An Approach for Formal Analysis of the Security of a Water Treatment Testbed


An increase in the number of attacks on cyberphysical systems (CPS) has raised concerns over the vulnerability of critical infrastructure such as water treatment, oil, gas plants, against cyber attacks. Such systems are controlled by an Industrial Control System (ICS) that includes controllers communicating with each other, and with physical sensors and actuators, using a communications network. This paper focuses on a Multiple Security Domain Nondeducibility (MSDND) model to identify the vulnerable points of attack on the system that hide critical information rather than steal it, such as in the STUXNET virus. It is shown how MSDND analysis, conducted on a realistic multi-stage water treatment testbed, is useful in enhancing the security of a water treatment plant. Based on the MSDND analysis, this work offers a thorough documentation on the vulnerable points of attack, invariants used for removing the vulnerabilities, and suggested design decisions that help in developing invariants to mitigate attacks.

Meeting Name

IEEE 23rd Pacific Rim International Symposium on Dependable Computing, PRDC 2018 (2018: Dec. 4-7, Taipei, Taiwan)


Computer Science

Research Center/Lab(s)

Intelligent Systems Center


Part of this work was supported by research grant NRF2014-NCR-NCR001-040 from the National Research Foundation, Singapore University of Technology and Design, National Institute of Standards and Technology, Grant Number 70NANB13H183 and with support from the Missouri S&T Intelligent Systems Center and by a grant from the US National Science Foundation under award number CNS-1505610.

Keywords and Phrases

Design; Embedded systems; Gas plants; Intelligent control; Network security; Testbeds; Viruses; Cyber security; Cyber-Physical securities; Information flows; Invariants; Msdnd; Water treatment; Cyber physical security

International Standard Book Number (ISBN)


International Standard Serial Number (ISSN)


Document Type

Article - Conference proceedings

Document Version


File Type





© 2018 IEEE Computer Society, All rights reserved.

Publication Date

01 Dec 2018