Investigating the Effect of Network Parameters on Coordinated Cyber Attacks against a Simulated Power Plant

The fact that modern Networked Industrial Control Systems (NICS) depend on Information and Communication Technologies (ICT), is well known. Although many studies have focused on the security of these systems, today we still lack the proper understanding of the effects that cyber attacks have on NICS. In this paper we use our previously developed framework to study the effects of network parameters, i.e. delay, packet losses and background traffic, on coordinated cyber attacks against NICS. Coordinated attacks rely on several infected hosts to disrupt the normal functionality of the system. Within the context of NICS we consider multiple infected control hardware, a highly similar setting to the recently reported Stuxnet worm, the first malware specifically designed to attack NICS. Furthermore, we assume that the coordinator is located outside the system, in the Internet, from where it launches attacks by sending packets to each infected control hardware. The main goal of the attacker is to bring the physical process into a critical state, i.e. dangerous, or more generally unwanted state of the system. For the physical process we used the Boiling Water Power Plant (BWPP) model developed by Bell and Åström.