Security Against Communication Network Attacks of Cyber-Physical Systems

Communication networks are commonly used to connect sensors, actuators, and controllers to monitor and control cyber-physical systems (CPS). The use of communication networks increases the vulnerability of the CPS to cyber attacks that can drive the system to reach unsafe states. One of the most powerful cyber attacks is the so-called man-in-the-middle attack, where the intruder can observe, hide, create or replace information in the attacked network channel. In a previous paper, we have introduced the definition of NA-Safe controllability, that is related with the capability of detecting intrusions and preventing damages caused by man-in-the-middle attacks in the sensor and/or control communication channels in supervisory control systems. In this paper, we extend our previous work as follows: (i) we prove the correctness of the NA-Safe controllability verification algorithm; (ii) we show how to implement the security module against cyber attacks; (iii) we show that NA-Safe controllability is a necessary and sufficient condition for the existence of the security module; and (iv) we present a practical example to illustrate the results of the paper.