Understanding the physical and economic consequences of attacks on control systems

TitleUnderstanding the physical and economic consequences of attacks on control systems
Publication TypeJournal Article
Year of Publication2009
AuthorsHuang, Y-L., A. A. Cárdenas, S. Amin, Z-S. Lin, H-Y. Tsai, and S. Sastry
JournalInternational Journal of Critical Infrastructure Protection
Pagination73 - 83

This paper describes an approach for developing threat models for attacks on control systems. These models are useful for analyzing the actions taken by an attacker who gains access to control system assets and for evaluating the effects of the attacker’s actions on the physical process being controlled. The paper proposes models for integrity attacks and denial-of-service (DoS) attacks, and evaluates the physical and economic consequences of the attacks on a chemical reactor system. The analysis reveals two important points. First, a DoS attack does not have a significant effect when the reactor is in the steady state; however, combining the DoS attack with a relatively innocuous integrity attack rapidly causes the reactor to move to an unsafe state. Second, an attack that seeks to increase the operational cost of the chemical reactor involves a radically different strategy than an attack on plant safety (i.e., one that seeks to shut down the reactor or cause an explosion).