CyberRadar: A Regression Analysis Approach to the Identification of Cyber-Physical Mappings in Process Control Systems

One of the attack requirements for maximizing physical dam-age to digitally controlled infrastructures is the identification of a mapping between program variables in a compromised control system and physical parameters related to physical processes or physical equipment. A cyber-physical mapping is quite critical from the offensive perspective as physical parameters are affected via modification of the associated program variables. The difficulty of such a reconnaissance challenge is acknowledged by control system security analysts as what they're presented with during experimental attacks is comprised of long series of random looking bytes or variable names.