An impact-aware defense against Stuxnet

Andrew Clark, Quanyan Zhu, Radha Poovendran, Tamer Basar

Research output: Chapter in Book/Report/Conference proceedingConference contribution


The Stuxnet worm is a sophisticated malware designed to sabotage industrial control systems (ICSs). It exploits vulnerabilities in removable drives, local area communication networks, and programmable logic controllers (PLCs) to penetrate the process control network (PCN) and the control system network (CSN). Stuxnet was successful in penetrating the control system network and sabotaging industrial control processes since the targeted control systems lacked security mechanisms for verifying message integrity and source authentication. In this work, we propose a novel proactive defense system framework, in which commands from the system operator to the PLC are authenticated using a randomized set of cryptographic keys. The framework leverages cryptographic analysis and control-and game-theoretic methods to quantify the impact of malicious commands on the performance of the physical plant. We derive the worst-case optimal randomization strategy as a saddle-point equilibrium of a game between an adversary attempting to insert commands and the system operator, and show that the proposed scheme can achieve arbitrarily low adversary success probability for a sufficiently large number of keys. We evaluate our proposed scheme, using a linear-quadratic regulator (LQR) as a case study, through theoretical and numerical analysis.

Original languageEnglish (US)
Title of host publication2013 American Control Conference, ACC 2013
PublisherInstitute of Electrical and Electronics Engineers Inc.
Number of pages8
ISBN (Print)9781479901777
StatePublished - 2013
Event2013 1st American Control Conference, ACC 2013 - Washington, DC, United States
Duration: Jun 17 2013Jun 19 2013

Publication series

NameProceedings of the American Control Conference
ISSN (Print)0743-1619


Other2013 1st American Control Conference, ACC 2013
Country/TerritoryUnited States
CityWashington, DC

ASJC Scopus subject areas

  • Electrical and Electronic Engineering


Dive into the research topics of 'An impact-aware defense against Stuxnet'. Together they form a unique fingerprint.

Cite this