Is it hard to carry out replay attacks on industrial systems? Yes, it is.

What is it about?

Industrial Control Systems (ICS) are found in critical infrastructures such as water treatment plants, water distribution systems, and the electric power grid. With the increasing integration of modern information and communication technology, ICS systems are vulnerable to cyber and physical attacks. In this study, an operational water distribution plant was used to study how an attacker can steal water and remain undetected by launching a series of replay attacks on the system.

Featured Image

Photo by CHUTTERSNAP on Unsplash

Photo by CHUTTERSNAP on Unsplash

Why is it important?

Due to the complex nature of water distribution systems, they are vulnerable to physical attacks such as leaks and contamination, etc. A leak can be an intentional attack in which an attacker can steal water from the system. While doing so, he wants to remain undetected from such attacks by compromising a subset of sensors and alter their measurements. The choice of sensors and actuators also depends on the knowledge and capabilities of an attacker. We launch replay attacks on sensors such as pressure and flow meters. We investigated different attacker models and determine whether an attacker is successful in remaining undetected against the statistical attack detection model.

Perspectives