Resilient Intrusion Detection Models for Closed Control-Loop in Cyber-Physical Systems: Combating Adversarial Examples

With the increasing prevalence of machine learning and its application in Intrusion Detection Systems (IDSs) for Cyber Physical Systems (CPSs), where safety and reliability are critical, the risk of system failures leading to substantial harm also grows. To avoid such failures, IDSs that adopt machine learning algorithms at their core must exhibit significantly high reliability and resiliency, ensuring safe and consistent operation across dynamic CPS conditions, particularly Industrial Control Systems (ICS). While many research studies discussed adversarial examples against attack detection in CPS, there is a lack of focus on the closed control loop system of ICSs. Therefore, this article explores adversarial examples, i.e., inputs that pose significant challenges for intrusion detection models for closed control loop systems in CPSs. We comprehensively discuss critical tactics and techniques for generating these adversarial examples for physical processes and explain techniques that provide protection against these adversarial examples and improve the reliability and resiliency of CPSs. We also suggest two use cases for adversarial examples for avoiding attack detection for closed control loop systems in nuclear power plants and offshore gas rigs. Based on the study, we also discuss a few significant issues that must be resolved to implement resilient machine learning for IDS in ICS settings.