Identifying Near-Optimal Single-Shot Attacks on ICSs with Limited Process Knowledge

Herson Esquivel-Vargas*, John Henry Castellanos, Marco Caselli, Nils Ole Tippenhauer, Andreas Peter

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

36 Downloads (Pure)


Industrial Control Systems (ICSs) rely on insecure protocols and devices to monitor and operate critical infrastructure. Prior work has demonstrated that powerful attackers with detailed system knowledge can manipulate exchanged sensor data to deteriorate performance of the process, even leading to full shutdowns of plants. Identifying those attacks requires iterating over all possible sensor values, and running detailed system simulation or analysis to identify optimal attacks. That setup allows adversaries to identify attacks that are most impactful when applied on the system for the first time, before the system operators become aware of the manipulations. In this work, we investigate if constrained attackers without detailed system knowledge and simulators can identify comparable attacks. In particular, the attacker only requires abstract knowledge on general information flow in the plant, instead of precise algorithms, operating parameters, process models, or simulators. We propose an approach that allows single-shot attacks, i.e., near-optimal attacks that are reliably shutting down a system on the first try. The approach is applied and validated on two use cases, and demonstrated to achieve comparable results to prior work, which relied on detailed system information and simulations.
Original languageEnglish
Title of host publicationApplied Cryptography and Network Security 2022
Subtitle of host publication20th International Conference, ACNS 2022
EditorsGiuseppe Ateniese, Daniele Venturi
Place of PublicationRome, Italy
Number of pages23
Publication statusPublished - 18 Jun 2022
Event20th International Conference on Applied Cryptography and Network Security, ACNS 2022 - Rome, Italy
Duration: 20 Jun 202223 Jun 2022
Conference number: 20


Conference20th International Conference on Applied Cryptography and Network Security, ACNS 2022
Abbreviated titleACNS


  • n/a OA procedure


Dive into the research topics of 'Identifying Near-Optimal Single-Shot Attacks on ICSs with Limited Process Knowledge'. Together they form a unique fingerprint.

Cite this