| Abstrakt: |
Cyber-physical systems (CPSs) integrate computing and communication capabilities to monitor and control physical processes. In order to do so, communication networks are commonly used to connect sensors, actuators, and controllers in the feedback system. The use of communication networks increases the vulnerability of CPSs to cyberattacks that can drive the system to unsafe states. One of the most powerful cyberattacks is the so-called man-in-the-middle attack, where the intruder can observe, hide, create, or change information in the attacked network channels. In this article, we propose a defense strategy that can thwart man-in-the-middle attacks in the sensor and/or control communication channels of CPSs modeled as discrete-event systems. We also introduce the definition of network attack security (NA-Security), which is related to the possibility of preventing the system from reaching unsafe states by using a security supervisor, whose online implementation has polynomial computational complexity, and we propose an algorithm to verify this property. Note to Practitioners—CPSs form the basis for the fourth industrial revolution, called Industry 4.0. In these kinds of systems, communication networks are used to connect sensors, actuators, and controllers in the closed-loop system. The increase in the use of communication networks also increases the vulnerability of CPSs to cyberattacks. The use of conventional defenses, such as firewalls, is not recommended in industrial systems due to the introduction of communication delays. In this article, we propose a new defense strategy that prevents damages in the system caused by man-in-the-middle attacks. A security supervisor is proposed to disable controllable events when there is a risk to reach states of the system that may represent damages to the system or its operators. [ABSTRACT FROM AUTHOR] |
