Network steganography based security framework for cyber-physical systems

This paper proposes a novel network steganography (NS) based security framework to ensure the security operation of the cyber-physical systems (CPSs). Firstly, a new covert channel is established to conceal the existence of the secret data exchange by exploiting the dynamical system’s measurements with no extra communication overhead. The covert channel evades the imperceptible and statistical detections in an effective manner. Next, combining covert transmission with data consistency, a data-based attack detection methodology is explored, which is capable of detecting a broad class of cyber-attacks and differs from the existing detection methods that enhance detection performance by degrading system performance or adding redundant systems. Then, combining covert transmission with simple linear encryption, an eavesdropping defense methodology is proposed, which guarantees that the authorized user’s estimation performance is optimal and renders the eavesdropper’s error covariance unbounded. Moreover, the detection and defense methods take small memory and computational overhead of the embedded system, which ensures the ease of implementation in real-world systems. Finally, the effectiveness of the proposed security framework is demonstrated by a proof-of-concept implementation on a CPS prototype called permanent magnet synchronous machine (PMSM) monitoring system.