Cyber-Security of Water Distribution Systems: Attacks’ Detection Algorithms and Policy Implications

PIs: Prof. Ofira Ayalo, Dr. Mashor Housh. 

Research Students: Ms. Noy Kadosh, Ms. Naama Shapira. 

Modern infrastructure systems are often controlled by Supervisory Control and Data Acquisition (SCADA) system and Programmable Logic Controllers (PLCs). As such, with the SCADA becoming a central component of WDSs, these systems can be subjected to cyber and cyber-physical attacks. For example, shutting/opening valves or pumps which might risk the water supply, damage equipment, or even inject chemicals (chlorine, fluoride, etc.) above desirable limits.
We propose to develop a specially tailored algorithm for identifying cyber-attacks based on detailed hydraulic understanding of the WDS combined with a machine learning event detection system for identification of complex cyber-attacks that cannot be fully identified by the hydraulic based rules alone. As such, this algorithm will utilize the unique characteristics of the WDS (e.g. hydraulic laws) as opposed to a straightforward application of anomaly detection methodologies. This research will be comprised of several stages. The first stage of the research will focus on conceptualizing surveillance in the 'always on' society and offer a theoretical framework to understand the trends that led to its potential existence. The second stage of the research will focus on the various legal aspects that always-on devices raise, while focusing mainly on the right to privacy. It will scrutinize the current American perception of informational privacy, and value various notions of privacy violations as reflected in legal proceedings and the American legal framework. The third stage will turn these theoretical arguments into mathematical formulations via what is termed as Differential Privacy. The expected outcomes would be offering a toolkit in the form of technological standards. In other words, this research will provide mathematical mechanisms to "measure" the protection of privacy and aid in determining what should constitute as sufficient security to address the concerns that always on devices raise while preserving the value of the obtained data.