Elucidating the barriers in estimating false data injection attacks in process control systems

IF 3.7 3区工程技术 Q2 ENGINEERING, CHEMICAL

Chemical Engineering Research & Design Pub Date : 2025-06-05 DOI:10.1016/j.cherd.2025.05.041

Aatam Gajjar, Nael H. El-Farra, Matthew J. Ellis

{"title":"Elucidating the barriers in estimating false data injection attacks in process control systems","authors":"Aatam Gajjar, Nael H. El-Farra, Matthew J. Ellis","doi":"10.1016/j.cherd.2025.05.041","DOIUrl":null,"url":null,"abstract":"<div><div>Process control systems (PCSs) ensure efficient, safe, and high-quality chemical production. However, their growing reliance on communication networks increases vulnerability to cyberattacks, such as false data injection attacks (FDIAs). FDIAs modify data transferred over the PCS communication links. Addressing FDIAs requires detecting their presence, estimating their parameters, and mitigating their impact. This study examines the identifiability of FDIA parameters—precisely, the ability to estimate these parameters using observable process data. We present cases where attack parameters cannot be uniquely determined from observed data and assess their implications for attack estimation. First, we consider the case when the attack’s impact is indistinguishable from process disturbances or measurement noise. Second, we consider the case when the relationship between the observed data and the attack parameter values is not unique. Both cases result in a lack of identifiability in the attack parameter values from the process data. While the former is tied to inherent process and attack properties, the latter can be addressed using longer observation windows in estimation schemes. We explore these issues through different estimators and demonstrate their impact using a process example. Despite these challenges, we also present scenarios where accurate FDIA estimates can be achieved. Finally, we apply one of the estimators to a chemical process under simultaneous additive and multiplicative FDIAs, showcasing its effectiveness and validating its ability to estimate attack parameters accurately.</div></div>","PeriodicalId":10019,"journal":{"name":"Chemical Engineering Research & Design","volume":"219 ","pages":"Pages 181-197"},"PeriodicalIF":3.7000,"publicationDate":"2025-06-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Chemical Engineering Research & Design","FirstCategoryId":"5","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0263876225002746","RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"ENGINEERING, CHEMICAL","Score":null,"Total":0}

引用次数: 0

Abstract

Process control systems (PCSs) ensure efficient, safe, and high-quality chemical production. However, their growing reliance on communication networks increases vulnerability to cyberattacks, such as false data injection attacks (FDIAs). FDIAs modify data transferred over the PCS communication links. Addressing FDIAs requires detecting their presence, estimating their parameters, and mitigating their impact. This study examines the identifiability of FDIA parameters—precisely, the ability to estimate these parameters using observable process data. We present cases where attack parameters cannot be uniquely determined from observed data and assess their implications for attack estimation. First, we consider the case when the attack’s impact is indistinguishable from process disturbances or measurement noise. Second, we consider the case when the relationship between the observed data and the attack parameter values is not unique. Both cases result in a lack of identifiability in the attack parameter values from the process data. While the former is tied to inherent process and attack properties, the latter can be addressed using longer observation windows in estimation schemes. We explore these issues through different estimators and demonstrate their impact using a process example. Despite these challenges, we also present scenarios where accurate FDIA estimates can be achieved. Finally, we apply one of the estimators to a chemical process under simultaneous additive and multiplicative FDIAs, showcasing its effectiveness and validating its ability to estimate attack parameters accurately.

查看原文本刊更多论文

分析过程控制系统中假数据注入攻击评估的障碍

过程控制系统（pcs）确保高效、安全、高质量的化工生产。然而，他们对通信网络的日益依赖增加了对网络攻击的脆弱性，例如虚假数据注入攻击（FDIAs）。fdia修改通过PCS通信链路传输的数据。处理外商直接投资需要检测它们的存在，估计它们的参数，并减轻它们的影响。本研究考察了FDIA参数的可识别性——准确地说，是利用可观察到的过程数据估计这些参数的能力。我们提出了攻击参数不能从观测数据中唯一确定的情况，并评估了它们对攻击估计的影响。首先，我们考虑攻击的影响与过程干扰或测量噪声无法区分的情况。其次，我们考虑了观测数据与攻击参数值之间的关系不唯一的情况。这两种情况都会导致过程数据中的攻击参数值缺乏可识别性。虽然前者与固有的过程和攻击属性有关，但后者可以在估计方案中使用更长的观察窗口来解决。我们通过不同的估计器来探讨这些问题，并使用一个过程示例来演示它们的影响。尽管存在这些挑战，我们也提出了可以实现准确FDIA估计的方案。最后，我们将其中一个估计器应用于同时存在加性和乘性fdia的化学过程中，证明了它的有效性，并验证了它准确估计攻击参数的能力。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Chemical Engineering Research & Design 工程技术-工程：化工

CiteScore

6.10

自引率

7.70%

发文量

623

审稿时长

42 days

期刊介绍： ChERD aims to be the principal international journal for publication of high quality, original papers in chemical engineering. Papers showing how research results can be used in chemical engineering design, and accounts of experimental or theoretical research work bringing new perspectives to established principles, highlighting unsolved problems or indicating directions for future research, are particularly welcome. Contributions that deal with new developments in plant or processes and that can be given quantitative expression are encouraged. The journal is especially interested in papers that extend the boundaries of traditional chemical engineering.