An integrated cyber-physical framework for worst-case attacks in industrial control systems

Industrial Control Systems (ICSs) are widely used in critical infrastructures that face various cyberattacks causing physical damage. With the increasing integration of the ICSs and information technology (IT), ensuring the security of ICSs is of paramount importance. In an ICS, cyberattacks exploit vulnerabilities to compromise sensors and controllers, aiming to cause physical damage. Maliciously accessing different components poses varying risks, highlighting the importance of identifying worst-case cyberattacks. This aids in designing effective detection schemes and mitigation strategies. This article proposes an optimization framework that integrates cyber and physical systems of ICSs to identify the worst-case attack. The framework models cyberattacks with varying resources by (i) maximizing physical impact in terms of time to failure of the physical system, (ii) quickly accessing the sensors and controllers in the cyber system while exploiting limited vulnerabilities, (iii) avoiding detection in the physical system, and (iv) complying with the cyber and physical restrictions. These objectives enable us to model the interactions between the cyber and physical systems jointly and study the critical cyberattacks that cause the highest impact on the physical system under certain resource constraints. Our framework serves as a tool to understand the critical vulnerabilities of an ICS by holistically considering the interactions between cyber and physical systems. It also assesses the robustness of existing detection schemes and mitigation strategies by generating worst-case attack strategies. We illustrate and verify the effectiveness of our proposed method in both a numerical and a case study. The results show that a worst-case strategic attacker causes almost 19% further acceleration in the time to failure of the physical system while remaining undetected compared with a random attacker. Moreover, by considering the interactions and interdependencies between cyber and physical systems, our framework identifies worst-case attacks that reveal critical vulnerabilities and deficiencies in existing detection schemes, which can remain hidden when the two layers are analyzed separately.