Understanding the physical and economic consequences of attacks on control systems

Yu-Lun Huang*, Alvaro A. Cárdenas, Saurabh Amin, Zong Syun Lin, Hsin Yi Tsai, Shankar Sastry

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

106 Scopus citations


This paper describes an approach for developing threat models for attacks on control systems. These models are useful for analyzing the actions taken by an attacker who gains access to control system assets and for evaluating the effects of the attacker's actions on the physical process being controlled. The paper proposes models for integrity attacks and denial-of-service (DoS) attacks, and evaluates the physical and economic consequences of the attacks on a chemical reactor system. The analysis reveals two important points. First, a DoS attack does not have a significant effect when the reactor is in the steady state; however, combining the DoS attack with a relatively innocuous integrity attack rapidly causes the reactor to move to an unsafe state. Second, an attack that seeks to increase the operational cost of the chemical reactor involves a radically different strategy than an attack on plant safety (i.e., one that seeks to shut down the reactor or cause an explosion).

Original languageEnglish
Pages (from-to)73-83
Number of pages11
JournalInternational Journal of Critical Infrastructure Protection
Issue number3
StatePublished - 1 Oct 2009


  • Consequences
  • Control systems
  • Denial-of-service attacks
  • Integrity attacks

Fingerprint Dive into the research topics of 'Understanding the physical and economic consequences of attacks on control systems'. Together they form a unique fingerprint.

Cite this