IEEE Systems, Man and Cybernetics Magazine - April 2021 - 38

◆◆ Integrity: Integrity concerns the trustworthiness of

data and information within a system [30], [36], implying that generated, transmitted, and stored data must
be genuine. In CPSs, fake information from a sensor,
an actuator, or a controller could have grave consequences, knocking systems from desired operating
regions into conditions that could result in unwanted,
unsafe, and even catastrophic outcomes. In IT systems, intramessage integrity means that communication content must be genuine [25].
◆◆ Timeliness: Timeliness is an important characteristic
of CPSs, as physical systems need to function in real
time [37]. This concept signifies that data must be
instantly generated and that any information replay is
not acceptable. Therefore, data need to be made available in actual time to meet requirements [25].
◆◆ Confidentiality: Confidentiality means that access
must be limited to authorized users. This is common in
CPSs and IT systems. In IT systems, encryption keys
are required to maintain the confidentiality of information, such as passwords and sensitive data [25].
Cyberattacks
With the widespread use of sensors and networked control, cyberattacks on CPSs have been on the rise [38]-[41].
Cyberattacks on critical CPS infrastructures, such as
power grids, could have wide-ranging adverse consequences [32]. For bad agents to inflict maximum damage,
strikes must come at unexpected times and target unlikely subsystems and devices. Furthermore, attack durations
are often short [22]. In the following sections, attack categories are discussed. To facilitate the study and design of
cyberattack-resilient systems from a control-theoretic
point of view, mathematical attack models are outlined.
Attack Categories
Malware can be performed on devices, including actuators, sensors, controllers, and so on [42]. Figure 2 displays
various attacks on a typical CPS closed-loop control. In
the following, attacks on different control system elements
are discussed.
◆◆ Attacks on controllers: Hackers can execute attacks on
controllers by changing program code in the control
software. A landmark attack on an industrial CPS took
place in July 2010 when the sophisticated Stuxnet

Controller

Attacker

Actuator

Attacker

Physical System

Attacker

Sensor

Figure 2. Different attacks on a typical CPS under

closed-loop control.

38	

IEEE SYSTEMS, MAN, & CYBERNETICS MAGAZINE Apri l 2021

worm attacked Iran's nuclear plant by modifying the
code running on Siemens programmable logic controllers. It resulted in controllers applying malicious inputs
to the frequency converter that governed centrifuge
rotors [43]. The Aurora attack was another breach that
changed the controller frequency in power grids, causing damage [44]. Attackers can also alter controller
commands in biomedical implants and send malicious
commands to the devices, such as cardiac units and
drug delivery systems. Clearly, this type of attack can
harm patients and even cause death [45].
◆◆ Attacks on actuators: Malicious parties can alter control input by directly transmitting fake signals to actuators. For instance, in a drive-by-wire automobile,
injecting phony packets into controller area network
buses can compromise brake systems [46].
◆◆ Attacks on sensors: CPSs employ a variety of sensors,
such as microphones, surveillance devices, and textual
interfaces, which can be attacked through communication links [47]. Malicious activities are often perpetrated by manipulating sensor signals and reporting or
transmitting incorrect information that could be used
in a closed-loop control system and cause problems
[48]. For instance, in a power system application,
hackers manipulated measurement signals and transmitted alert data to state estimators [49]. In biomedical applications, WSNs can be used to hack SCADA to
manipulate devices, for instance, by changing drug
doses [50], [51]. Shepard et al. [52] describe how
unmanned autonomous vehicles can be stolen by
sending fake GPS signals to controllers, leading to
deceitful navigation system commands that steer cars
to dangerous locations.
In general, cyberattacks can be divided into two categories according to their nature [9]: 1) denial of service (DoS)
[53], [54] and 2) false data injection (deception) [55]-[57].
These attacks lead to data losses and diminished information integrity [58]. More details are provided as follows.
◆◆ DoS attacks: DoS attacks can result from an interruption of data from sensors, actuators, and control systems. An adversary may jam a communication
channel, flood a channel with random data, and prevent devices from transmitting information [59]-[63].
◆◆ Deception attacks: Hackers can launch these attacks by
accessing and replacing real measurement data from
various parts of a system and replace the information
with corrupt or fake versions intended to cause harm
[64], [65]. Deception attacks are more difficult to identify than DoS attacks [66], as access to data is readily
available. However, data veracity is hard to discern.
Additionally, attacks can be defined and classified
according to their mechanisms. Examples include replay
attacks [67], [68], integrity attacks [69], [70], zero-dynamics attacks [71], [72], reset attacks [73], jamming attacks
[74], and covert attacks [75]. For instance, in a replay
attack, adversaries compromise sensors and record the



IEEE Systems, Man and Cybernetics Magazine - April 2021

Table of Contents for the Digital Edition of IEEE Systems, Man and Cybernetics Magazine - April 2021

contents
IEEE Systems, Man and Cybernetics Magazine - April 2021 - Cover1
IEEE Systems, Man and Cybernetics Magazine - April 2021 - Cover2
IEEE Systems, Man and Cybernetics Magazine - April 2021 - contents
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 2
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 3
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 4
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 5
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 6
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 7
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 8
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 9
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 10
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 11
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 12
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 13
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 14
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 15
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 16
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 17
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 18
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 19
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 20
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 21
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 22
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 23
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 24
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 25
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 26
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 27
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 28
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 29
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 30
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 31
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 32
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 33
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 34
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 35
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 36
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 37
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 38
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 39
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 40
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 41
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 42
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 43
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 44
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 45
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 46
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 47
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 48
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 49
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 50
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 51
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 52
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 53
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 54
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 55
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 56
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 57
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 58
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 59
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 60
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 61
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 62
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 63
IEEE Systems, Man and Cybernetics Magazine - April 2021 - 64
IEEE Systems, Man and Cybernetics Magazine - April 2021 - Cover3
IEEE Systems, Man and Cybernetics Magazine - April 2021 - Cover4
https://www.nxtbook.com/nxtbooks/ieee/smc_202301
https://www.nxtbook.com/nxtbooks/ieee/smc_202210
https://www.nxtbook.com/nxtbooks/ieee/smc_202207
https://www.nxtbook.com/nxtbooks/ieee/smc_202204
https://www.nxtbook.com/nxtbooks/ieee/smc_202201
https://www.nxtbook.com/nxtbooks/ieee/smc_202110
https://www.nxtbook.com/nxtbooks/ieee/smc_202107
https://www.nxtbook.com/nxtbooks/ieee/smc_202104
https://www.nxtbook.com/nxtbooks/ieee/smc_202101
https://www.nxtbook.com/nxtbooks/ieee/smc_202010
https://www.nxtbook.com/nxtbooks/ieee/smc_202007
https://www.nxtbook.com/nxtbooks/ieee/smc_202004
https://www.nxtbook.com/nxtbooks/ieee/smc_202001
https://www.nxtbook.com/nxtbooks/ieee/smc_201910
https://www.nxtbook.com/nxtbooks/ieee/smc_201907
https://www.nxtbook.com/nxtbooks/ieee/smc_201904
https://www.nxtbook.com/nxtbooks/ieee/smc_201901
https://www.nxtbook.com/nxtbooks/ieee/smc_201810
https://www.nxtbook.com/nxtbooks/ieee/smc_201807
https://www.nxtbook.com/nxtbooks/ieee/smc_201804
https://www.nxtbook.com/nxtbooks/ieee/smc_201801
https://www.nxtbook.com/nxtbooks/ieee/systems_man_cybernetics_1017
https://www.nxtbook.com/nxtbooks/ieee/systems_man_cybernetics_0717
https://www.nxtbook.com/nxtbooks/ieee/systems_man_cybernetics_0417
https://www.nxtbook.com/nxtbooks/ieee/systems_man_cybernetics_0117
https://www.nxtbook.com/nxtbooks/ieee/systems_man_cybernetics_1016
https://www.nxtbook.com/nxtbooks/ieee/systems_man_cybernetics_0716
https://www.nxtbook.com/nxtbooks/ieee/systems_man_cybernetics_0416
https://www.nxtbook.com/nxtbooks/ieee/systems_man_cybernetics_0116
https://www.nxtbook.com/nxtbooks/ieee/systems_man_cybernetics_1015
https://www.nxtbook.com/nxtbooks/ieee/systems_man_cybernetics_0715
https://www.nxtbook.com/nxtbooks/ieee/systems_man_cybernetics_0415
https://www.nxtbook.com/nxtbooks/ieee/systems_man_cybernetics_0115
https://www.nxtbookmedia.com