Automated Malware Design for Cyber Physical Systems

TL;DR

This paper introduces a systematic, automated method to generate integrity attacks on cyber physical systems directly from safety and control specifications, aiding resilience testing without needing physical system knowledge.

Contribution

It presents a novel algorithm that automatically creates malware payloads from CPS specifications, enabling realistic attack simulations without physical system details.

Findings

Automated attack generation from CPS specifications is feasible.

Generated attacks effectively violate safety and operational requirements.

The approach enhances testing of CPS resilience against cyber threats.

Abstract

The design of attacks for cyber physical systems is critical to assess CPS resilience at design time and run-time, and to generate rich datasets from testbeds for research. Attacks against cyber physical systems distinguish themselves from IT attacks in that the main objective is to harm the physical system. Therefore, both cyber and physical system knowledge are needed to design such attacks. The current practice to generate attacks either focuses on the cyber part of the system using IT cyber security existing body of knowledge, or uses heuristics to inject attacks that could potentially harm the physical process. In this paper, we present a systematic approach to automatically generate integrity attacks from the CPS safety and control specifications, without knowledge of the physical system or its dynamics. The generated attacks violate the system operational and safety requirements, hence present a genuine test for system resilience. We present an algorithm to automate the malware payload development. Several examples are given throughout the paper to illustrate the proposed approach.