The CSC5113C Paradox: Why Securing the Invisible Clock is Harder than Stopping a Bullet
Attack: The adversary does not trigger a false fault. Instead, they inject a low-rate denial-of-service (LoRDOS) on the relay’s GPS timing source. The relay’s clock drifts by only 10ms. csc5113c
You cannot simultaneously know the exact physical state of a CPS and respond to it securely, because the act of securing (encryption, authentication, attestation) adds unbounded latency. 3. Attack Taxonomy: Three Ways to Break the Clock Traditional attacks (buffer overflow, SQLi) are trivial in comparison to these three classes unique to CSC5113C: The CSC5113C Paradox: Why Securing the Invisible Clock
| Attack Class | Mechanism | Physical Outcome | | :--- | :--- | :--- | | | Flood the control loop with low-priority network traffic, causing control tasks to miss deadlines. | Rotor overspeed, chemical overflow. | | Time-Dilation Spoof | Replay old sensor data with manipulated timestamps, stretching the perceived duration of an event. | ABS system brakes too early/late. | | Resonance Injection | Inject control signals at the natural frequency of a physical process (e.g., bridge, power line). | Cascading failure via harmonic excitation. | 4. Case Study: The "Tired Relay" Attack (Smart Grid) Scenario: A protection relay on a 138kV transmission line must trip within 4 cycles (66ms) of detecting a fault. You cannot simultaneously know the exact physical state