Cyber-Physical Control Systems: Vulnerabilities, Threats, and Mitigations

Cyber-Physical Systems (CPS) are yielding novel problems and solutions for security researchers. CPSs connect computerized controllers and human supervisors with physical systems used in the energy, transportation, water, manufacturing, and other sectors. A recent and well-known attack is the Stuxnet computer worm [1], which targeted Siemens industrial software used to control nuclear fuel processing plants. The worm exploited several extremely complicated cyber attack vectors, including four Windows zero-day vulnerabilities, to sabotage a suspected uranium processing facility. The scale and complexity of the attack clearly demonstrated the need to fully monitor cyber-physical critical infrastructures in real time for both accidental and malicious failures. Recent similar attacks against CPS have prompted unprecedented investigation into new threats [2] and mitigations [3], [4] against CPSs. However, despite the increased interest in CPS security problems, the security community faces significant learning curves in addressing them. Modern CPSs are founded on control theory, real-time systems, and obscure, often ad-hoc programming practices. Furthermore, the traditional definitions of security are often in conflict with the goals and operational constraints of CPSs. A security measure that blocks a system operator from executing a critical action could cause as much or more damage than an actual attack!