Monitoring and Defense of Industrial Cyber-Physical Systems Under Typical Attacks: From a Systems and Control Perspective

In the new industrial environment, the safe and reliable operation of Industrial Cyber-Physical Systems (ICPSs) is being threatened by new types of attacks: Attackers carefully tamper with the measurement and control data transmitted over the network, causing the controlled systems to behave abnormally. The essence of such threats is operational safety issues induced by information security issues, which need to be studied at the bottom monitoring and control layer of the system. Studying safety and security monitoring, as well as defense strategies against these attacks, is of paramount importance. The primary objective of this article is to offer readers a timely survey that sheds light on the current status of safety and security issues in ICPSs. A comprehensive comparison is conducted with existing approaches and relevant literature, focusing on a systems and control perspective. Specifically, we emphasize the concept of cyber-physical attacks by contrasting them with conventional cyberattacks. A summary of real-world instances of typical cyber-physical attacks is provided to illustrate their significance. In terms of methodology, we conduct a thorough review of attack principles, attack detection, and evaluation approaches, as well as defense schemes. During this process, we carefully compare the pros and cons of different detection methods. It is further elaborated that the information asymmetry between the offensive and defensive parties is the booster of the integrated design of industrial safety and security. Looking ahead, we identify and summarize fourteen open questions that warrant further research.