论文标题
跳过以确保:通过有意跳过执行的网络物理控制循环确保网络物理控制循环
Skip to Secure: Securing Cyber-physical Control Loops with Intentionally Skipped Executions
论文作者
论文摘要
我们考虑在植物和控制器之间进行数据交换的对抗干预措施的情况下,确保给定的控制循环实施的问题。可以使用连续操作的监视系统以及加密技术来挫败此类干预措施,这些技术都可以消耗网络和计算资源。我们为有意跳过控制循环执行提供了一种原则性的方法,该方法可能有资格作为对违反消息完整性和真实性的隐秘攻击的有用理论对策。从我们的实验中可以明显看出,这种控制理论对比有助于降低加密安全性措施开销,并在基于控制区域网络(CAN)的汽车CP中产生资源消耗,而不会损害性能和安全性。
We consider the problem of provably securing a given control loop implementation in the presence of adversarial interventions on data exchange between plant and controller. Such interventions can be thwarted using continuously operating monitoring systems and also cryptographic techniques, both of which consume network and computational resources. We provide a principled approach for intentional skipping of control loop executions which may qualify as a useful control theoretic countermeasure against stealthy attacks which violate message integrity and authenticity. As is evident from our experiments, such a control theoretic counter-measure helps in lowering the cryptographic security measure overhead and resulting resource consumption in Control Area Network (CAN) based automotive CPS without compromising performance and safety.
