Intrusion Detection in Cyber-Physical Systems: Techniques and Challenges

Cyber-physical systems (CPSs) integrate the computation with physical processes. Embedded computers and networks monitor and control the physical processes, usually with feedback loops where physical processes affect computations and vice versa. CPS was identified as one of the eight research priority areas in the August 2007 report of the President's Council of Advisors on Science and Technology, as CPS will be the core component of many critical infrastructures and industrial control systems in the near future. However, a variety of random failures and cyber attacks exist in CPS, which greatly restrict their growth. Fortunately, an intrusion detection mechanism could take effect for protecting CPS. When a misbehavior is found by the intrusion detector, the appropriate action can be taken immediately so that any harm to the system will be minimized. As CPSs are yet to be defined universally, the application of the instruction detection mechanism remain open presently. As a result, the effort will be made to discuss how to appropriately apply the intrusion detection mechanism to CPS in this paper. By examining the unique properties of CPS, it intends to define the specific requirements first. Then, the design outline of the intrusion detection mechanism in CPS is introduced in terms of the layers of system and specific detection techniques. Finally, some significant research problems are identified for enlightening the subsequent studies.