DYNACON
Home
WASP
Cybersec cluster
WARA-PS
Principal Investigators
Henrik Sandberg
György Dán
Andrei Gurtov
Martina Maggio
Affiliated Researchers
Rijad Alisic
Axel Andersson
Talitha Nauta
Jacopo Porzio
Zelong Wang
Research
Publications

WASP logo

WASP NEST DYNACON

Protect autonomous systems from cyber-attacks targeting control systems

About the project

DYNACON Block Diagram 

Cyber-attacks targeting control systems, found in autonomous systems, are a relatively recent phenomenon. Unfortunately, it can have a devastating impact and harm both humans and the environment. In DYNACON four leading research groups in cyber physical security (control systems, real-time systems, communication and network security) at KTH, Lund University and Linköping University join forces to address the challenges of cyber-attacks in autonomous systems.

The group will tackle issues such as false data and manipulation of timestamps. The idea is to use trusted embedded devices as well as cryptographic authentication when necessary. Also, they will look into how detection and observer schemes can be developed to handle attacks both in the local and the supervisory control.

Ongoing Work 1: Timing attacks in control loops

Many control systems are subject to computational delays that, sometimes, make the control task miss deadlines (i.e., not produce a new control signal by the time in which new sensor data arrives). Sporadic deadline misses are a common phenomenon, as testified by industry practitioners, and are in general due to a variety of factors, such as transient overloads, hardware problems, and also cyber attacks. Their presence in normally working systems allow an attacker to sneakily introduce them to disrupt the behavior of the closed-loop system without being noticed. In the DYNACON NEST project, we are therefore investigating a class of cyber attacks that target control systems by exploiting timing vulnerabilities, rather than manipulating data.


Our first step was the proposal of an analysis that determines what is the worst case attack that an attacker can do if the defender uses a probabilistic model of how many deadlines the control system is expected to miss. We proposed a Mixed Integer Quadratically Constrained Programming (MIQCP) optimization framework to determine the maximum disruption that an attacker can cause under stealth constraints that stem from an expected probability that the controller will miss its deadline. The attacks are validated on both a simulated quadruple-tank process and a real Furuta pendulum system, showing that even brief, undetected delays can destabilize or degrade system performance significantly.

To ensure the attacks remain stealthy, the optimization problem incorporates statistical constraints based on binomial and geometric distribution tests, mimicking normal system variability and evading detection by standard watchdogs and activity-based intrusion detection systems. We further explored the effectiveness of different defensive strategies, including sliding-window detection and long-term anomaly counters, and evaluates the impact of various parameters such as actuation strategies and deadline miss thresholds. Our study of these attacks concludes by stressing the limitations of current security mechanisms and emphasizing the need for improved detection techniques that consider time-based attacks and long-term behavior patterns.

Researchers: Talitha Nauta, Martina Maggio, Henrik Sandberg
Links: [Paper], [Video], [Code]

Contact

Henrik Sandberg
E-mail: hsan@kth.se
Phone: +46 (0)8 790 7294