A Survey on Machine-Learning Based Security Design for Cyber-Physical Systems

A cyber-physical system (CPS) is the integration of a physical system into the real world and control applications in a computing system, interacting through a communications network. Network technology connecting physical systems and computing systems enables the simultaneous control of many physical systems and provides intelligent applications for them. However, enhancing connectivity leads to extended attack vectors in which attackers can trespass on the network and launch cyber-physical attacks, remotely disrupting the CPS. Therefore, extensive studies into cyber-physical security are being conducted in various domains, such as physical, network, and computing systems. Moreover, large-scale and complex CPSs make it difficult to analyze and detect cyber-physical attacks, and thus, machine learning (ML) techniques have recently been adopted for cyber-physical security. In this survey, we provide an extensive review of the threats and ML-based security designs for CPSs. First, we present a CPS structure that classifies the functions of the CPS into three layers: the physical system, the network, and software applications. Then, we discuss the taxonomy of cyber-physical attacks on each layer, and in particular, we analyze attacks based on the dynamics of the physical system. We review existing studies on detecting cyber-physical attacks with various ML techniques from the perspectives of the physical system, the network, and the computing system. Furthermore, we discuss future research directions for ML-based cyber-physical security research in the context of real-time constraints, resiliency, and dataset generation to learn about the possible attacks.