A statistical method for detecting cyber/physical attacks on SCADA systems - Archive ouverte HAL Accéder directement au contenu
Communication Dans Un Congrès Année : 2014

A statistical method for detecting cyber/physical attacks on SCADA systems

Résumé

This paper addresses the problem of detecting cyber/physical attacks on Supervisory Control And Data Acquisition (SCADA) systems. The detection of cyber/physical attacks is formulated as the problem of detecting transient changes in stochastic-dynamical systems in the presence of unknown system states (often regarded as the nuisance parameter). The Variable Threshold Window Limited CUmulative SUM (VTWL CUSUM) test is adapted to the detection of transient changes of known profiles in the presence of nuisance parameter. Taking into account the performance criterion of the transient change detection problem, which minimizes the worst-case probability of missed detection for a given value of the worst-case probability of false alarm, the thresholds are tuned for optimizing the VTWL CUSUM algorithm. The optimal choice of thresholds leads to the simple Finite Moving Average (FMA) algorithm. The proposed algorithms are utilized for detecting the covert attack on a simple water distribution system, targeting at stealing water from the reservoir without being detected.
Fichier non déposé

Dates et versions

hal-01303083 , version 1 (15-04-2016)

Identifiants

Citer

van Long Do, Lionel Fillatre, Igor V. Nikiforov. A statistical method for detecting cyber/physical attacks on SCADA systems. IEEE Conference on Control Applications (CCA), Oct 2014, Juan Les Pins, France. ⟨10.1109/CCA.2014.6981373⟩. ⟨hal-01303083⟩
115 Consultations
0 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More