Cyber Security of Water SCADA Systems—Part II: Attack Detection Using Enhanced Hydrodynamic Models

This paper investigates the problem of detection and isolation of attacks on a water distribution network comprised of cascaded canal pools. The proposed approach employs a bank of delay-differential observer systems. The observers are based on an analytically approximate model of canal hydrodynamics. Each observer is insensitive to one fault/attack mode and sensitive to other modes. The design of the observers is achieved by using a delay-dependent linear matrix inequality method. The performance of our model-based diagnostic scheme is tested on a class of adversarial scenarios based on a generalized fault/attack model. This model represents both classical sensor-actuator faults and communication network-induced deception attacks. Our particular focus is on stealthy deception attacks in which the attacker's goal is to pilfer water through canal offtakes. Our analysis reveals the benefits of accurate hydrodynamic models in detecting physical faults and cyber attacks to automated canal systems. We also comment on the criticality of sensor measurements for the purpose of detection. Finally, we discuss the knowledge and effort required for a successful deception attack.