Securing Remote State Estimation against Sequential Logic Attack of Sensor Data

Abstract

The SCADA system, which is widely used in the continuous monitoring and control of the physical process of modern critical infrastructure, relies on the feedback control loop. The remote state estimation system triggers the control algorithm or control condition of the controller according to the monitoring data returned by the sensor. The controller sends the control command to the actuator, and the actuator executes the command to control the physical process. Since SCADA system monitoring and control data are usually transmitted through unprotected wireless communication networks, attackers can use false sensor data to trigger control algorithms to make wrong decisions, disrupt the physical processing of the SCADA system, and cause huge economic losses, even casualties. We found an attack strategy based on the sequential logic of sensor data. This kind of attack changes the time logic or sequence logic of the response data, so that the false data detector can be successfully deceived. This would cause the remote state estimation system to trigger wrong control algorithms or control conditions, and eventually disrupt or destroy the physical process. This paper proposes a sequential signature scheme based on the one-time signature to secure the sequential logic and transmission of sensor data. The security analysis proves that the proposed scheme can effectively resist counterfeiting, forgery, denial, replay attacks, and selective forwarding attacks.