Back to Search Start Over

Covert channels in stochastic cyber‐physical systems

Authors :
Walter Lucia
Amr Youssef
Source :
IET Cyber-Physical Systems, Vol 6, Iss 4, Pp 228-237 (2021)
Publication Year :
2021
Publisher :
Wiley, 2021.

Abstract

Abstract A covert channel is a communication channel that is not intended to exist, and that can be used to transfer information in a manner that violates the system security policy. Attackers can abuse such channels to exfiltrate sensitive information from cyber‐physical systems (CPSs), for example to leak the confidential or proprietary parameters in a control system. Furthermore, attacks against CPSs can exploit the leaked information about the implementation of the control system, for example to determine optimal false data injection attack values that degrade the system performance while remaining undetected. In this study, a control theoretic approach for establishing covert channels in stochastic CPSs is presented. In particular, a scenario is considered where an attacker is able to inject malware into the networked controller and arbitrarily alter the control logic. By exploiting such capability, an attacker can establish an illegitimate communication channel, for example to transmit sensitive plant parameters, between the networked controller and an eavesdropper intercepting the sensor measurements. The authors show that such a channel can be established by exploiting the closed‐loop system operations, a decoding mechanism based on an unknown input observer, and an error‐correcting coding scheme that exploits the control loop to obtain an implicit acknowledgement. A simple proof of concept implementation of the covert channel is presented, and its performance is evaluated by resorting to a numerical example. Finally, some defences and countermeasures are proposed against the proposed covert channel.

Details

Language :
English
ISSN :
23983396
Volume :
6
Issue :
4
Database :
Directory of Open Access Journals
Journal :
IET Cyber-Physical Systems
Publication Type :
Academic Journal
Accession number :
edsdoj.4363a05b161344aa9369d1bbe46f97e3
Document Type :
article
Full Text :
https://doi.org/10.1049/cps2.12020