1.4 KiB
Executable File
1.4 KiB
Executable File
--- tags:
- Ideas --- ## What are we doing: Remember when Lance was talking about his monitor that would read a control system to see if a cyber-attack was taking place? This is in that vein. The idea that I'm thinking of is that to tell if a control system is compromised, we should be able to look at the dynamics of the system to know if an attack is happening. A couple thoughts:
- Sensor integrity: If we have a monitor that is an observer,
this monitor should be able to know when the plant is diverging
from what it would expect based on sensor values and it's model
of the plant. When the error signal has a higher magnitude than
expected, this is a sure fire sign that something might be wrong.
- This is sensitive to maintenance problems however.
- Monitor must be using data diodes and not connected to any outside sources.
- A secondary, redundant control system: Assuming the perpetrator is tampering with signals, activate a secondary control system that a) latches the first system out of its control authority, and b) operates a safety shutdown mode. This controller doesn't need to be super fancy - it just needs to prevent damage. ## Why are we doing this: This seems like a fun way to integrate control system math with cybersecurity. This is somewhat a more CIE topic, but actually does address some cybersecurity issues. This could also be implemented using KOs and the protected domains. ## Other details: