Quantifying Control Performance Loss for a Least Significant Bits Authentication Scheme

TL;DR

This paper introduces a legacy-compatible LSB coding scheme for message authentication in industrial control systems, quantifies its impact on control performance, and demonstrates its effectiveness against cyberattacks.

Contribution

It presents a provably secure, legacy-compatible LSB coding scheme with a method to handle synchronization issues and quantifies control performance loss.

Findings

Effective detection of cyberattacks demonstrated on a hydro power turbine system.

Quantified control performance loss for fixed-point and floating-point architectures.

Scheme maintains system availability without compromising legacy device compatibility.

Abstract

Industrial control systems (ICSs) often consist of many legacy devices, which were designed without security requirements in mind. With the increase in cyberattacks targeting critical infrastructure, there is a growing urgency to develop legacy-compatible security solutions tailored to the specific needs and constraints of real-time control systems. We propose a least significant bits (LSBs) coding scheme providing message authentication and integrity, which is compatible with legacy devices and never compromises availability. The scheme comes with provable security guarantees, and we provide a simple yet effective method to deal with synchronization issues due to packet dropouts. Furthermore, we quantify the control performance loss for both a fixed-point and floating-point quantization architecture when using the proposed coding scheme. We demonstrate its effectiveness in detecting cyberattacks, as well as the impact on control performance, on a hydro power turbine control system.