Detection and Mitigation of Time Delay Injection Attacks on Industrial Control Systems with PLCs.

National security agencies are increasingly concerned about cyber threats to Industrial Control Systems (ICS). For this reason, the detection and mitigation of cyber-attacks on ICS, as well as addressing the consequences of these attacks, are extensively researched. This paper describes the efforts of the cyber research team at Binghamton University that created an experimental cyber research testbed, designed as a power station equipped with low-watt electric machinery and industrial control and sensory systems, common in modern ICS. This paper presents a comprehensive study of time delay injection attacks on networked control systems, in which an attacker injects extra time delays into the feedback and forward channels of control systems. These attacks enable the adversary to interfere with the control system and create system instability, causing anomalous operational regimes and potentially forcing the system to crash. A technology based on an online recursive estimation of network time delays is proposed and validated by simulation studies and experiments on the testbed to mitigate any time delay injection attacks.