Exploring The Resilience of Control Execution Skips against False Data Injection Attacks

TL;DR

This paper analyzes how control execution skips can enhance CPS resilience against false data injection attacks, proposing a methodology to optimize such patterns while balancing attack resistance and control performance.

Contribution

It introduces a quantitative framework for designing optimal control skipping patterns to improve attack resilience without compromising control quality.

Findings

Skips can significantly improve attack resilience.

Optimal skipping patterns balance security and control performance.

Method validated on safety-critical CPS benchmarks.

Abstract

Modern Cyber-Physical Systems (CPSs) are often designed as networked, software-based controller implementations which have been found to be vulnerable to network-level and physical level attacks. A number of research works have proposed CPS-specific attack detection schemes as well as techniques for attack resilient controller design. However, such schemes also incur platform-level overheads. In this regard, some recent works have leveraged the use of skips in control execution to enhance the resilience of a CPS against false data injection (FDI) attacks. In this paper, we provide an analytical discussion on when and how skipping a control execution can improve the resilience of the system against FDI attacks while maintaining the control performance requirement. We also propose a methodology to synthesize such optimal control execution patterns. To the best of our knowledge, no previous work has provided any quantitative analysis about the trade-off between attack resilience and control performance for such aperiodic control execution. Finally, we evaluate the proposed method on several safety-critical CPS benchmarks.