Yi Wang,Yuting Li,Zhenhua Yu,Naiqi Wu,Zhiwu Li

DOI: https://doi.org/10.1016/j.ins.2021.03.033

IF: 8.1

2021-07-01

Information Sciences

Abstract:<p>Resilience is a critical criterion to evaluate a networked system including discrete-event systems (DESs). This research touches upon the supervisory control problem of a DES modeled with labeled Petri nets under malicious attacks. Attacks on a system can be categorized into actuator attacks and sensor attacks. The former may cause an actuator to fail to execute the commands issued from a supervisor that enforces a specification. The latter may attack a sensor to corrupt an observation (i.e., a sequence of observable transition labels) by different types of attacks such as insertion, removal, and replacement of transition labels. For actuator attacks, if we can detect them and disable some particular controllable transition labels before reaching a state that does not satisfy the specification, then we can find a modified supervisor to enforce the specification. For sensor attacks, we assume that, once a time, only one attack can be carried out, i.e., the attacker does not change the attack during an observation corruption. Given a specification, we consider in a plant model any two feasible transition sequences that share the same corrupted observation under attacks. It is shown that there exists a supervisor to enforce the specification if the one-step controllable extensions of the two transition sequences either satisfy or violate the specification simultaneously. To this end, a novel structure, namely a product observation reachability graph constructed from a plant and its specification, is proposed to decide the existence of such a supervisor by checking whether each state in the graph satisfies a particular condition. The application of the reported methods is demonstrated through examples.</p>

computer science, information systems

Zhang Yifang,Wu Zhengguang,Wu Zongze,Meng Deyuan

DOI: https://doi.org/10.1007/s11432-020-3190-2

2022-01-01

Science China Information Sciences

Abstract:We develop the resilient observer-based event-triggered control update strategy in this paper.It is utilized to achieve the input-to-state stability(ISS) of cyber-physical systems(CPSs) when there is an asynchronous denial-of-service(DoS) attack, which is launched by malicious adversaries both on measurement channel and control channel in a random attack strategy. To estimate the unmeasurable states while saving the limited networked bandwidth, an H_∞ observer-based event-triggered control scheme is first designed to guarantee the ISS of CPSs with economic communication. Moreover, the occurrence of Zeno behavior can be eliminated by providing the existence of a lower positive bound of any two inter-event times. Then, a recursive model of asynchronous DoS attacks is introduced. A resilient control update strategy is proposed and further analyzed to derive the stability criterion of CPSs. At last, a numerical simulation example is given to demonstrate the effectiveness of the introduced control update policy.

Srinivasan Arunagirinathan,Tae H. Lee

DOI: https://doi.org/10.1049/cth2.12651

IF: 2.67

2024-04-11

IET Control Theory and Applications

Abstract:This work addresses the nonfragile sampled‐data control of T‐S fuzzy model for cyber‐physical systems subject to cyber‐attacks. In the communication between physical and cyber layers the signals suffered by stochastic delays and cyber‐attacks. The fractional delayed state looped functional approach is presented to handle the formulated Lyapunov‐Krasovskii functional. This work addresses the nonfragile sampled‐data control (SDC) of the Takagi‐Sugeno (T‐S) fuzzy model for cyber‐physical systems (CPSs) subject to cyber‐attacks (CAs). The sets of random variables satisfying the Bernoulli distribution are utilized to depict the probability of the data transmitted by the network being subjected to stochastic delay and CAs. Then, the information for the entire sampling interval tk to tk+1 with a relation of the augmented state vectors is considered for designing the SDC of the T‐S fuzzy systems (TSFSs). In this regard, the fractional delayed state looped functional (LF) approach is presented to handle the formulated Lyapunov‐Krasovskii functional. Based on the LF method, new criteria are acquired to design SDC such that the proposed CPS is asymptotically stable in terms of linear matrix inequalities. It is worth noting that the proposed control strategy for the TSFSs guarantees stable performance while dealing with the attacks in the numerical section. Also, for the various attacking strengths of periodic and non‐periodic nature, the TSFSs have been simulated to show the efficiency of the proposed control method. Additionally, three numerical models have been performed to validate the less conservatism and superiority of the derived results over the existing ones.

automation & control systems,engineering, electrical & electronic,instruments & instrumentation

Rong Su

DOI: https://doi.org/10.48550/arXiv.1608.04103

2016-08-25

Abstract:One of the major challenges about cyber physical systems is how to prevent cyber attacks to ensure system integrity. There has been a large number of different types of attacks discussed in the modern control and computer science communities. In this paper we aim to investigate one special type of attacks in the discrete-event system framework, where an attacker can arbitrarily alter sensor readings after intercepting them from a target system in order to trick a given supervisor to issue control commands improperly, driving the system to an undesirable state. We first consider the cyber attack problem from an attacker point of view, and formulate an attack with bounded sensor reading alterations (ABSRA) problem. We then show that the supremal (or least restrictive) ABSRA exists and can be synthesized, as long as the plant model and the supervisor model are regular, i.e., representable by finite-state automata. Upon the synthesis of the supremal ABSRA, we present a synthesis algorithm, which ensures that a computed supervisor will be ABSRA-robust , i.e., either an ABSRA will be detectable or will not lead the system to an undesirable state.

Formal Languages and Automata Theory,Cryptography and Security

Qidong Liu,Yue Long,Tieshan Li,C. L. Philip Chen

DOI: https://doi.org/10.1109/tfuzz.2023.3339886

IF: 12.253

2024-01-01

IEEE Transactions on Fuzzy Systems

Abstract:In this paper, a novel secure fault-tolerant control strategy is proposed to deal with the impact of multiple threats such as sparse sensor attacks, system faults and unknown disturbances on T-S fuzzy cyber-physical systems (CPSs). Firstly, under the assumption of 2s-detectability, a set of robust local unknown input observers are designed. Specifically, each observer can decouple partial disturbances and perform targeted suppression on undecoupling disturbances simultaneously. Next, the residualbased attack detection strategy and secure global estimation fusion mechanism are developed, leading to the estimation of the state and concerned fault with smaller estimation error. Ulteriorly, a secure fault tolerant controller is proposed to ensure that the system can recover satisfactory performance in time subjected to multiple threats. Finally, the proposed secure faulttolerant control method is applied to the control scenario of autonomous vehicles in the network environment, which proves the effectiveness of the developed technology.

Jingshi Yao,Shaoyuan Li,Xunyuan Yin,Xiang Yin

DOI: https://doi.org/10.1016/j.ifacol.2023.10.268

2023-01-01

Abstract:In this paper, we investigate the problem of synthesizing safe supervisors for discrete-event systems under attacks. Specifically, we consider an important class of attacks called the actuator enablement attacks (AE-attacks), where an attacker can additionally enable events that are disabled by the supervisor originally. We assume that the attacker consumes certain units of energy each time to launch an attack, and its total energy budget is bounded. Our goal is to synthesize an attack-resilient supervisor such that the closed-loop system is still safe under any attack whose capability is constrained by the energy bound. We provide a necessary and sufficient condition for the existence of such an attack-resilient supervisor based on the notion of safety threshold. When the existence condition holds, an attack-resilient supervisor can be effectively synthesized by dynamically estimating the remaining energy of the attacker. We show the synthesized supervisor is maximally permissive in terms of the nominal behavior without attack.

Fei Wang,Jan Komenda,Feng Lin

2023-09-21

Abstract:This paper investigates the coordination control of discrete event systems in the presence of combined sensor and actuator attacks. Discrete event systems are modeled as automata, and sensor attacks are defined using specific attack languages. The approach involves employing multiple local supervisors to control the system. The primary objective is to devise these local supervisors to ensure the system's safety, even when facing sensor and actuator attacks. The paper establishes the necessary and sufficient conditions for the existence of such supervisors in terms of conditional decomposability, CA-controllability, and CA-observability. Furthermore, a methodology is developed to compute local state estimates when sensor attacks occur. Based on the local state estimates, local supervisors are designed to ensure the safety of a system even under cyber attacks.

Systems and Control

Lilian Kawakami Carvalho,Yi-Chin Wu,Raymond Kwong,Stéphane Lafortune

DOI: https://doi.org/10.48550/arXiv.1807.04889

2018-07-13

Abstract:The deployment of control systems with network-connected components has made feedback control systems vulnerable to attacks over the network. This paper considers the problem of intrusion detection and mitigation in supervisory control systems, where the attacker has the ability to enable or disable vulnerable actuator commands and erase or insert vulnerable sensor readings. We present a mathematical model for the system under certain classes of actuator enablement attacks, sensor erasure attacks, or sensor insertion attacks. We then propose a defense strategy that aims to detect such attacks online and disables all controllable events after an attack is detected. We develop an algorithmic procedure for verifying whether the system can prevent damage from the attacks considered with the proposed defense strategy, where damage is modeled as the reachability of a pre-defined set of unsafe system <a class="link-external link-http" href="http://states.The" rel="external noopener nofollow">this http URL</a> technical condition of interest that is necessary and sufficient in this context, termed "GF-safe controllability", is characterized. We show that the verification of GF-safe controllability can be performed using diagnoser or verifier automata. Finally, we illustrate the methodology with a traffic control system example.

Formal Languages and Automata Theory,Systems and Control

Jingshi Yao,Xiang Yin,Shaoyuan Li

DOI: https://doi.org/10.1109/cdc42340.2020.9304130

2020-01-01

Abstract:This paper investigates attack mitigation problem in supervisory control of discrete event systems. We consider the scenario where the system is subject to actuator enablement attack. We explicitly distinguish between controllable events and defendable events; the former are events that can be disabled by the normal supervisor but may be subject to attack, while the latter are events that can be defensed (disabled definitely) by the mitigation module but possibly with higher costs. The objective is to design an attack mitigation strategy to prevent serious damage from attack. We formulate the attack mitigation problem as a tolerant control problem under partial observation. Particularly, in addition to guarantee safety, we aim to maximize the desirable behavior (normal specification) while minimize the tolerable behavior (safe but not desirable). We provide an effective online algorithm for solving this problem, which yields a novel attack mitigation strategy that generalizes the existing one in the literature. Specifically, we show that the proposed strategy may still prevent damage even when the safe-controllability condition, which is required by the existing strategy, does not hold.

Ximing Yang,Yue Long,Tieshan Li,Hanqing Yang,Hongjing Liang

DOI: https://doi.org/10.1109/tsmc.2024.3491841

2024-01-01

Abstract:This article mainly focuses on the problem of observer-based adaptive event-triggered security fault-tolerant control (FTC) for attacked cyber–physical systems (CPSs). First, for the nonlinear characteristics in CPSs, the model is reconstructed based on the Takagi–Sugeno (T–S) fuzzy modeling technique. Then, a T–S fuzzy resilient observer is proposed to estimate the state as well as the actuator fault information. The proposed T–S fuzzy resilient observer proactively detects sensor transmission channels affected by dynamically changing denial-of-service (DoS) attacks, and proactively isolates contaminated data so as to reduce the impact of DoS attacks on the estimation effect. Based on the above content, an observer-based adaptive event-triggered security FTC scheme is proposed, which can ensure the stability of the CPSs and save the limited network resources between the controller and the actuator. Finally, simulation results are given to verify the effectiveness of the proposed scheme.

Yue Zhao,Xin Du,Chunjie Zhou,Yu-Chu Tian,Xiaoya Hu,Daniel E. Quevedo

DOI: https://doi.org/10.1109/tii.2021.3108876

IF: 12.3

2022-05-01

IEEE Transactions on Industrial Informatics

Abstract:Resilient control of cyber-physical systems (CPSs) against actuator and/or sensor attacks has been extensively researched. However, the existing research considers actuator attacks and sensor attacks separately and also designs resilient controllers based on complex nonlinear system models caused by unknown actuator and sensor attacks. This increases the difficulty in the analysis, computation, and control of CPSs under attacks. To address this issue, this article introduces an idea to deal with both actuator attacks and sensor attacks together with feedback linearization control. This simplifies the mathematical modeling of attacked CPSs, thus reducing the difficulty of resilient controller design. Then, from the simplified modeling, a composite controller is designed to enhance system resilience. It ensures the dynamic and steady-state performance of CPSs under attacks. Simulation studies are undertaken to demonstrate the effectiveness of the proposed method.

automation & control systems,computer science, interdisciplinary applications,engineering, industrial

Xianrui Fan,Yongming Li,Shaocheng Tong

DOI: https://doi.org/10.1007/s11424-024-3401-z

2024-06-13

Journal of Systems Science and Complexity

Abstract:This paper studies the finite-time fuzzy adaptive output feedback resilient control problem for nonlinear cyber-physical systems (CPSs) with sensor attacks and actuator faults. Fuzzy logic systems (FLSs) are used to approximate the unknown nonlinear functions, and a fuzzy state observer is constructed to estimate the unmeasured states. By combining the Nussbaum function with the backstepping control design technique, a fuzzy adaptive resilient control scheme is designed to successfully address the effects of sensor attacks and actuator faults. It is proved that the controlled system is semi-global practical finite-time stability (SGPFS), and the tracking error converges to a small neighborhood of the origin in a finite time interval. Finally, the simulation and comparison results further demonstrate the effectiveness of the designed control method.

mathematics, interdisciplinary applications

Yang Yang,Jingzhi Ge,Dong Yue,Qing Meng,Jinran Wu

DOI: https://doi.org/10.1016/j.neucom.2020.04.061

IF: 6

2020-08-01

Neurocomputing

Abstract:<p>An event-triggered resilient control framework is proposed for a class of uncertain nonlinear systems under DoS attacks. Unknown dynamics are approximated by fuzzy logic systems (FLSs), while a switched adaptive state observer is presented to reconstruct unavailable states in the presence of intermittent attacks. Then, the backstepping method is developed for the control scheme; additionally, a relative threshold triggered scheme is designed. Furthermore, in theory, we prove the proposed control scheme guarantees all closed-loop signals remain bounded, and the error signal converges to a small area of the origin under DoS attacks. Finally, a power networked system and a numerical example are used to verify the effectiveness of the theoretical claims in our proposed scheme.</p>

computer science, artificial intelligence

Mehran Attar,Walter Lucia

2024-10-01

Abstract:This paper proposes a worst-case data-driven control architecture capable of ensuring the safety of constrained Cyber-Physical Systems under cyber-attacks while minimizing, whenever possible, potential degradation in tracking performance. To this end, a data-driven robust anomaly detector is designed to detect cyber-attack occurrences. Moreover, an add-on tracking supervisor module allows safe open-loop tracking control operations in case of unreliable measurements. On the plant side, a safety verification module and a local emergency controller are designed to manage severe attack scenarios that cannot be handled on the controller's side. These two modules resort to worst-case reachability and controllability data-driven arguments to detect potential unsafe scenarios and replace, whenever strictly needed, the tracking controller with emergency actions whose objective is to steer the plant's state trajectory in a predefined set of admissible and safe robust control invariant region until an attack-free scenario is restored. The effectiveness of the proposed solution has been shown through a simulation example.

Systems and Control,Optimization and Control

Shan Liu,Shanbin Li,Bugong Xu

DOI: https://doi.org/10.1080/00207179.2018.1537518

IF: 2.102

2018-10-30

International Journal of Control

Abstract:In this paper, we research the resilient control problem for cyber-physical system (CPS) under denial-of-service (DoS) attacks. These malicious DoS attacks aim to impede the communication of measurement data or control data in order to endanger the functionality of the closed-loop system. Meanwhile, in order to save network resources, event-triggered mechanism has been introduced into this CPS. By exploiting the relationship between cyber system and physical system, we aim to design the resilient controller and resilient control strategy to tolerate a class of DoS signals characterised by probability without serious hazard to the stability and performance of CPS. Furthermore, considering that the transition probability of cyber state is unknown, the on-policy reinforcement learning method – SARSA (State-Action-Reward-State-Action) – is used to solve this problem. Thus a resilient control algorithm that integrates game theory, robust control theory, event-triggered control method and SARSA learning method is presented to enhance the security and robustness of the CPS. At last, the numerical simulation and experimental results are given to demonstrate the validity and applicability of the proposed algorithm.

automation & control systems

Ximing Yang,Ran Liu,Tieshan Li,Yue Long,Hanqing Yang,Xiaoyang Gao,C. L. Philip Chen

DOI: https://doi.org/10.1109/icist59754.2023.10367183

2023-01-01

Abstract:The issue of security control for cyber-physical systems (CPSs) is now receiving a lot of attention. Among them, the network layer is more seriously affected by cyberattacks than the physical layer. In this paper, we investigate the denial-of-service (DoS) attacks and false data injection (FDI) attack on data transmission. Firstly, the FDI attack that exists in the actuator is estimated by proposing the observer. Then, due to the presence of DoS attacks in the sensor channels, the estimation effect of the former observer is affected. To solve this problem, a new resilient observer is proposed by introducing the switching mechanism. The proposed resilient observer can effectively reduce the adverse effects of DoS attacks on data transmission. Next, a false data estimation-based security controller is proposed, which can ensure the stability of the closed-loop system. Finally, a simulation is given to verify the effectiveness of the proposed method.

Liyuan Yin,Chengwei Wu,Lezhong Xu,Hongming Zhu,Xiangyu Shao,Weiran Yao,Jianxing Liu,Ligang Wu

DOI: https://doi.org/10.1109/tase.2024.3483169

IF: 6.636

2024-01-01

IEEE Transactions on Automation Science and Engineering

Abstract:This paper is focused on the event-based secure control issue for cyber-physical systems (CPSs) under aperiodic denial-of-service (DoS) attacks. Malicious DoS attacks disrupt the communication between the controller and the actuator. The finite attack resources of malicious attackers are taken into consideration, and the DoS attacks are characterized using an aperiodic model. In contrast to prior results, the present study tackles the issue of secure controller design by considering the attributes of the DoS attack, instead of employing a switched system approach to address the aforementioned concerns. More specifically, under aperiodic DoS attacks, sufficient criteria are established to guarantee that the closed-loop CPSs can achieve bounded stability. Then, within a time-varying attack period, the relationship between the attack active interval and the attack silent interval is derived. Without satisfying the derived conditions, the system’s stability will deteriorate. Moreover, an event-based secure control scheme under aperiodic DoS attacks is designed. To verify the efficacy of the derived theory, a wheeled mobile robot system under aperiodic DoS attacks is illustrated. Note to Practitioners —CPSs have been widely utilized in various domains, such as aerospace and intelligent transportation. However, the openness of networks provides attackers with numerous opportunities for malicious assaults, consequently leading to a degradation in system performance. Consequently, researching the security issues of CPSs under malicious attacks is of utmost urgency. This paper focuses on the issue of event-triggered secure control for CPSs in the presence of energy-constrained aperiodic DoS attacks. The event-triggered communication mechanism is introduced to reduce the computational burden. The criteria for ensuring the bounded stability of CPSs under aperiodic DoS attacks are proposed. The relationship between the attack active interval and the attack silent interval is derived, which is incorporated into the proposed criteria. A wheeled mobile robot system is given to validate the effectiveness of the proposed method. In the future, an active defense control method will be proposed to counter malicious attacks.

Kousei Sakata,Kenji Sawada,Takashi Ogura,Junya Fujita,Noritaka Matsumoto

DOI: https://doi.org/10.1080/01691864.2024.2329947

IF: 2.057

2024-04-27

Advanced Robotics

Abstract:Industrial control systems (ICS) require system design and operation under cyber-attacks. This study aims to design a fallback control system that can switch from normal control to fallback control and verify its superiority. The target system is a factory automation (FA) system consisting of a normal programmable logic controller (PLC) and a fallback PLC. In this system, we design a fallback logic that takes over control in the case of cyber-attacks. The design of this logic requires a system model that manages smooth state transitions between normal control and fallback control in an integrated manner under cyber-attacks. In response, we model a control program in the framework of discrete event systems (DESs) and apply supervisory control to derive a supervisor model that can manage the system in an integrated manner. To ensure the controllability of the FA system during cyber-attacks, we design a control specification that includes a detection function to enable rapid switching of the control state. As a result, we generate the fallback logic from the supervisor model with guaranteed controllability under cyber-attacks and implement it in a fallback PLC to verify the effectiveness of the proposed logic.

robotics

Liyong Lin,Sander Thuijsman,Yuting Zhu,Simon Ware,Rong Su,Michel Reniers

DOI: https://doi.org/10.48550/arXiv.1807.06720

2019-02-27

Abstract:In this work, we propose and develop a new discrete-event based actuator attack model on the closed-loop system formed by the plant and the supervisor. We assume the actuator attacker partially observes the execution of the closed-loop system and eavesdrops the control commands issued by the supervisor. The attacker can modify each control command on a specified subset of attackable events. The attack principle of the actuator attacker is to remain covert until it can establish a successful attack and lead the attacked closed-loop system into generating certain damaging strings. We present a characterization for the existence of a successful attacker, via a new notion of attackability, and prove the existence of the supremal successful actuator attacker, when both the supervisor and the attacker are normal (that is, unobservable events to the supervisor cannot be disabled by the supervisor and unobservable events to the attacker cannot be attacked by the attacker). Finally, we present an algorithm to synthesize the supremal successful attackers that are represented by Moore automata.

Systems and Control,Formal Languages and Automata Theory

Linlin Li,Steven X. Ding,Liutao Zhou,Maiying Zhong,Kaixiang Peng

2024-09-20

Abstract:This paper is concerned with the detection, resilient and fault-tolerant control issues for cyber-physical systems. To this end, the impairment of system dynamics caused by the defined types of cyber-attacks and process faults is analyzed. Then, the relation of the system input and output signals with the residual subspaces spanned by both the process and the controller is studied. Considering the limit capacity of standard observer-based detection and feedback control schemes in detecting and handling the cyber-attacks, a modified configuration for cyber-physical systems is developed by transmitting the combinations of the input and output residuals instead of the input and output signals, which is facile for dealing with both the process faults and cyber-attacks. It is followed by the integrated design of fault and attack detection, resilient and fault-tolerant control schemes. To enhance the detectability of cyber-attacks, the potential stealthy attack mechanisms on deteriorating the tracking behavior and feedback control performance are developed from the attackers' point of view, and the associated detection schemes for such stealthy attacks are proposed from the defenders' point of view. A case study on the robotino system is utilized to demonstrate the proposed resilient cyber-physical configuration.

Systems and Control