An efficient MQTT framework for control and protection of networked cyber-physical systems

Utku Ozgur; Harikrishnan T. Nair; Aditya Sundararajan; Kemal Akkaya; Arif I. Sarwat

doi:10.1109/CNS.2017.8228674

An efficient MQTT framework for control and protection of networked cyber-physical systems

Utku Ozgur, Harikrishnan T. Nair, Aditya Sundararajan, Kemal Akkaya, Arif I. Sarwat

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

15 Scopus citations

Abstract

As more components of Cyber-Physical Systems (CPSes) get interconnected, their protection becomes imperative. For instance, Networked CPSes (NCPSes) which consist of multiple CPSes have greater attack surfaces given the added communication layer among member CPSes, and the inter-dependency between their physical and cyber subsystems. In particular, an attack on one subsystem may affect both. While there are many studies for CPS attack mitigations, NCPS attack scenarios were under-explored due to limitations of testbed development capabilities. To address this need, in this paper, an NCPS environment comprising two remote, identical IEEE 9-bus CPS testbeds is created. It is connected over a unique framework that uses Message Queueing Telemetry Transport (MQTT) protocol for secure communication. One CPS, called the 'controlling' testbed, provides relay settings for the other CPS which is called the 'controlled' testbed. To analyze the attack behaviors, at the communication level, message integrity, delay and packet drop attacks are conducted on this controlled testbed. These attacks trip the testbed's relays, triggering four coordinated, sequential scenarios at both cyber and physical subsystems that ultimately result in cascading failures. The paper's primary contribution lies in demonstrating the feasibility of coordinated cyber-physical attacks on a NCPS, and evaluating the proposed communication framework under such scenarios. The experiment results indicate that NCPS brings advantages in detecting and mitigating known attacks to CPSes.

Original language	English
Title of host publication	2017 IEEE Conference on Communications and Network Security, CNS 2017
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	421-426
Number of pages	6
ISBN (Electronic)	9781538606834
DOIs	https://doi.org/10.1109/CNS.2017.8228674
State	Published - Dec 19 2017
Externally published	Yes
Event	2017 IEEE Conference on Communications and Network Security, CNS 2017 - Las Vegas, United States Duration: Oct 9 2017 → Oct 11 2017

Publication series

Name	2017 IEEE Conference on Communications and Network Security, CNS 2017
Volume	2017-January

Conference

Conference	2017 IEEE Conference on Communications and Network Security, CNS 2017
Country/Territory	United States
City	Las Vegas
Period	10/9/17 → 10/11/17

Funding

The material published is a result of the research supported by the U.S. National Science Foundation under the grant CPS-1446570.

Access to Document

10.1109/CNS.2017.8228674

Cite this

Ozgur, U., Nair, H. T., Sundararajan, A., Akkaya, K., & Sarwat, A. I. (2017). An efficient MQTT framework for control and protection of networked cyber-physical systems. In 2017 IEEE Conference on Communications and Network Security, CNS 2017 (pp. 421-426). (2017 IEEE Conference on Communications and Network Security, CNS 2017; Vol. 2017-January). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/CNS.2017.8228674

Ozgur, Utku ; Nair, Harikrishnan T. ; Sundararajan, Aditya et al. / An efficient MQTT framework for control and protection of networked cyber-physical systems. 2017 IEEE Conference on Communications and Network Security, CNS 2017. Institute of Electrical and Electronics Engineers Inc., 2017. pp. 421-426 (2017 IEEE Conference on Communications and Network Security, CNS 2017).

@inproceedings{c8146ce38a2c45fea16bf7ca5d4c5f72,

title = "An efficient MQTT framework for control and protection of networked cyber-physical systems",

abstract = "As more components of Cyber-Physical Systems (CPSes) get interconnected, their protection becomes imperative. For instance, Networked CPSes (NCPSes) which consist of multiple CPSes have greater attack surfaces given the added communication layer among member CPSes, and the inter-dependency between their physical and cyber subsystems. In particular, an attack on one subsystem may affect both. While there are many studies for CPS attack mitigations, NCPS attack scenarios were under-explored due to limitations of testbed development capabilities. To address this need, in this paper, an NCPS environment comprising two remote, identical IEEE 9-bus CPS testbeds is created. It is connected over a unique framework that uses Message Queueing Telemetry Transport (MQTT) protocol for secure communication. One CPS, called the 'controlling' testbed, provides relay settings for the other CPS which is called the 'controlled' testbed. To analyze the attack behaviors, at the communication level, message integrity, delay and packet drop attacks are conducted on this controlled testbed. These attacks trip the testbed's relays, triggering four coordinated, sequential scenarios at both cyber and physical subsystems that ultimately result in cascading failures. The paper's primary contribution lies in demonstrating the feasibility of coordinated cyber-physical attacks on a NCPS, and evaluating the proposed communication framework under such scenarios. The experiment results indicate that NCPS brings advantages in detecting and mitigating known attacks to CPSes.",

author = "Utku Ozgur and Nair, \{Harikrishnan T.\} and Aditya Sundararajan and Kemal Akkaya and Sarwat, \{Arif I.\}",

note = "Publisher Copyright: {\textcopyright} 2017 IEEE.; 2017 IEEE Conference on Communications and Network Security, CNS 2017 ; Conference date: 09-10-2017 Through 11-10-2017",

year = "2017",

month = dec,

day = "19",

doi = "10.1109/CNS.2017.8228674",

language = "English",

series = "2017 IEEE Conference on Communications and Network Security, CNS 2017",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "421--426",

booktitle = "2017 IEEE Conference on Communications and Network Security, CNS 2017",

}

Ozgur, U, Nair, HT, Sundararajan, A, Akkaya, K & Sarwat, AI 2017, An efficient MQTT framework for control and protection of networked cyber-physical systems. in 2017 IEEE Conference on Communications and Network Security, CNS 2017. 2017 IEEE Conference on Communications and Network Security, CNS 2017, vol. 2017-January, Institute of Electrical and Electronics Engineers Inc., pp. 421-426, 2017 IEEE Conference on Communications and Network Security, CNS 2017, Las Vegas, United States, 10/9/17. https://doi.org/10.1109/CNS.2017.8228674

An efficient MQTT framework for control and protection of networked cyber-physical systems. / Ozgur, Utku; Nair, Harikrishnan T.; Sundararajan, Aditya et al.
2017 IEEE Conference on Communications and Network Security, CNS 2017. Institute of Electrical and Electronics Engineers Inc., 2017. p. 421-426 (2017 IEEE Conference on Communications and Network Security, CNS 2017; Vol. 2017-January).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - An efficient MQTT framework for control and protection of networked cyber-physical systems

AU - Ozgur, Utku

AU - Nair, Harikrishnan T.

AU - Sundararajan, Aditya

AU - Akkaya, Kemal

AU - Sarwat, Arif I.

PY - 2017/12/19

Y1 - 2017/12/19

N2 - As more components of Cyber-Physical Systems (CPSes) get interconnected, their protection becomes imperative. For instance, Networked CPSes (NCPSes) which consist of multiple CPSes have greater attack surfaces given the added communication layer among member CPSes, and the inter-dependency between their physical and cyber subsystems. In particular, an attack on one subsystem may affect both. While there are many studies for CPS attack mitigations, NCPS attack scenarios were under-explored due to limitations of testbed development capabilities. To address this need, in this paper, an NCPS environment comprising two remote, identical IEEE 9-bus CPS testbeds is created. It is connected over a unique framework that uses Message Queueing Telemetry Transport (MQTT) protocol for secure communication. One CPS, called the 'controlling' testbed, provides relay settings for the other CPS which is called the 'controlled' testbed. To analyze the attack behaviors, at the communication level, message integrity, delay and packet drop attacks are conducted on this controlled testbed. These attacks trip the testbed's relays, triggering four coordinated, sequential scenarios at both cyber and physical subsystems that ultimately result in cascading failures. The paper's primary contribution lies in demonstrating the feasibility of coordinated cyber-physical attacks on a NCPS, and evaluating the proposed communication framework under such scenarios. The experiment results indicate that NCPS brings advantages in detecting and mitigating known attacks to CPSes.

AB - As more components of Cyber-Physical Systems (CPSes) get interconnected, their protection becomes imperative. For instance, Networked CPSes (NCPSes) which consist of multiple CPSes have greater attack surfaces given the added communication layer among member CPSes, and the inter-dependency between their physical and cyber subsystems. In particular, an attack on one subsystem may affect both. While there are many studies for CPS attack mitigations, NCPS attack scenarios were under-explored due to limitations of testbed development capabilities. To address this need, in this paper, an NCPS environment comprising two remote, identical IEEE 9-bus CPS testbeds is created. It is connected over a unique framework that uses Message Queueing Telemetry Transport (MQTT) protocol for secure communication. One CPS, called the 'controlling' testbed, provides relay settings for the other CPS which is called the 'controlled' testbed. To analyze the attack behaviors, at the communication level, message integrity, delay and packet drop attacks are conducted on this controlled testbed. These attacks trip the testbed's relays, triggering four coordinated, sequential scenarios at both cyber and physical subsystems that ultimately result in cascading failures. The paper's primary contribution lies in demonstrating the feasibility of coordinated cyber-physical attacks on a NCPS, and evaluating the proposed communication framework under such scenarios. The experiment results indicate that NCPS brings advantages in detecting and mitigating known attacks to CPSes.

UR - https://www.scopus.com/pages/publications/85046699035

U2 - 10.1109/CNS.2017.8228674

DO - 10.1109/CNS.2017.8228674

M3 - Conference contribution

AN - SCOPUS:85046699035

T3 - 2017 IEEE Conference on Communications and Network Security, CNS 2017

SP - 421

EP - 426

BT - 2017 IEEE Conference on Communications and Network Security, CNS 2017

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 2017 IEEE Conference on Communications and Network Security, CNS 2017

Y2 - 9 October 2017 through 11 October 2017

ER -

Ozgur U, Nair HT, Sundararajan A, Akkaya K, Sarwat AI. An efficient MQTT framework for control and protection of networked cyber-physical systems. In 2017 IEEE Conference on Communications and Network Security, CNS 2017. Institute of Electrical and Electronics Engineers Inc. 2017. p. 421-426. (2017 IEEE Conference on Communications and Network Security, CNS 2017). doi: 10.1109/CNS.2017.8228674

An efficient MQTT framework for control and protection of networked cyber-physical systems

Abstract

Publication series

Conference

Funding

Access to Document

Other files and links

Fingerprint

Cite this