Abusive adversarial agents and attack strategies in cyber‐physical systems

Abstract The exponential increase in IoT device usage has spawned numerous cyberspace innovations. IoT devices, sensors, and actuators bridge the gap between physical processes and the cyber network in a cyber‐physical system (CPS). Cyber‐physical system is a complex system from a security perspective due to the heterogeneous nature of its components and the fact that IoT devices can serve as an entry point for cyberattacks. Most adversaries design their attack strategies on systems to gain an advantage at a relatively lower cost, whereas abusive adversaries initiate an attack to inflict maximum damage without regard to cost or reward. In this paper, a sensor spoofing attack is modelled as a malicious adversary attempting to cause system failure by interfering with the feedback control mechanism. It is accomplished by feeding spoofed sensor values to the controller and issuing erroneous commands to the actuator. Experiments on a Simulink‐simulated linear CPS support the proof of concept for the proposed abusive ideology, demonstrating three attack strategies. The impact of the evaluations stresses the importance of testing the CPS security against adversaries with abusive settings for preventing cyber‐vandalism. Finally, the research concludes by highlighting the limitations of the proposed work, followed by recommendations for the future.