Protecting Cyber-Physical Systems with Special Emphasis on Building Automation Networks
MetadataShow full item record
Critical infrastructures such as power grids, water treatment and distribution facilities, and Building Automation Systems (BAS) have come to employ Cyber-Physical Systems (CPSs) in which physical devices or components are coordinated and controlled through communication networks. Due to the criticalness of the infrastructures in which CPSs are deployed, they have become a ripe target for cyber-attacks. This work focuses on developing solutions to protect CPSs from cyber-attacks. To understand the network traffic behavior in a CPS, a collection of BACnet traffic was collected from a real-world BAS network. We conducted in-depth traffic analysis and observed that BACnet traffic can be classified into three categories: Time-driven, Human-driven, and Event-driven. Based on the observed traffic behavior, we developed “THE-driven” anomaly detector which adopts different mechanisms for each category of traffic. In addition, Commensurate Response (CR) was introduced to improve the system resilience and attack survivability of the CPS. CR forces the footprint of the attack to be commensurate with its impact on the system. Next, Path Redundancy was proposed to counter compromised embedded controllers which could be leveraged by attackers to launch data integrity attacks and false command attacks. As an extension of Path Redundancy, a new CPS architecture is introduced to provide data replica and enable control switching when a controller is attacked. The new architecture leverages virtualization to overcome Single-Point-of-Failures (SPOFs) without requiring additional hardware devices.
Zheng, Zhiyuan (2017). Protecting Cyber-Physical Systems with Special Emphasis on Building Automation Networks. Doctoral dissertation, Texas A & M University. Available electronically from