Cyberattacks targeting critical infrastructures, such as water treatment facilities, represent significant threats to public health, safety, and the environment. This paper introduces a systematic approach for modeling and assessing covert man-in-the-middle (MitM) attacks that leverage system identification techniques to inform the attack design. We focus on the attacker's ability to deploy a covert controller, and we evaluate countermeasures based on the Process-Aware Stealthy Attack Detection (PASAD) anomaly detection method. Using a second-order linear time-invariant with time delay model, representative of water treatment dynamics, we design and simulate stealthy attacks. Our results highlight how factors such as system noise and inaccuracies in the attacker's plant model influence the attack's stealthiness, underscoring the need for more robust detection strategies in industrial control environments.

翻译：针对水处理设施等关键基础设施的网络攻击，对公共卫生、安全和环境构成重大威胁。本文提出一种系统化方法，用于建模和评估利用系统辨识技术指导攻击设计的隐蔽中间人攻击。我们重点关注攻击者部署隐蔽控制器的能力，并基于过程感知隐蔽攻击检测方法评估防御对策。通过采用代表水处理动力学的二阶线性时滞时不变模型，我们设计并模拟了隐蔽攻击。研究结果揭示了系统噪声及攻击者工厂模型误差等因素如何影响攻击的隐蔽性，强调了工业控制环境中需要更鲁棒的检测策略。