A Framework for Attack-Resilient Industrial Control Systems: Attack Detection and Controller Reconfiguration

Most existing industrial control systems (ICSs), such as building energy management systems (EMSs), were installed when potential security threats were only physical. With advances in connectivity, ICSs are now, typically, connected to communications networks and, as a result, can be accessed remotely. This extends the attack surface to include the potential for sophisticated cyber attacks, which can adversely impact ICS operation, resulting in service interruption, equipment damage, safety concerns, and associated financial implications. In this work, a novel cyber-physical security framework for ICSs is proposed, which incorporates an analytics tool for attack detection and executes a reliable estimation-based attack-resilient control policy, whenever an attack is detected. The proposed framework is adaptable to already implemented ICS and the stability and optimal performance of the controlled system under attack has been proved. The performance of the proposed framework is evaluated using a reduced order model of a real EMS site and simulated attacks.