
Publication TypeJournal Article
Year of Publication2013
AuthorsAmin, S.., X.. Litrico, S.. S. Sastry, and A.. M. Bayen
JournalIEEE Transactions on Control Systems Technology
Volume21
Pagination1679-1693
Date PublishedSept
ISSN1063-6536
Keywordsactuators, Analytical models, attack detection, attack isolation, automated canal systems, canal hydrodynamics, canal offtakes, canals, cascaded canal pools, communication network-induced deception attacks, Cyber attack detection, Cyber security, Delay systems, delay-dependent linear matrix inequality method, delay-differential observer systems, enhanced hydrodynamic models, fault diagnosis, generalized fault-attack model, hydrodynamics, intrusion detection, Irrigation, linear matrix inequalities, Logic gates, Mathematical model, model-based diagnostic scheme, observer design, Observers, physical fault detection, SCADA systems, security of data, sensor measurement criticality, sensor-actuator faults, sensors, stealthy deception attacks, Supervisory control, supervisory control and data acquisition, supervisory control and data acquisition (SCADA) systems, Vectors, water distribution network, water pilfering, water SCADA systems, water supply
Abstract

This paper investigates the problem of detection and isolation of attacks on a water distribution network comprised of cascaded canal pools. The proposed approach employs a bank of delay-differential observer systems. The observers are based on an analytically approximate model of canal hydrodynamics. Each observer is insensitive to one fault/attack mode and sensitive to other modes. The design of the observers is achieved by using a delay-dependent linear matrix inequality method. The performance of our model-based diagnostic scheme is tested on a class of adversarial scenarios based on a generalized fault/attack model. This model represents both classical sensor-actuator faults and communication network-induced deception attacks. Our particular focus is on stealthy deception attacks in which the attacker's goal is to pilfer water through canal offtakes. Our analysis reveals the benefits of accurate hydrodynamic models in detecting physical faults and cyber attacks to automated canal systems. We also comment on the criticality of sensor measurements for the purpose of detection. Finally, we discuss the knowledge and effort required for a successful deception attack.

DOI10.1109/TCST.2012.2211874