Intrusion detection for CPS real-time controllers

Christopher Zimmer, Balasubramany Bhat, Frank Mueller, Sibin Mohan

Research output: Contribution to journalArticlepeer-review


Security in CPS-based real-time embedded systems controlling the power grid has been an afterthought, but it is becoming a critical issue as CPS systems are networked and inter-dependent. This work presents a set of mechanisms for timebased intrusion detection, i.e., the execution of unauthorized instructions in realtime CPS environments. The novelty is the utilization of information obtained by static timing analysis for intrusion detection. Real-time CPS systems are unique in that timing bounds on code sections are readily available since they are required for schedulability analysis.We demonstrate how micro-timings can be exploited for multiple granularity levels of application code to track execution progress. Through bounds checking of these micro-timings, we develop techniques to detect intrusions (1) in a self-checking manner by the application and (2) through the operating system scheduler, which are novel contributions to the real-time/embedded systems domain to the best of our knowledge.

Original languageEnglish (US)
Pages (from-to)329-358
Number of pages30
JournalPower Systems
StatePublished - 2015

ASJC Scopus subject areas

  • Energy Engineering and Power Technology
  • Electrical and Electronic Engineering


Dive into the research topics of 'Intrusion detection for CPS real-time controllers'. Together they form a unique fingerprint.

Cite this