Hacker attacks are no longer of a virtual nature. Previously, the consequences of hacker attacks were corrupted or stolen documents and personal data. At present, systems whose operation is crucial to the daily lives of people have come under attack, and the loss from attacks on such systems will be truly irreparable. Such acts have been made possible by the fact that industrial systems are poorly protected against hackers, and the sending of deliberately wrong parameters to the actuating elements of equipment causes a denial of service or the system will begin to function in emergency mode. In response to such attacks, defenses are being developed to monitor the parameters being entered and not allow the use of parameters which go beyond safe ranges of values and which are able to cause the actuating elements of industrial systems to work in emergency mode or cause a malfunction, i.e., to filter the control parameters being entered, where permissible ranges are set by rules and regulations of the industry. But such measures are not able to defend against more sophisticated and complex attacks, when the control parameters transmitted to the actuating elements have permissible values, but are chosen such that the resultant of the working of the actuating elements to which the correct control parameters are sent will produce an emergency. The resultant of the working will be a critical operating parameter.
Let us consider the example of a metalworking machine with numerical control (NC) whose actuating elements are sent parameters that are permissible in accordance with the regulations (cutting depth, feed rate, speed of the drive unit, and so on). These parameters are checked by the protection system for compliance with the regulations and are transmitted for use by the actuating elements. But the protection system does not take into account that the set of such parameters in the particular cutting operation is not permissible and causes a cutting power not sustainable by the given equipment, causing an emergency. Modern machine tools are able to recognize a transgression of the permissible performance and halt the machining process, but the cutting tool has already been destroyed, the automatic line in which this machine tool was installed has been halted, and the work piece has been ruined. Such mistakes have been encountered in production more than once and as a rule they were not deliberate in nature, but everything changes when the system comes under the control of a hacker, and then even an isolated protection system will be unable to prevent a crash because from its perspective all of the entered parameters are correct.
This may happen anywhere at all, at a hydroelectric power plant, at an atomic power plant, and the consequences are not limited to tool breakage, but may end in a disaster with loss of human life. It is evident that protection systems have been created for industrial systems, but they have drawbacks. A passive system is unable to recognize a complex attack, it is merely a filter with rigidly defined limits. Active protection systems are able to shut down equipment and fix the crash, but some damage may have been already caused.