A Survey of Cyber Attacks on Cyber Physical Systems: Recent Advances and Challenges

Wenli Duo, MengChu Zhou,, and Abdullah Abusorrah,

Abstract—A cyber physical system (CPS) is a complex system that integrates sensing, computation, control and networking into physical processes and objects over Internet. It plays a key role in modern industry since it connects physical and cyber worlds. In order to meet ever-changing industrial requirements, its structures and functions are constantly improved. Meanwhile,new security issues have arisen. A ubiquitous problem is the fact that cyber attacks can cause significant damage to industrial systems, and thus has gained increasing attention from researchers and practitioners. This paper presents a survey of state-of-the-art results of cyber attacks on cyber physical systems.First, as typical system models are employed to study these systems, time-driven and event-driven systems are reviewed.Then, recent advances on three types of attacks, i.e., those on availability, integrity, and confidentiality are discussed. In particular, the detailed studies on availability and integrity attacks are introduced from the perspective of attackers and defenders. Namely, both attack and defense strategies are discussed based on different system models. Some challenges and open issues are indicated to guide future research and inspire the further exploration of this increasingly important area.

I. INTRODUCTION

Acyber physical system (CPS) is a typical product of Industry 4.0, which plays an important role since a CPS is able to integrate the physical and virtual worlds by providing real-time data processing services [1]. More specifically, a CPS allows a physical system to be equipped with a virtual system as a monitor, enabling data collected from the physical world to be analyzed in the virtual world such that decisions can be made to affect the course of physical world. Therefore, a CPS enables integration, sharing and collaboration of information, as well as real-time monitoring and global optimization of systems [2]. There is a wide range of applications in modern industry based on CPSs,such as smart grids, healthcare, aircraft, digital manufacturing and robotics [3]?[6]. Literature shows that CPS includes, but is not limited to, networked control systems (NCSs), wireless sensor networks, and smart grids.

A CPS consists of a physical system and a cyber system. It results from an integration of physical processing, sensing,computation, communication and control [7]. Its general architecture is shown in Fig. 1. The physical system consists of physical processes, sensors and actuators. The cyber system includes communication networks, computing and control centers. Physical processes are usually considered as a plant that is controlled by a cyber system. As for other components,they have the following functions:

1) Sensors:They are used for real-time data acquisition.

2) Actuator:Control commands are executed by corresponding actuators to realize desired physical actions.

3) Computing and control center:It is responsible for receiving data measured by sensors. By analyzing the received data, corresponding control decisions are made by the control center to ensure that physical processes are performed correctly.

4) Communication network:It provides a communication platform for the control center and physical system. To be precise, measurements obtained by sensors are transmitted over the communication network to the control center. Control signals or decisions are transmitted from the control center to actuators by the communication network.

Fig. 1. An architecture of a CPS.

With the rapid development of modern industry, demands for CPS integration are growing to make up for shortcomings among networks, technologies, tools, and devices. The integration of systems and technologies in CPS tends to be complex and diverse, making it a compatible and open system, which unfortunately provides a platform for adversaries to exploit CPS and results in numerous security issues. One of the most ubiquitous problems is cyber attacks,which can degrade system performance, or even cause catastrophic consequences. An example of a vicious event was the attack on Ukrainian power grids. The power grid is a typical CPS that consists of a power plant, transmission and distribution stations, consumers, control centers, and communication networks. Different components are monitored and connected by sensors and networks respectively, to guarantee a healthy system status. The Ukrainian power system contained a lot of open-source information in 2015, which provided an opportunity for attackers. First, a phishing email spread across networks to introduce a BlackEnergy malware.It allowed attackers to gain confidential data and critical system information. Such actions enabled access to control centers and shutdown of substations remotely. Then, another piece of malware was activated to destroy critical files and prevent the system from rebooting. Finally, a denial-of-service(DoS) attack was launched on call centers to deny consumers access to the latest information on blackout. Nearly 225 000 consumers suffered from this power outage for 1 to 6 hours.Another example is that many healthcare organizations were threatened by cyber attacks during the coronavirus disease 2019 (COVID-19), where attackers attempted to steal research data related to COVID-19 and cause chaos in the hospitals to gain revenue. For instance, a Czech hospital shut down its network due to a cyber attack in March 2020, which greatly impacted diagnosis of COVID-19 and patient care [8].Important attack events are given in Table I, each of which has caused significant damage to global industry. Therefore,there is a growing interest in cyber attacks on CPSs.

TABLE I TYPICAL CYBER ATTACK EVENTS FROM YEARS 2010 TO PRESENT

Security of CPSs is guaranteed by three features, i.e.,availability, integrity, and confidentiality. Availability guarantees that the system is available whenever needed, i.e.,every component of the system works correctly at all times.Integrity prevents data or signals in sensors, controllers and electronic devices from being altered by unauthorized parties.Confidentiality ensures security and personal privacy, i.e., key data and information can only be accessed by authorized parties [9]. Once one of these features is lost, the system is at risk of security problems. Hence, these three features are commonly used to determine if a system is secure. They form a security criterion, namely, any security deployment must ensure the availability, integrity and confidentiality of a system. On the other hand, they become targets of cyber criminals. Attackers often work to compromise them to degrade system security, especially availability and integrity.

On the basis of the intentions of attackers, cyber attacks on CPS can be divided into three classes, namely, availability,integrity and confidentiality ones. The availability attack is the most common cyber attack. Its objective is to block the communication network by making data and information unavailable. Typical availability attacks include DoS,distributed DoS and jamming ones. an integrity attack can occur on sensors, actuators, communication networks, and computing and control centers as data and control commands can be falsified under such an attack. There are many types of integrity attacks, e.g., false data injection attacks, middlemen,sparse and replay attacks. Confidentiality attacks may occur at any part of a system since any system information may be targeted by an attacker. Attack methods include eavesdropping, and the combination of DoS and integrity attacks.

Recently, many efforts have been made on dealing with cyber attacks in CPS based on system control theory, since a CPS can be considered as a physical system that is controlled by industrial control technologies. Based on system control theory, researchers study cyber attacks in two ways, i.e.,attack and defense strategies. The former is to find the weaknesses of CPS and to propose possible attack strategies,while the latter is to design detection or control methods to defend attacks. Some surveys have outlined the recent work from the perspective of system control [10]?[19]. Table II shows their coverage in terms of: 1) attack types; 2) system models; 3) attack strategies; 4) defense strategies, and provides the main focus of them. It is clear that none of the existing surveys covers all the aspects indicated in the table,while they are important since they indicate attacks and methodologies in recent work. For the purpose of identifying current concerns, technologies, bottlenecks and future research, this paper provides a survey for cyber attacks on CPS that covers all the issues in Table II. More specifically,we review recent advances on availability, integrity and confidentiality attacks. In particular, attack and defense strategies for CPS availability and integrity are discussed based on time-driven and event-driven system models. Some challenges and open issues are summarized according to the survey.

Section II introduces some system models for CPS. Section III provides a review about availability attacks and defense strategies. Section IV focuses on recent studies on integrity attacks, and Section V gives a review of confidentiality attacks. Section VI concludes the paper and discusses some challenging topics to guide future work.

Notations:Let N be the set of natural numbers. R is the set of real numbers, where R+denotes the set of non-negative real numbers. Rnis the set ofn-dimensional Euclidean space.

TABLE II RELATED SURVEYS ON CYBER ATTACK

II. SYSTEM MODELS FOR CPS

A system model plays a fundamentally important role in realizing system control theory on CPS due to its ability to characterize the dynamic behavior of a CPS. Literature shows that a CPS under attack can be usually modeled as two types of systems, i.e., time-driven and event-driven ones.

Time-driven systems including continuous-time and discretetime systems have caught much attention in CPS modeling[20]?[22]. We note that the linear time-invariant (LTI) system is the most commonly used model for both. Take a discretetime LTI as an example. CPS is modeled as

whereγ(Zk)∈ {0, 1} denotes an attack sequence that prevents the control signal from reaching the actuator andZkcorresponds to the internal state of an attacker.

Fig. 2. An automaton G of a cyber attack on a computer system [29].

Interesting work has also appeared in event-driven systems recently, i.e., discrete event system (DES), which is accepted as a technical abstraction of CPS [27]. Two typical tools to model a CPS as a DES are finite state automata and Petri nets.The former can show system states clearly, while the latter can provide a compact model.the system reach undesirable states. Thus, a supervisor is designed to control the occurrence of eventsGrant accessandDeauthorize. However, such a supervisor can make wrong decisions since an integrity attacker may falsify event sequences sent to it. In [29], the attacker is assumed to be able to insert or remove eventExploit iin a sequence. Such an attack is characterized as a set

whereA?means that there is no attack andAExploit imeans the occurrence ofExploit iis altered by the attacker. Determining how to find a supervisor under such an attack set is the goal of the work [29].

A Petri net is another tool to model CPS. It is a 3-tupleN=(P,T,F), wherePandTare the set of places and transitions,respectively.F? (P×T)∪(T×P) is the set of flow relations that is represented by directed arcs. Modeling CPS and attacks as Petri nets is similar to the case with automata. Related models refer to [27].

Remark 1:The model in Fig. 2 is used to study an integrity attack, where “denial of service” is a state rather than an availability attack. Based on DES and control theory, most of the existing work is aimed at integrity attacks while almost none at availability ones. Compared with the former,availability attacks usually rely on external interference signals instead of system events. It means that the supervisor cannot handle an availability attack by controlling system events. In this sense, supervisory control of DES is not appropriate for handling availability attacks. Confidentiality attack models are usually diverse and complex. Their example can be found in [30], [31].

III. AVAILABILITY ATTACK

The purpose of an availability attack is to make data,information and resources in the system unavailable. There are several ways for attackers to implement availability attacks, such as filling buffers in a user or the kernel domain,blocking or jamming the communication among key components, and altering a routing protocol. The most common availability attack is DoS one. In recent years, most studies about CPSs have concentrated on DoS. Researchers have extensively studied it based on time-driven systems,while rarely based on event-driven systems. Thus, we focus on the recent work about it in terms of time-driven systems.

A. DoS Attack Strategies Against CPS

As mentioned in Introduction, we need to study cyber attacks on CPS in terms of attack and defense strategies. The former means designing strategies to attack systems while the latter means protecting systems from being attacked. It is significant to have a sufficient understanding of attack strategies. In most cases, only knowing what kind of attack the system is subjected to, can we propose effective countermeasure. It is reasonable for researchers to study DoS attacks from an attacker’s point of view.

Usually, DoS attacks block communication via a wireless network since its nodes’ energy budget is limited [32]. Energy constraints become a tricky issue since they can impact the effectiveness of attacks. This problem is considered in recent

The solution toProblem1 in [33] is any attack schedule that contains a sequence ofnconsecutive attacks.

Problem 1 is modified in [34] by replacingJa(η) in (5) with a Linear Quadratic Gaussian control cost function. Solution to the modified problem aims to maximize the attacking effect on a wireless NCS. It should be pointed out that strong assumptions are required in both studies [33], [34], i.e., the system is unaware of the existence of attacks, only a limited number of attacks can be launched during an active period,and no packets drop if the attack is absent.

An important situation is neglected in the above methods,i.e., it is unlikely for practical systems to work perfectly all the time. Hence, [35] focuses on a DoS attack under a scenario where packets may be lost even if no attack occurs. By solving Problem 1, an optimal scheduling method is proposed to maximize the expected estimation error. It greatly degrades the performance of a remote estimator, thus maximizing the attack effect on the system. In addition, the proposed method handles a problem of when to launch an attack to maximize damage to the system. However, the effect of attack power on system performance is ignored. Such issue is considered in[36], i.e., optimal DoS attack energy management is studied while taking account of packet losses and the effect of attack power. As a result, two static attack power allocation policies and a dynamic one are proposed. The former aims to maximize expected terminal error and average error, while the latter considers two indexes based on a Markov decision process. They can work only if the packet transmitted from a sensor to an estimator is not lost at the initial time [35], [36].

Sensors are assumed to have computational capacity in the above attack strategies. Such strategies may lose effectiveness when facing un-computational sensors. This problem is discussed in [24], where such sensors are adopted in CPS under a round-robin protocol. A more general error cost function that contains terminal and average errors is proposed.Then, an optimal attack schedule is presented to maximize the error cost so that the performance of a state estimator can be degraded. However, sensors studied in the paper contain a single unit buffer only. Thus, the proposed method is not applicable to a multiple unit case.

B. Defense Strategies Against DoS Attack

Two strategies for defending against cyber attacks include attack detection and secure control. Advances on the former are mostly derived from computer science instead of system control theory. Many detection methods are designed based on artificial intelligence approaches, such as deep learning,reinforcement learning and neural network [37]?[40], which is beyond the scope of this paper. We only discuss secure control methods against DoS attacks in this section.

Once an availability attack is successfully launched, the closed-loop stability of CPS is destroyed since certain data packets are prevented from being transmitted over communication networks. Hence, most researchers pay their attention to resilient control for availability attacks since some degree of data loss can be tolerated with resilient control.

Event-triggered (ET) control has the advantage of saving network resources significantly while maintaining good closed-loop system performance. It is widely used to achieve resilient control for CPS, especially systems with limited network resources, such as NCSs and wireless networks.Usually, an ET scheme can be divided into ET sampling and ET transmission. The former embeds an event-generator into a sensor to select signals to be sampled, while the latter embeds it behind the sensor to determine whether the sampled signals should be released. A detailed analysis of this ET control framework is referred to [41].

In order to maintain desired control performance as well as reduce the number of transmitted packets, Penget al. [42]model multi-area power system as an area control errordependent time-delay model and presents a resilient ET transmission scheme for the system based on load frequency control. Based on the proposed model and scheme, DoS attacks can be defended with a priori knowledge of the maximum DoS attack duration.

Asynchronous DoS attacks are considered in [43], i.e., DoS attacks can occur on sensor-to-controller (S-C) channels and controller-to-actuator (C-A) channels. Two different ET mechanisms are designed for them, namely S-C ET and C-A ET. The former is embedded in a smart sensor system and the latter is introduced in a controller system. Under the proposed ET strategies, a closed-loop system is proved to be input-tostate stable.

Motivated by ET transmission schemes and periodic ET control schemes in [44] and [45], Huet al. [46] propose an observer-based resilient ET transmission scheme for NCS,where a system suffers from periodic DoS jamming attacks.The DoS jamming signal is as follows:

It must be noted that internal and external environments are usually complex and uncertain in practice, leading to failure of the above methods since uncertainty of system parameters is not considered. Thus, some researchers treat CPS as a stochastic system. Chenet al. [48] consider resilient control for an uncertain NCS under quantization and pulse-width modulated (PWM) DoS jamming attacks [49]?[51]. An ET transmission scheme is proposed to solve the problem, based on which, a switched system model is obtained to preserve closed-loop stability, where parameter uncertainty is considered. Furthermore, an algorithm is designed to generate state-feedback controllers and communication strategies.

Different from [48], Zhaoet al. [52] take into account a stochastic NCS under non-periodic DoS jamming attacks.They design an observer-based adaptive event generator to preserve control performance, while a secure controller is obtained to guarantee the system stability. Moreover, they provide a method for the joint design of observer gains,controller gains and ET parameters.

Similarly, ET control is employed in [53] to reduce the burden of communication for a stochastic NCS under DoS attacks. The event generator is embedded into a sensor,forming a new sensor node. The proposed scheme allows data packets to be dropped actively if they are transmitted successfully at the initial time. Different from the above methods, system performance in the presence and absence of DoS attacks is analyzed. An upper bound is provided to describe system stability based on the bounded function.

An important issue we should take into account is that potential faults may occur in practical systems. They degrade the reliability of systems as well as the performance of aforementioned strategies. Sathishkumar and Liu [54] propose a resilient fault-tolerant control strategy for a nonlinear NCS to deal with periodic DoS jamming attacks, actuator saturation, randomly occurring nonlinearities and actuator faults. Specifically, an ET transmission scheme is designed to ensure the resilience of a system under DoS attacks.

In addition to an ET control framework, researchers also adopt other methodologies to realize secure control. For example, robust control for a NCS is studied in [55], where a dynamic observer-based control architecture is designed. It shows that the considered dynamic observer equipped with prediction and state resetting capabilities is applicable to a general class of DoS attacks. However, it works only if the process under control is observable. A Markov process is utilized in [56] to study the resilience and stability of a NCS under stochastic DoS attacks. The proposed method is effective for the case with full knowledge on DoS attacks but less effective for the case with partial knowledge only. In other words, its efficiency depends on how much knowledge about DoS attacks the system controller has. Yuan and Xia[57] consider DoS attacks between sensor and remote estimation. They present a multi-transmission strategy to reduce the probability of a system being attacked. In their work, two players are considered, i.e., a transmitter and an attacker. Their interaction is modeled as a stochastic game,based on which, a resilient control strategy is developed.Zhanget al. [58] consider DoS attacks that can be random or periodic but their duration time is limited. They propose some criteria to check whether a non-periodic sampled-data control system can preserve stability under such attacks. Based on the duration time of DoS attacks, they further present an algorithm to generate state-feedback controllers.

Apart from resilient control, stochastic control can be used to deal with DoS attacks. It often adopts a Markov process to model systems and DoS attacks to realize risk sensitive control [26], [59], [60]. After constructing a stochastic model(3), an exponential running cost is considered in [26], i.e.,

Using a stochastic model, Befekaduet al. [26] design an optimal control policy for a discrete-time partially observed system. Their policy is based on a chain of measure transformation techniques and dynamic programming, such that a recursive optimal control policy and the considered information-state can be transformed into a fully observable stochastic control problem.

A real CPS usually consists of multiple subsystems, which are deployed in a distributed manner. It increases attack surfaces, making it more frangible in security [61]. For example, communication channels among subsystems can suffer from different DoS attacks. The whole system can be severely affected even if only one channel is attacked. Such a security problem cannot be handled well by a centralized method since attack modes are different on each channel.Hence, an urgent study is demanded in order to develop distributed defense approaches for cyber attacks. Determining how to achieve a consensus for a distributed CPS under DoS attacks is handled in many studies, e.g., [62]?[64]. By introducing ak-connected graph, [62] designs a distributed event-triggered controller for a CPS under mode-switching DoS attacks. Yet, some negative effects may be generated on the system since the method adopts a continuous Lyapunov function, which can generate mismatched terms. To mitigate this problem, the controller is further combined with an extended Laplacian matrix to ensure the system consensus. A practical case is investigated in [65] that answers how to address a distributed secure platoon control issue for connected vehicles under DoS attacks. Based on a switched time-delay system model, the work [65] captures the attack phenomena and designs a distributed state feedback controller to make the system achieve desired performance.

In order to give a clear review, Table III is provided to summarize the above work in terms of: reference, target system, model type, attack type, methodologies, advantages and disadvantages.

Remark 2:In Table III, the disadvantage of many methods is constraints on DoS frequency and duration, such as [52],[55], [66]. It is derived from two assumptions established in[67]. They specify the type of DoS attacks by limiting its frequency and duration, such that they can be considered as a special attack model. They are shown next.

Given a sequence of DoS off/on transitions as {hn}n∈Nwithh0≥ 0, the sequence means time instants at which DoS exhibits a transition from zero (communication is possible) to one (communication is interrupted). We have

TABLE III SUMMARY OF RECENT DEFENSE WORK ON DOS ATTACK

IV. INTEGRITY ATTACK

Integrity attacks aim to destroy the data integrity of a CPS.They can be launched by altering or deleting sensor measurements and control decisions, or inserting incorrect data into them. In general, they are more subtle and difficult to be detected than availability attacks. The reason is that falsified data spreads through a sensor network in an epidemic way, leading to negative effects on systems [41]. Thus, more and more researchers pay attention to it. In this section, we discuss recent representative work on integrity attacks.

Note that integrity attacks are also known as deception attacks. To avoid any confusion, this work just uses integrity attacks.

A. Integrity Attack Strategies Against CPS

There are many results about integrity attack strategies.Some novel schemes are developed based on time-driven and event-driven system models.

1) Time-Driven System-Based Attack Strategies:Section II shows that a CPS is often modeled as an LTI system. For instance, Wuet al. [68] model a CPS as a continuous-time LTI system and design two optimal location switching strategies to implement false data injection attacks. However,their methods are limited by strong assumptions. For example,an attacker should have perfect knowledge about system parameters and state information, and the communication channel is perfect without any noise.

As most of the CPSs are equipped with an attack detector now, stealthiness of attacks should be considered [69], [70].Usually, an attack is considered stealthy if it cannot be detected by an attack detector. The feasibility of implementing a replay attack on a control system with a bad-data detector is discussed in [71] and [72]. Haoet al. [73] study sparse false data injection attacks in smart grids, where sparse stealthy attacks are proposed for two typical scenarios, i.e., random and target attacks. The former can compromise arbitrary measurements while the latter only alters specific state variables. Both types of attacks in [73] are stealthy, but random attacks are subject to a strong assumption, namely, no measurements are protected in the system.

Guoet al. [74] study a linear integrity attack on remote state estimation. They propose a new attack strategy as

Fig. 3. A closed-loop supervisory control system under attacks.

wherefk(·) is an arbitrary function. A criterion for judging whether an attack strategy can maximize estimation error is proposed to determine the strategy’s optimality.

It should be noticed that the above stealthy attacks all focus onχ2-detectors, i.e., they are not detected byχ2-detectors.However, detection techniques vary and are not limited toχ2-detectors [11], [76]. An attack strategy applicable toχ2-detectors may not be applicable to a CPS equipped with other detectors. Hence, stealthy attacks for other detectors are considered in [77]?[79]. A CPS equipped with a Kalman filter is considered in [80]. The Kullback-Leibler divergence is used to describe the stealthiness of attacks so that a necessary and sufficient condition for strict stealthy attack is proposed, i.e., a strict stealthy attack cannot result in an unbounded benefit.Both optimal and suboptimal attack strategies are studied in the paper. Finally, the authors provide a suboptimal strategy since the computational cost is usually too high to find an optimal one.

2) Event-Driven System-Based Attack Strategies:Attack issues in CPS have attracted the attention of researchers in the field of DES. A CPS can be characterized as a closed-loop supervisory control system as shown in Fig. 3. Integrity attacks against a DES are divided into three classes, i.e.,sensor, actuator, and general attacks. Sensor and actuator attacks are injected via sensor and actuator channels,respectively, while general ones are injected via both channels.

Now, we consider an automatonGin Fig. 2. Assume thatM= 3, thusX= {Clean,s1,s2,s3,Denial of service,Illegal access}, Σ = {Exploit1,Exploit2,Exploit3,Grant access,Deauthorize}. Since statesDenial of serviceandIllegal accessare undesirable, a supervisor is required to disable the occurrences of eventGrant accessat states3andDeauthorizeat stateClean. Suppose that an attackerAwants to induce the system into an undesirable state. For example, an event sequence {Grant access,Exploit1,Exploit2,Exploit3} is implemented and the system reaches states3. Such an event sequence is captured by sensors and sent to the supervisor.During this period,Aintercepts it and removes eventExploit3 from it, leading to a new sequence. As a result, the event sequence observed by the supervisor is {Grant access,Exploit1,Exploit2}. According to it, the supervisor believes that the system reaches states2and does not disable eventGrant access. Obviously, the system can reach a bad stateIllegal accesssince it is actually at states3. Such an attack modelAis common seen in the literature. The problem is determining how to get a well-defined attack model based on DES and under what conditions such a model exists. To solve the problem, Su [81] first introduces two concepts, i.e.,attackability and attack under bounded sensor reading alterations. Then, a finite state automaton is employed to describe an attack model that can intercept and alter sensor measurements. It shows that such a model exists if the system and its supervisor can be described by finite state automata. In[82], a structure called insertion-deletion attack (IDA) is established by modeling game-like interactions between a supervisor and the environment. IDA embeds all possible cases that some sensor events are modified by attackers without being noticed by a supervisor, thus realizing a stealthy attack. It is worth noting that system models used in [82] and[81] are automata.

Based on DES, another tool is also commonly used to study attacks, i.e., Petri nets. Liet al. [83] model a smart grid as a stochastic Petri net, where a smart grid is threatened by topology attacks and equipped with defense strategies.Topology attacks are coordinated attacks evolved from false data injection attacks. Liet al. [83] define two successful topology attacks and utilize Petri nets to capture behaviors of systems and such attacks.

B. Time-Driven System-Based Defense Strategies

There are many defense strategies to handle integrity attacks. They are divided into two parts: detection and secure control.

1) Attack Detection:Attack detection is an efficient way to protect CPS from serious damage. A detection method can identify occurrences of attacks such that warnings can be sent to an operator to take appropriate measures. Many methodologies are adopted to develop detection methods, such as state estimation,χ2-detector, fault detection, and watermarking-based methods.

State estimation is crucial to control systems and to defend from integrity attacks. Although many studies address integrity issues based on state estimation, most of them require such strong assumptions that their proposed methods cannot be put into practical use, such as absolute protection for sensor measurements [84]?[86]. In order to break this limitation, Denget al. [87] consider a more practical case, i.e.,whether a measurement can be modified by an attacker depends on the defense budget on corresponding devices.They propose a least-budget defense strategy based on a measurement residual-based estimator to address false data injection attacks on a power system. However, their method is applicable to a specific known attack only. It becomes ineffective if an attack is unknown. Thus, Geet al. [25] design distributed estimators based on Krein space to provide suitable residuals for attack detection. Then, a two-stage attack detection framework is developed to ensure that unknown attacks can be detected and identified by each estimator.

Equipping the system with filters to estimate states accurately is an effective way to deal with integrity attacks.Two classical filters often used in the literature are the Kalman filter [88]?[90] andH∞filter [91], [92]. For example,Mishraet al. [93] present an estimator based on a Kalman filter for a linear dynamic system under integrity attacks.Considering engineering reality, a distributedH∞filter is designed in [94] based on a round-robin protocol.H∞performance is ensured in this work such that security of a system is guaranteed under random integrity attacks.

It is worth noting that some assumptions are needed to apply Kalman andH∞filters. The former requires process and measurement noise to obey Gaussian distribution. The latter is only applicable to cases in which disturbances have bounded energy. Related methods cannot deal with practical cases that do not satisfy such assumptions. Hence, Maet al. [95] study a variance-constrained distributed filtering problem, where both integrity attacks and disturbances are considered as unknown but bounded signals. A sufficient condition and an optimization problem are proposed to determine filter parameters to realize a desired state estimation under attacks.Songet al. [96] consider a stochastic nonlinear system with integrity attacks and non-Gaussian noises, i.e.,

Remark 3:Integrity attacks mentioned in [25], [94], and [95]are false data injection attacks. Reference [93] considers sensor attacks where an unknown subset of sensors can be corrupted by attackers.

χ2-detectors are among the general tools to detect integrity attacks. They have the advantage of detecting bad or false data[17]. Moet al. [97] define a replay attack model that cannot be identified by classical detection strategies. They further propose some measures to optimize detection probability. In particular, a noise control method is proposed to improve detection performance at the cost of control performance.Rawat and Bajracharya [98] study attack detection based on aχ2-detector and cosine similarity matching in a smart grid communication system, where an attacker is assumed to have enough knowledge about system parameters. They reveal that the cosine similarity matching approach is more sensitive to false data injection attacks than aχ2-detector. Milo?evi?et al.[99] analyze bias injection attacks in a stochastic linear dynamic system, where aχ2-detector is used as a detector.Based on their analysis results, they propose a method to select sensors to mitigate the negative impact caused by an attack.

Fault detection and isolation (FDI) focuses on determining whether the behavior of an underlying process is correct or not. Since attacks often incur erroneous system behaviors, an FDI technique is widely used and extended to confirm the occurrence of an integrity attack. In general, the design of an FDI-based method involves two steps, state estimation and threshold design. The first issue is often addressed by introducing observers, such as unknown input observers(UIOs) [100], [101]. Based on state estimation, a residual is generated to compare a measurement with its estimate. It is used to design detection thresholds. In [100] and [101], a false data injection attack can be identified if a component of a set of residuals exceeds a predefined threshold. It should be pointed out that [101] adopts an adaptive threshold to improve the detection performance. However, this method may miss attacks since it is too difficult to compute such a threshold in practice. Thus, Wanget al. [102] design a novel approach based on a nonlinear interval observer. Their approach mitigates the computation of this threshold. To be precise,interval residuals are adopted as a detection criterion rather than the traditional residual evaluation function and threshold.

An undesirable situation has emerged with the widespread application of the above methods. Attackers may have enough knowledge about these methods such that their vulnerabilities can be exploited to launch attack. For example, many attack strategies can bypass aχ2-detector by utilizing its limitations,e.g., it fails to recognize attack signals that do not obey a Gaussian distribution [74], [103]. Moreover, the FDI technique needs to distinguish between attacks and faults to take appropriate countermeasures. It is possible for an attack to be disguised as a fault, preventing the system from detecting it and making correct decisions. Thus, it is a considerable issue to design new attack detection methods.

Combining watermarking techniques with existing detectors emerges to be a novel idea to identify integrity attacks. A watermarking is useful to protect data transmitted through a communication network by encrypting and decrypting it. Each innovation sequenceckis first processed at the sending side,i.e.,

As a result, a new secure module is composed of (19) and(21). References [104] and [105] combine this module with theχ2-detector and Kullback-Leibler (K-L) divergence detector, respectively. Their methods can determine whether the data has been modified or not. Furthermore, the proposed method in [105] method can identify stealthy attacks in [74]and [103] by selecting proper watermarking parameters. A strategy to find appropriate watermarking is proposed in[106], based on which, Nahaet al. develop the quickest detection method for a NCS under integrity attacks.

In addition to watermarking-based methods, new detection methods have been proposed. For instance, in [107], a finitetime memory fault detection filter is presented for randomly occurring integrity attacks in a nonlinear discrete system.Attack detection for a distributed CPS is considered in [108],where a new detector is proposed based on the latest updated data. The computational burden of this detector does not depend on the size of CPS. Thus, it has high scalability.

2) Secure Control:Usually, a detector just sends a warning to an operator once an attack is identified. The attack can still damage a system if the operator has no countermeasures or does not handle it in time. Secure control is required to guarantee the stability and safety of a system under attack.

The secure estimation and control problems for a discretetime linear system are studied in [109]. Reference [109]designs an attack-resilient state observer and an observerbased controller to figure out integrity attacks on sensors and actuators. Motivated by [109], Xie and Yang [110] focus on false data injection attacks on communication channels from a controller to an actuator. They first design a switched attackresilient observer and then present a supervisory switching strategy to guarantee attack-resilient performance. Such a method is effective to control a CPS under false data injection attacks. However, it may suffer from high computational complexity since it requires accurate state estimation.

In addition to false data injection attacks, a class of sparse attacks is studied in the work [111], [112]. Sparse sensor attack is able to tamper measurements of a subset of sensors in a feedback control loop. In [113], an event-triggered secure observer-based control scheme is proposed for a continuoustime CPS under actuator and sparse sensor attacks. It requires that the set of attacked channels remains unchanged. Hence, it may fail to handle cases that the set changes over time.

It is nontrivial to consider distributed secure control for a real industrial CPS, such as unmanned vehicle systems and power systems [114], [115]. For example, an attack-resilient cooperative control policy is developed in [116] for a power system to regulate the active power at a specific command.The policy contains an observation network to monitor all distributed generators and isolate the misbehaving one such that the rest can work properly. To enhance the resilience of an islanded microgrid to false data injection attacks, Bidramet al. [117] propose a control scheme based on a weighted mean subsequence reduced algorithm, which allows each distributed energy resource to neglect information altered by attackers. Such a mechanism is also employed in [118].Different from [117], [118] considers a multi-microgrid system as a multi-agent one, which is modeled as a weighted directed graph. A distributed resilient control approach is presented in [119] for multiple energy storage systems in an islanded microgrid, which is inspired by the adaptive resilient control of multiagent systems in [120], [121]. By introducing the adaptive technique, negative effects caused by attacks and faults can be compensated. Additionally, distributed state estimation and control problems are discussed in [122] for an interconnected CPS with sensor attacks. The first issue is addressed by designing a distributed preselectors and an observer, while the second one is resolved based on secure state estimation and a virtual fractional dynamic surface.

C. Event-Driven System-Based Defense Strategies

Similar to time-driven system-based methods, defense strategies based on DES can be classified into two categories:attack detection and secure control.

1) Attack Detection:Attack detection in DES is an intrusion detection module. A detection module is connected with the supervisor. It can observe same events as the supervisor does.Once an attack is detected, the module sends information to the supervisor, such that the system can be prevented from entering an unsafe state before the attack causes damage.

The problem of intrusion detection and prevention is studied in [123] for supervisory control systems. After designing a mathematical model for a system under attacks, a defense method is proposed to detect actuator enablement attacks online. This work is further extended in [124], where both attacks on sensors and actuators are considered, including actuator enablement attacks, disablement ones, sensor erasure attacks and insertion ones. However, the methods in [123] and[124] disable all controllable events once an attack is detected,which may lead to unnecessary loss of resources. To deal with this problem, new detection methods are developed in[125]?[127], which disable all controllable events only when their occurrence would allow an attack to damage a system. In particular, [125] proposes an automaton model and a supervisor for a close loop system under man-in-the-middle attacks. A property named NA-Safe controllability is introduced to describe safe controllability under attacks. This property provides a sufficient and necessary condition to determine whether an intrusion detection module exists. Limaet al. [127] extend this work. They demonstrate the correctness of NA-Safe controllability and show how to implement a security module against attacks in the communication channels of a CPS.

2) Secure Control:As attackers induce the system into an undesirable state, a general idea to implement secure control is to model a CPS as a DES first. Then, we design a control specification to disable all the undesirable states. Finally, a corresponding supervisor is obtained to prevent them from being reachable under attacks.

As mentioned before, Su [81] proposes an integrity attack model, called ABSRA. On the basis of the knowledge for ABSRA model, he further designs a synthesis algorithm to compute a robust supervisor that ensures any ABSRA is either detectable or inflicts no damage to a system. Note that the work [81] is motivated by that in [124]. The difference between them is that the former aims to detect attacks online,thereby requiring real-time fault diagnosis, while the latter does not require real-time detection but a prior knowledge of attack models.

Wakaikiet al. [29] study DES with multiple attacks. They address how to design a supervisor to enforce a specified language for unknown attacks and regardless of the attackers’action. To solve it, they propose a new concept, termed observability, which is a stronger version of the traditional one and shows the observability of a prefix-closed language under an attack. Based on it, an algorithm is designed to generate desired supervisors for a special attack, called output-symbol attack, which can alter output string symbols from a given set.

Meira-Góeset al. [128] model an underlying uncontrollable system as a discrete transition system, where sensor readings are represented as a set of finite observable events. An augmented model is then derived by adding an attacker to the original one, such that incorrect information can be sent to the system. The system may reach an undesirable state once receiving wrong information. Thus, control specification in[128] focuses on preventing certain bad states from being reachable. Thus, the problem of defending integrity attacks can be converted into a DES supervisory control problem.

A common limitation of above methods [29], [81], [128] is that only one robust supervisor can be provided each time for a specific attack. It affects their efficiency in handling real-life applications where multiple attacks appear. Hence, a framework is proposed in [129] to improve their efficiency,where robust supervisors are synthesized for general sensor attacks based on automaton and game theory. Given a system under attack, the proposed framework [129] embeds all robust supervisors for it, including supervisors obtained by methods in [29], [81], [128]. For different attacks, different supervisors can be extracted in the framework to defend them.

Note that the modeling tool utilized in the aforementioned methods [29], [81], [128], [129] is automata. Apart from automata, some approaches are developed based on Petri nets.For instance, Youet al. [130] study sensor attacks based on Petri nets by considering a special property, i.e., liveness.Liveness is an important dynamic behavior of a system that is the basis for it to work properly. They first design a supervisor to enforce liveness for a bounded Petri net without attacks.Then, they propose a basic supervisor under sensor attacks.Such a basic supervisor ensures that states forbidden in the first step cannot be reached, thus liveness of the system can be guaranteed under attacks. The four types of attacks in [124],i.e., actuator enablement attacks, disablement ones, sensor erasure attacks and insertion ones, are studied in [27] based on labeled Petri nets. They design different supervisors for sensor and actuator attacks under different premises. For the former,given two feasible transition sequences with same observation, their one-step controllable extensions should violate or satisfy a specification. For the latter, attacks can be detected and controllable transitions can be disabled before reaching undesirable states.

DES-based methods have the advantage of intuitiveness,stability and robustness. However, most of them assume that an attack model is given or we have prior knowledge about it.In addition, most methods suffer from high computational complexity. For example, supervisor synthesis [81] is NP-hard and algorithms in [27], [29], [128] and [130] are of exponential complexity.

Table IV is provided to summarize recent advances on defense strategies in terms of references, target systems,model types, attack types, strategies, methodologies, pros and cons. It is worth noting that pros and cons of each method in Tables III and IV are derived from its unique feature or application scope rather than experimental results. In fact, it remains difficult and challenging to evaluate existing methods in a uniform framework due to different assumptions and configurations needed by them.

V. CONFIDENTIALITY ATTACK

In this section, we introduce relevant wor k about confidentiality attacks on CPS, which relates to falsification and theft of secret information. However, little research has been performed to address this issue. A main reason is that confidentiality attacks are rather complicated and often involve availability and integrity attacks. For example, a secret key of confidential information can be inferred by a fault injection attack [131], [132]. Jianget al. [30] focus on a distributed CPS under fault injection attacks and study fault detection design problem to meet the confidentiality-critical and real-time requirements. A secondary reason is that availability and integrity attacks belong to active attacks while confidentiality ones are more like passive attacks [13]. To be precise, availability and integrity attacks aim at damaging a system directly while confidentiality ones aim at stealing system information. The latter are more benign than the former.

A typical confidentiality attack is eavesdropping.Confidential information can be stolen by eavesdropping oncommunications between sensors and controllers. Many methodologies have been adopted to protect CPS under eavesdropping attacks, such as data encryption [133]?[135],transmission strategy [136], and observer-based method[137]?[139]. On the basis of system observability, Yanget al.[31] perform a security analysis for a CPS under eavesdropping attacks. It provides a condition under which an attacker can successfully eavesdrop on a networked system.

TABLE IV SUMMARY OF RECENT DEFENSE WORK ON INTEGRITY ATTACK

A concept, named opacity, has attracted researcher’s attention recently [140]?[142]. Opacity is a cyber-security property related to the confidentiality and privacy of a CPS. A system is said to be opaque if attackers cannot infer the secret of a system based on their observations, where attackers are often assumed to have full information about the system structure but just partial observability. Opacity can be used to verify the security of a CPS. For example, Yin and Li [143]consider confidentiality of a networked supervisory control system with insecure control channels, i.e., control decisions sent by supervisors can be eavesdropped by an attacker. They consider two transmission mechanisms, event-based transmission and decision-based transmission. The former means that a supervisor always sends the latest control decision once a new event is observed, while the latter sends a new decision when it is different from the previous one. Two types of opacities are developed in [143] for the two transmission mechanisms. They both require that for two strings that one reaches a secret state and another reaches a non-secret one, the supervisor can generate a same decision history for them.Therefore, secret states cannot be inferred by an attacker.

As the confidentiality of a system can be verified by using opacity, an interesting idea emerges to deal with confidentiality attacks. Assume that a CPS is vulnerable to a confidentiality attack, we can then make the confidential information opaque to attackers such that they are unable to destroy system confidentiality [144]. Defending confidentiality attacks with opacity has emerged in recent years and some issues remain to be addressed, such as high complexity [145].

VI. CONCLUSION AND FUTURE RESEARC H

The highly integrated feature allows CPS to be widely used in modern industry while exposes it to the threat of cyber attacks. It is a ubiquitous but crucial security problem that has gained increasing attention. This paper summarizes recent studies related to availability, integrity and confidentiality attacks. Especially for the first two attacks, we investigate attack and defense strategies based on different models and methodologies. Although various methodologies and techniques are adopted to deal with this problem, none of them is omnipotent. Furthermore, changing technologies and market requirements result in more challenges to their application. According to the survey of recent developments,we provide some open issues and challenges as follows.

1) Determining How to Defend Against Advanced Attacks:

Cyber attacks are evolving rapidly with updating technologies.Attackers tend to launch advanced attacks to increase their success rate. For example, both DoS and integrity attacks can be launched on a CPS in a random way to enable stealthiness and avoid detection. Although some researchers have noticed this issue [146]?[148], the research results are relatively few.In addition, Table I shows some attack events in recent years,one of which we should pay attention to is ransomware attack.It is an attack that prevents or limits users from accessing their files and systems [149], [150]. Such attacks not only damage availability and confidentiality of a system, but also cause significant economic losses. Especially during COVID-19,many medical CPS and factories are attacked by ransomware,resulting in serious consequences. Therefore, effectively defending advanced attacks on CPS is a challenging but practical issue that deserves more attention.

2) Determining How to Defend Against Stealthy Attacks:In Section IV, we introduce the work on stealthy attacks since it is a current trend to study cyber attack. It is easy to find that these efforts focus on designing stealthy attacks rather than preventing them. They provide us with insight into possible attacks while also facilitate attackers. If a stealthy attack strategy is implemented on a system while we have no countermeasures, it can cause a worse consequence since it cannot be detected. Thus, it is worth considering how to defend against stealthy attacks effectively.

3) Determining How to Defend Against Confidentiality Attacks:Compared with availability and integrity attacks,fewer studies have been presented for confidentiality attacks on CPS. There remains much room to study this topic since privacy safety and protection have attracted much attention in recent years.

4) Determining How to Resolve a Partial Issue:“Partial issue”, namely, partial information, knowledge or observability, has always been a challenging problem in this field. In most literature, attack strategies are developed on a premise that an attacker has full knowledge or observability about a system. The same is true for defense strategies, i.e., full information about system states or attack models is required.Such premises greatly limit their application since attacks are often unknown and the system may not always be fully observable in practice. It is essential to study attacks under this “partial issue” as it determines whether a method can be applied to real systems.

5) Determining How to Conduct Appropriate Parameter Design and Performance Evaluation:Performance of most methods is dependent on key parameters, such as detection thresholds and control parameters. However, a perfect parameter value does not exist in most cases. For a parameter,a value that maximizes one performance may degrade another.For example, [25] shows that a detection threshold with zero false alarm can result in low detection efficiency. An appropriate parameter design needs to be considered in existing studies. As different parameter designs lead to different performance, some methods try to find a trade-off between them, while others may sacrifice one performance to optimize another. It is difficult to evaluate all the methods in a uniform context. We lack a tool to indicate their strengths and weaknesses. Hence, providing an appropriate performance analysis for existing methods is a considerable issue.

6) Determining How to Realize Practical Applications:The applications of existing theory and model-based methods remain a challenging issue. To mitigate this, technical factors and barriers are discussed in several studies [117], while concrete engineering implementations are still missing.Moreover, studies on industrial CPSs are not sufficient.Although many methods are proposed for power systems and microgrids, most of them require too-strong assumptions, e.g.,system dynamics should be simple and systems should work perfectly, which are unlikely for most real-world industrial CPSs. Only little work has been done for complex or faultprone systems. It should be pointed out that there remains a deep gap between theoretical results and practical applications.To fill it, many researchers try to combine model-based methods with computer science, such as the work in [151]. It indicates a promising trend to realize highly desired practical applications. Yet, it is still an ongoing investigation.