Dynamic Network Path Provisioning and Selection for the Detection and Mitigation of Data Tampering Attacks in Networked Control Systems

Networked control systems can help build cost-effective and flexible industrial systems. A system that can function while being immune to cyberattacks is necessary. A method called fixed redundant path selection (FRPS) has been proposed to detect and mitigate data tampering attacks in a networked mo...

Descripción completa

Guardado en:
Detalles Bibliográficos
Autores principales: Kento Aida, Kenta Yamada, Ryosuke Hotchi, Ryogo Kubo
Formato: article
Lenguaje:EN
Publicado: IEEE 2021
Materias:
Acceso en línea:https://doaj.org/article/19a8eee0fa0d4edeaa33828504d36217
Etiquetas: Agregar Etiqueta
Sin Etiquetas, Sea el primero en etiquetar este registro!
Descripción
Sumario:Networked control systems can help build cost-effective and flexible industrial systems. A system that can function while being immune to cyberattacks is necessary. A method called fixed redundant path selection (FRPS) has been proposed to detect and mitigate data tampering attacks in a networked motion control system. This system contains redundant forward network paths from the controller to the motor sides to detect the attacked path by comparing the values that are received through respective paths. Then, a path selector on the motor side chooses a value on the path that is not attacked based on the majority decision. Increasing the number of redundant paths improves the detection performance of simultaneous attacks against multiple paths. However, it also increases the amount of traffic because the same data are transmitted to all of the redundant paths. This study proposes a dynamic redundant path selection (DRPS) method to balance the detection performance and the amount of traffic. The proposed method initially applies three redundant paths and changes the number of redundant paths to five only when the path selector detects a difference among the received values for the three paths. The experiments confirm that the proposed DRPS outperforms the conventional FRPS. The former can detect and mitigate the data tampering attacks while reducing the number of network paths during tampering detection when the system is exposed to simultaneous attacks against up to two of the redundant paths.