The benefits of using Networked Control Systems (NCS) in the growing Industry 4.0 arenumerous, including better management and operational capabilities, as well as costs reduction.However, despite these benefits, the use of NCSs can also expose physical plants to new threatsoriginated in the cyber domain-such as data injection attacks in NCS links through which sensorsand controllers transmit signals. In this sense, this work proposes a link monitoring strategy toidentify linear time-invariant (LTI) functions executed during controlled data injection attacksby a Man-in-the-Middle hosted in an NCS link. The countermeasure is based on a bioinspiredmetaheuristic, called Backtracking Search Optimization Algorithm (BSA), and uses white Gaussiannoise to excite the attack function. To increase the accuracy of this countermeasure, it is proposedthe Noise Impulse Integration (NII) technique, which is developed using the radar pulse integrationtechnique as inspiration. The results demonstrate that the proposed countermeasure is able toaccurately identify LTI attack functions, here executed to impair measurements transmitted bythe plant sensor, without interfering with the NCS behavior when the system is in its normaloperation. Moreover, the results indicate that the NII technique can increase the accuracy of the attackidentification.
Keywords: countermeasure; data injection attack; industrial control system; networked control system; security; system identification.