| 引用本文: |
-
孙梦杰,刘建铄,石丁燚,李志,李红,孙利民.面向CPS的物理信号注入跨域脆弱性综述[J].信息安全学报,已采用 [点击复制]
- sunmengjie,liujianshuo,shidingyi,lizhi,lihong,sunlimin.A Review of Cross-Domain Vulnerability of Physical Signal Injection Against CPS[J].Journal of Cyber Security,Accept [点击复制]
|
|
| 摘要: |
| 信息物理系统(Cyber-Physical System,CPS)近年来面临来自物理世界的日益严重的安全威胁。攻击者通过将声、电磁等外界物理信号注入到CPS的感知、执行、通信等设备,破坏其完整性及可用性,从而干扰设备及系统的正常功能,甚至可能毁坏系统。此类攻击能够跨越物理域与信息域传播,具有较强的隐蔽性,已成为CPS 安全研究中的重要威胁类型。本文对近年来国内外物理信号注入脆弱性研究工作进行了系统的梳理和总结,首先提出了一种通用的CPS物理信号注入威胁模型。该模型融合组件层和系统层视角,从攻击目标、攻击向量、攻击面、攻击机理和攻击者能力五个维度描述了基于物理信号注入脆弱性的攻击在物理域与信息域之间的跨域传播特征。在攻击机理方面,不仅在设备层面刻画了信号注入与信号整形两个关键步骤,还进一步构建了CPS物理信号注入跨域机理模型,分别从篡改测量值和篡改控制指令两个方面分析攻击利用系统闭环控制的传播过程。此外,本文以攻击向量和攻击面为核心维度,对典型攻击技术进行分类归纳,深入分析了外界声波、电磁辐射、电磁传导、光信号在CPS关键组件中的攻击机理及其技术演进。最后,总结了基于CPS的物理信号注入跨域脆弱性攻击研究中的挑战和机遇,包括设备异构性导致的攻击迁移性不足、攻击距离与信号功率之间的制约关系以及环境因素对攻击稳定性的影响,并探讨了跨学科融合与人工智能技术发展所带来的潜在研究机遇。 |
| 关键词: 信息物理系统安全 物理信号注入攻击 |
| DOI: |
| 投稿时间:2025-05-29修订日期:2025-12-24 |
| 基金项目:国家自然科学基金项目(面上项目,重点项目,重大项目) |
|
| A Review of Cross-Domain Vulnerability of Physical Signal Injection Against CPS |
|
sunmengjie, liujianshuo, shidingyi, lizhi, lihong, sunlimin
|
| (School of Cyber Security, University of Chinese Academy of Sciences) |
| Abstract: |
| Cyber-Physical Systems (CPS) have increasingly faced severe security threats originating from the physical world in recent years. Attackers can inject external physical signals, such as acoustic or electromagnetic signals, into CPS components responsible for sensing, actuation, and communication, compromising their integrity and availability. These attacks can disrupt normal device and system functionality and may even cause physical damage. These attacks can propagate across physical and cyber domains with high stealthiness and have become a significant threat in CPS security research. This paper provides a systematic review and summary of recent domestic and international research on cross-domain vulnerability of physical signal injection against CPS. A general threat model for CPS physical signal injection attacks is first proposed, which integrates both component-level and system-level perspectives. The model characterizes the cross-domain propagation features of such attacks across the physical and cyber domains through five dimensions: attack targets, attack vectors, attack surfaces, attack mechanisms, and attacker capabilities. With respect to attack mechanisms, the model not only captures two key steps at the device level including signal injection and signal shaping, but also further establishes a cross-domain mechanism model of physical signal injection in CPS, analyzing how attacks propagate via closed-loop control from two aspects: tampering with measurements and tampering with control commands. Furthermore, this paper classifies and analyzes representative attack techniques based on core dimensions of attack vectors and attack surfaces. It provides an in-depth exploration of the underlying mechanisms and technological evolution of external acoustic, electromagnetic radiation, electromagnetic conduction, and optical signal attacks targeting critical CPS components. Finally, we summarize the key challenges faced by existing research on physical signal injection attacks, including limited attack transferability across heterogeneous devices, constraints imposed by attack distance and signal power, and the impact of environmental factors on attack stability. We further discuss emerging research opportunities enabled by interdisciplinary approaches and the increasing integration of artificial intelligence in CPS. |
| Key words: Cyber-Physical Systems Security Physical Signal Injection Attacks |
