Abstract
Resilient operation of cyber-physical infrastructures in adversarial environments requires: 1) toughness: maintenance of core crucial sub-functionalities despite ongoing intrusions and 2) elasticity: recovery of the normal system operation in a timely manner. Put in other words, it does not require unrealistic assumptions about absolute preventative protection of complex cyber-physical platforms that would disable any type of malicious penetration and damage against the physical plant at the first place. Instead, resilience is based on the assumption that a sophisticated intrusion may succeed to evade the deployed protection and runtime detection mechanisms and impact the underlying system services and assets partially (except the core sub-functionalities). The resilient system fights back through reactive and proactive intrusion tolerance mechanisms to respond to ongoing misbehaviors and recover the affected system services and components within a reasonable time interval. In this paper, we present a formal definition of resilience and assessment metric for resilience. Our resilience metric quantifies the ability of the system to recover from an attack provided the attack is discovered within a fixed time interval, as well as the cost of recovery. We analyze the metric properties for linear systems and linear systems with actuator saturation. We then formulate cyber defense policies that ensure the resilience conditions are satisfied and validate our approach using a power system case study.
| Original language | English |
|---|---|
| Article number | 8118199 |
| Pages (from-to) | 1671-1684 |
| Number of pages | 14 |
| Journal | IEEE Transactions on Smart Grid |
| Volume | 10 |
| Issue number | 2 |
| DOIs | |
| State | Published - Mar 2019 |
Keywords
- Cyber security
- Cyber-physical systems
- Intrusion resilience