IEEE Systems, Man and Cybernetics Magazine - April 2021 - 36

monitoring. In 2010, Stuxnet virusInformation Security
es penetrated the invasion control
Versus Secure
CPSs are critical
system and endangered the securiControl Methods
modern systems
ty of a nuclear reactor in Iran [18].
CPSs are critical modern systems
Attackers gained control of the
with complex infrastructures in
with complex
SCADA at an Illinois water plant
which cyber and physical worlds
infrastructures in
and disabled the supply pumps in
interact and work in tandem [1].
2011 [19]. In 2015, several attackers
They often consist of a distributed
which cyber and
ruined power grids in Ukraine [20].
network with sensors: actuators
physical worlds
Attackers have different motives
that interact with physical environfor cyberattacks, including finanments. Smart grids, water distribuinteract and work
cial gains, political gains, or cybertion networks, process control
in tandem.
terrorism. When their goal is to
systems (e.g., in the oil and gas
harm a system, they are interested
industries), automated vehicles,
in stealthy approaches to remain
and medical systems are examples
of CPSs [2]-[4]. SCADA is responsiinvisible and cause maximum
ble for high-level CPS management and control [5], [6].
damage, leading to economic collapses and even the loss
When the first SCADA system was designed, during the
of human lives [21].
1960s [7], the communication between limited devices
Cybersecurity techniques for detecting attacks can be
relied on telemetry, which enabled restricted access
split into two main groups: 1) information security and 2)
among a few types of equipment.
secure control. Information security approaches focus on
At that time, SCADA was secure since the networks
IT-related aspects, such as access control, authentication,
were closed; i.e., data and controls were confined to the
and message integrity. Secure control methods target the
networks themselves, and no communication with the outphysical parts of CPSs and use control system-based
side world was possible [8]. The first generation of standtechniques, such as exploring analytical redundancy
alone SCADA is referred to as monolithic SCADA. The
within the SCADA to ensure resiliency [22], [23]. There
next generation included distributed SCADA that had the
are several differences between the functions performed
ability to join local area networks. Finally, the third generby information security techniques and control system
ation, known as networked SCADA, had an open architecmethods [24]. The main one is that information security
ture and access to wide area networks (WANs). Networked
techniques' goal is to protect central hosts by safeguardSCADA, while benefiting from IT for communication, siming information. However, the control system-based stratple installation, a lower cost, and easier maintenance, can
egies protect entire networks, including controllers,
be relatively unsafe and prone to cyberattacks since it can
sensors, actuators, and, overall, physical configurations
be accessed from anywhere in the world [9].
by providing resiliency through estimation and monitorBecause SCADA is deployed by industries, governments,
ing facilities [25].
and military installations, network security has gained a
Information security techniques may not provide full
great deal of attention [10], [11], and several standards have
safety to CPSs, as access keys can be stolen and attackers
been developed for cybersecurity purposes. For instance,
can directly strike physical systems. Another notable issue
the North American Electric Reliability Corporation was
is that information security professionals regularly study
established to protect the power control systems [12]. Intermethods to prevent attackers from accessing systems.
national Electrotechnical Commission Technical CommitThey seldom consider situations where systems are under
tee (IEC TC 57) has a communication security standard to
attack, aiming to detect, identify, and perhaps counteract
provide robust encryption and authentication mechanisms
the attack. Finally, while information security techniques
[13]. The U.S. National Institute of Standards and Technolooften consider data encryption and protection, the nature
gy offers guidelines for SCADA control security [14]. In
and purpose of attacks are to affect physical systems, such
addition, the International Society of Automation (ISA)
as by feeding improper and perhaps destructive comdeveloped a security standard for industrial control and
mands to controllers [26]. Therefore, concentrating on
manufacturing, ISA Special Publication 99 [15]. While
information security alone will not address overall CPS
those standards aim to address CPS reliability and securisecurity. Cyber and physical aspects must be taken into
ty, the systems continue to be vulnerable.
account to have secure CPSs. It is generally true that
A large number of CPS attacks continues to be reported
cybersecurity is more mature, and many studies of inforin the literature [16], [17]. For instance, hackers shut down
mation security approaches exist [27], [28]. On the other
a safety display system at Ohio's Davis-Besse power plant
hand, physical security aspects have been the subject of
by inserting a slammer worm [15]. The control system was
fewer studies and remain a relatively new subject. A surnot directly affected, but it used commodity IT software,
vey of model-based distributed filtering and control for
which enabled the worm to disable the plant's safety
CPSs was recently provided in [29]. The main focus of that
36	

IEEE SYSTEMS, MAN, & CYBERNETICS MAGAZINE Apri l 2021



IEEE Systems, Man and Cybernetics Magazine - April 2021

Table of Contents for the Digital Edition of IEEE Systems, Man and Cybernetics Magazine - April 2021

contents
IEEE Systems, Man and Cybernetics Magazine - April 2021 - Cover1
IEEE Systems, Man and Cybernetics Magazine - April 2021 - Cover2
IEEE Systems, Man and Cybernetics Magazine - April 2021 - contents
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 2
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 3
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 4
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 5
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 6
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 7
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 8
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 9
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 10
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 11
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 12
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 13
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 14
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 15
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 16
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 17
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 18
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 19
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 20
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 21
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 22
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 23
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 24
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 25
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 26
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 27
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 28
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 29
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 30
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 31
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 32
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 33
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 34
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 35
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 36
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 37
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 38
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 39
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 40
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 41
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 42
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 43
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 44
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 45
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 46
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 47
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 48
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 49
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 50
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 51
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 52
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 53
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 54
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 55
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 56
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 57
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 58
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 59
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 60
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 61
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 62
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 63
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 64
IEEE Systems, Man and Cybernetics Magazine - April 2021 - Cover3
IEEE Systems, Man and Cybernetics Magazine - April 2021 - Cover4
https://www.nxtbook.com/nxtbooks/ieee/smc_202301
https://www.nxtbook.com/nxtbooks/ieee/smc_202210
https://www.nxtbook.com/nxtbooks/ieee/smc_202207
https://www.nxtbook.com/nxtbooks/ieee/smc_202204
https://www.nxtbook.com/nxtbooks/ieee/smc_202201
https://www.nxtbook.com/nxtbooks/ieee/smc_202110
https://www.nxtbook.com/nxtbooks/ieee/smc_202107
https://www.nxtbook.com/nxtbooks/ieee/smc_202104
https://www.nxtbook.com/nxtbooks/ieee/smc_202101
https://www.nxtbook.com/nxtbooks/ieee/smc_202010
https://www.nxtbook.com/nxtbooks/ieee/smc_202007
https://www.nxtbook.com/nxtbooks/ieee/smc_202004
https://www.nxtbook.com/nxtbooks/ieee/smc_202001
https://www.nxtbook.com/nxtbooks/ieee/smc_201910
https://www.nxtbook.com/nxtbooks/ieee/smc_201907
https://www.nxtbook.com/nxtbooks/ieee/smc_201904
https://www.nxtbook.com/nxtbooks/ieee/smc_201901
https://www.nxtbook.com/nxtbooks/ieee/smc_201810
https://www.nxtbook.com/nxtbooks/ieee/smc_201807
https://www.nxtbook.com/nxtbooks/ieee/smc_201804
https://www.nxtbook.com/nxtbooks/ieee/smc_201801
https://www.nxtbook.com/nxtbooks/ieee/systems_man_cybernetics_1017
https://www.nxtbook.com/nxtbooks/ieee/systems_man_cybernetics_0717
https://www.nxtbook.com/nxtbooks/ieee/systems_man_cybernetics_0417
https://www.nxtbook.com/nxtbooks/ieee/systems_man_cybernetics_0117
https://www.nxtbook.com/nxtbooks/ieee/systems_man_cybernetics_1016
https://www.nxtbook.com/nxtbooks/ieee/systems_man_cybernetics_0716
https://www.nxtbook.com/nxtbooks/ieee/systems_man_cybernetics_0416
https://www.nxtbook.com/nxtbooks/ieee/systems_man_cybernetics_0116
https://www.nxtbook.com/nxtbooks/ieee/systems_man_cybernetics_1015
https://www.nxtbook.com/nxtbooks/ieee/systems_man_cybernetics_0715
https://www.nxtbook.com/nxtbooks/ieee/systems_man_cybernetics_0415
https://www.nxtbook.com/nxtbooks/ieee/systems_man_cybernetics_0115
https://www.nxtbookmedia.com