Yue Ma,Wei Jiang,Nan Sang,Xia Zhang

DOI: https://doi.org/10.1109/ISPA.2012.56

2012-01-01

Abstract:Since the real-time systems are becoming increasingly networked, there are some growing critical challenges of security management and risk control. For the unpredicted and especially unsecured environments, such security-critical distributed real-time embedded systems need to enforce security on multiple nodes in order to against the potential threats as well as satisfying the real-time requirements. Unlike the traditional ad hoc static designing approaches, based on feedback theory, this paper proposes an Adaptive Risk Control and Security Management (ARCSM) mechanism for centralized distributed systems. ARCSM has the ability to guarantee the soft real-time and provide as strong security protection as possible. To meet this requirement, the host server is able to refuse to serve for the deadline missed tasks. In each node, a two-level scheduling framework is designed to implement the feedback control twice. In the first feedback, an appropriate initial security level is assigned for new task. At the runtime, the second feedback can dynamically adjust the ready tasks' security level based on runtime status. Considering features of embedded systems, we measured the energy and time costs of cryptographic algorithms and established a method to quantify the security risk. Moreover, the relationship between time and energy costs analyzed in this paper leaves its significance for the future researches. Experimental results demonstrate that our mechanism can be adaptive to the fluctuation of input workloads and has better performance than open-loop schemes.

Wei Jiang,Yue Ma,Nan Sang,Ziguo Zhong

DOI: https://doi.org/10.1016/j.compeleceng.2014.10.002

IF: 4.152

2015-01-01

Computers & Electrical Engineering

Abstract:Widely deployed real-time embedded systems can improve the performance of industrial applications, but these systems also face the critical challenge of providing high quality security in an unpredictable network environment. We measure the time and energy consumptions of commonly used cryptographic algorithms on a real embedded platform and introduce a method to quantify the security risk of real-time applications. We propose a Dynamic Security Risk Management (DSRM) mechanism to manage the aperiodic real-time tasks for networked industrial applications. Inspired by the feedback design philosophy, DSRM is designed as a two-level control mechanism. The upper-level component makes efforts to admit or reject the arrival tasks and assigns the reasonable security level for each admitted task. With three proportional feedback controllers at the lower level, the security level of each ready task can be adjusted adaptively according to the dynamic environments. Simulation results show the superiority of the proposed mechanism.

Yue Ma,Nan Sang,Wei Jiang,Lei Zhang

DOI: https://doi.org/10.1007/978-94-007-5076-0_30

2012-01-01

Abstract:Security has become an important characteristic for many real-time systems. Due to the lack of enough and stable energy supply in battery-powered embedded systems, one of the foremost challenges is the mismatch between energy and performance requirements of security processing. In this paper, we propose a security-aware and energy-efficient scheduling algorithm that aims at reducing energy consumption while ensuring the real-time and security requirements. Based on the feedback control theory, we employ a feedback unit to keep track of the CPU utilization and manage the security level dynamically. Simulation results show the effectiveness and efficiency of the proposed algorithm.

Tingqi Zhang,Mingyang Sun,Jochen L. Cremer,Ning Zhang,Goran Strbac,Chongqing Kang

DOI: https://doi.org/10.1109/tpwrs.2021.3059197

IF: 7.326

2021-01-01

IEEE Transactions on Power Systems

Abstract:Dynamic Security Assessment (DSA) for the future power system is expected to be increasingly complicated with the higher level penetration of renewable energy sources (RES) and the widespread deployment of power electronic devices, which drive new dynamic phenomena. As a result, the increasing complexity and the severe computational bottleneck in real-time operation encourage researchers to exploit machine learning to extract offline security rules for the online assessment. However, traditional machine learning methods lack in providing information on the confidence of their corresponding predictions. A better understanding of confidence of the prediction is of key importance for Transmission System Operators (TSOs) to use and rely on these machine learning methods. Specifically, from the perspective of topological changes, it is often unclear whether the machine learning model can still be used. Hence, being aware of the confidence of the prediction supports the transition to using machine learning in real-time operation. In this paper, we propose a novel Conditional Bayesian Deep Auto-Encoder (CBDAC) based security assessment framework to compute a confidence metric of the prediction. This informs not only the operator to judge whether the prediction can be trusted, but it also allows for judging whether the model needs updating. A case study based on IEEE 68-bus system demonstrates that CBDAC outperforms the state-of-the-art machine learning-based DSA methods and the models that need updating under different topologies can be effectively identified. Furthermore, the case study verifies that effective updating of the models is possible even with very limited data.

Yue Ma,Wei Jiang,Nan Sang,Ziguo Zhong

DOI: https://doi.org/10.1109/ares.2012.45

2012-01-01

Abstract:Traditional mechanisms for risk control and task scheduling may not be very suitable for security-critical embedded real-time systems under dynamic operation environments. In this paper, we are interested in design of an adaptive risk control and management mechanism of the uniprocessor system for real-time embedded applications. With the purpose of obtaining adaptive capability to reduce system risks without sacrificing soft real-time performance, a two-level feedback scheduling framework was deployed at runtime. The upper-level component automatically monitors the status of the waiting queue, then admits or rejects the input workloads and assigns a reasonable security level for ready tasks. The lower-level scheduling framework can dynamically adjust the security level of ready tasks based on the runtime situation. Simulation results show the superiority of the proposed mechanism, especially the good adaptivity under dynamic system workloads.

Zhou Gu,Ju H. Park,Dong Yue,Zheng-Guang Wu,Xiangpeng Xie

DOI: https://doi.org/10.1109/tsmc.2019.2960115

2021-01-01

Abstract:This article studies the security of networked interconnected systems (NISs) subject to cyber-attacks based on a new event-triggered mechanism (ETM). NISs with spatially distributed subsystems are vulnerable to cyber-attacks. With a new concept of security control, attention is focused on designing a novel ETM together with a decentralized output feedback control (DOFC) scheme such that the NIS subject to cyber-attacks is stable in secure sense. Under the proposed ETM, the average data-releasing rate over the whole operating period can be extremely decreased, thereby reducing the burden of network bandwidth, computation, and battery-supply. Moreover, during the system with external disturbance or attack on the communication network, more transmission-events can be generated than other periods. As a result, the desired control performance can be achieved. By using stochastic analysis techniques and Lyapunov stability theory, sufficient conditions are derived to obtain both the controller gains and the parameters of the ETM. Numerical simulation of chemical reactor systems is given to illustrate the advantages and effectiveness of the proposed theories and design techniques.

F Xia,XH Dai,XD Wang,YX Sun

DOI: https://doi.org/10.1109/icess.2005.56

2005-01-01

Abstract:Power awareness has become a critical issue in real-time scheduling of embedded systems. In the context of control applications, the goal of high control performance and low energy consumption are at odds with each other. While dynamic voltage/frequency scaling (DVS) has proved to be promising in energy saving while preserving task schedulability, traditional DVS algorithms use either open loop or ad hoc solutions, and hence cannot perform well for dynamic systems where the workload varies significantly. By targeting these systems, a novel scheme, namely DVS-FS, which combines DVS and feedback scheduling, is suggested. The objective is to save CPU energy as much as possible, while still providing control performance guarantees, which largely depends on successful schedule of the control task set. DVS-FS exploits feedback control methodology, and facilitates tradeoffs between energy consumption and control performance through controlling the CPU utilization at a considerably high level. Simulation experiments demonstrate that DVS-FS can easily reduce significant energy consumption at the expense of only minor control performance degradation.

Wenhai Qi,Runkun Li,Guangdeng Zong,Huaicheng Yan,Zheng-Guang Wu,Jun Cheng

DOI: https://doi.org/10.1109/tase.2024.3441545

IF: 6.636

2024-01-01

IEEE Transactions on Automation Science and Engineering

Abstract:In this work, the asynchronous dynamic output feedback control is investigated for discrete nonlinear networked semi-Markov jump models with cyber attacks, in which asynchronous phenomenon refers to the mode mismatch between the controller and the system. For the potential uncertainty of system parameters, the interval type-2 fuzzy method is adopted to characterize nonlinear semi-Markov jump models. In light of actual state information unavailable in complex environment, the dynamic output feedback technique is proposed. The main novelty is to construct an appropriate dynamic output feedback control scheme, fully consider the asynchronous phenomenon of the controller mode, and introduce auxiliary variables to solve the matrix dimensional problem, so that the IT2 fuzzy network semi-Markov jump models under the influence of cyber attacks have better dynamic performance. According to stochastic theory, semi-Markov kernel, interval type-2 fuzzy method, and dwell-time-dependent Lyapunov function, sufficient criteria are established to ensure that the networked system is v-error mean-square stable under random denial-of-service attacks. Furthermore, numerically checkable conditions are formulated to solve the asynchronous dynamic output feedback controller gain. Finally, a two-degree-freedom quarter-car suspension model is given to explain the superiorities of the proposed design approach. Note to Practitioners-As one of the research hotspots, networked control systems show outstanding advantages of low maintenance cost, easy installation, and high flexibility. However, cyber attacks often occur in networked control systems, posing a great threat to signal transmission. With the development of modern science and technology, semi-Markov jump models, owing to their excellent engineering background in modeling complex system, have a wide range of application prospects in solar receiver control, power electronics, chemical processes, and network communication. Note that some factors in the practical dynamical systems, such as parameter uncertainty and dwell information, cannot be completely obtained, and actual controller mode has switching delay with the system mode. In this paper, the asynchronous output feedback control is studied for discrete nonlinear networked semi-Markov jump models with cyber attacks. On the basis of interval type-2 fuzzy and dwell-time-dependent Lyapunov function, the v-error mean-square stability is realized under random denial-of-service attacks. This research provides a new approach to study output feedback control strategies for discrete networked systems.

Wente Zeng,Mo-Yuen Chow,Peng Ning

DOI: https://doi.org/10.1109/isie.2012.6237375

2012-01-01

Abstract:Distributed Networked Control Systems (D-NCS), such as the electric power system, the transportation system, or almost any large-scale network, are vulnerable to cyber attacks. The compromised nodes in the D-NCS can affect it and cause the distributed control algorithms (e.g., consensus algorithm) to fail. This paper is concerned with the problem of designing a secure distributed control methodology that is capable of performing a secure consensus computation in a D-NCS in the presence of misbehaving nodes. We consider the case of formation control in a multi-robot system using the linear consensus algorithm, and we model the malicious attack as an exogenous input that compromises the behavior of a single robot in this multi-robot system. The proposed secure distributed control methodology includes four phases: (1) Detect the neighbors' misbehaviors relying only on each robot's local observations; (2) Adjust the consensus computation weights according to the neighbors' reputation values; (3) Identify and isolate the compromised robot; and (4) Update the reference state using the adjusted consensus computation weights to ensure the convergence of well-behaving robots. A Simulink-based testbed for multi-robot formation control is used to illustrate the effectiveness of the proposed method.

Zhengcai Li,Yang Shi,Shengyuan Xu,Huiling Xu,Lewei Dong

DOI: https://doi.org/10.1109/tac.2024.3371895

IF: 6.549

2024-01-01

IEEE Transactions on Automatic Control

Abstract:This article provides a secure distributed output feedback model predictive control (DOFMPC) solution for the leader-following consensus problems of homogeneous linear disturbed multiagent systems against multiple cyber attacks. The false data injection (FDI) attacks on the sensor-controller communication channel and denial-of-service (DoS) attacks on the controller-actuator communication channel occur simultaneously. To defend against dual-channel multiple attacks, we propose a secure DOFMPC scheme consisting of three modules. Firstly, a robust multivariate observer is built to separate FDI attacks from uncompromised states. Secondly, a distributed output feedback model predictive controller is designed to generate effective control sequences. Thirdly, a buffered actuator is added to realize adequate compensation to defend against DoS attacks. The proposed secure DOFMPC scheme ensures the recursive feasibility of the formulated optimization control problem and achieves the leader-following consensus of the multiagent system. Finally, an illustrative example is presented to demonstrate the secure performance of the proposed DOFMPC scheme.

automation & control systems,engineering, electrical & electronic

Junsung Kim,Praful Puranik,Ragunathan Rajkumar,Ragunathan (Raj) Rajkumar

DOI: https://doi.org/10.1145/2583687.2583695

2013-12-01

ACM SIGBED Review

Abstract:Advances in real-time, embedded and distributed systems along with control and communication theory have catalyzed the rapid emergence of cyber-physical systems such as a self-driving car. The importance of fault-tolerance support on a cyber-physical system (CPS) has been greatly emphasized by recent research due to the nature of CPS that senses its surroundings, processes sensor data, and reacts using its actuators. In order to tackle this challenge, we proposed SAFER (System-level Architecture for Failure Evasion in Real-time Applications) in our previous work. SAFER is able to tolerate fail-stop processor and/or task failures for distributed embedded real-time systems. One of its limitations, however, is that SAFER is not capable of tolerating a failure of a processor with a dedicated connection to an actuator. This paper provides a method that relaxes this limitation by (1) deploying a small piece of hardware to avoid a dedicated connection between a processor and an actuator, (2) adding a software module that monitors and controls the hardware, and (3) enhancing the failure detection and recovery mechanisms of SAFER to support these changes. The detailed implementation and evaluation of the SAFER extension is on-going work.

SHI Li-bao,ZHOU Hua-feng,Peter T. C. Tam,CHANG Nai-chao,LAN Zhou,NI Yi-xin,XU Zheng

DOI: https://doi.org/10.3969/j.issn.1004-731x.2007.23.012

2007-01-01

Abstract:Mainly focusing on the study of power system dynamics, a real time dynamic security assessment and early warning (RDSAEW) system for the purpose of keeping interconnected power systems operating in security region, monitoring dynamic security margin constantly and ensuring system operation reliability was proposed. The framework of RDSAEW system was designed in accordance with Client/Server and Browser/Server operating modes based on the TCP/IP protocol. And some advanced technologies involving Visual Studio.Net, SQL Server 2000, Shell Programming and parallel computing, etc, were widely used in the design and development of RDSAEW system. On one hand, the RDSAEW system could easily and conveniently integrate with existing Energy Management System (EMS) to implement the real time dynamic security assessment. On the other hand, the RDSAEW system could make intensive dynamic analysis related to the specified case study as an off-line simulation platform.

Yingnan Pan,H. Lam,Yanmin Wu

DOI: https://doi.org/10.1109/TFUZZ.2022.3148875

IF: 12.253

2022-10-01

IEEE Transactions on Fuzzy Systems

Abstract:This article studies the issue of resilient event-triggered (RET)-based security controller design for nonlinear networked control systems (NCSs) described by interval type-2 (IT2) fuzzy models subject to nonperiodic denial of service (DoS) attacks. Under the nonperiodic DoS attacks, the state error caused by the packets loss phenomenon is transformed into an uncertain variable in the designed event-triggered condition. Then, an RET strategy based on the uncertain event-triggered variable is firstly proposed for the nonlinear NCSs. The existing results that utilized the hybrid triggered scheme have the defect of complex control structure, and most of the security compensation methods for handling the impacts caused by DoS attacks need to transmit some compensation data when the DoS attacks disappear, which may lead to large performance loss of the systems. Different from these existing results, the proposed RET strategy can transmit the necessary packets to the controller under nonperiodic DoS attacks to reduce the performance loss of the systems and a new security controller subject to the RET scheme and mismatched membership functions is designed to simplify the network control structure under DoS attacks. Finally, some simulation results are utilized to testify the advantages of the presented approach.

Computer Science,Engineering

Yuqiang Jiang,Ben Niu,Guangdeng Zong,Xudong Zhao,Ping Zhao

DOI: https://doi.org/10.1109/tase.2023.3277488

IF: 6.636

2023-01-01

IEEE Transactions on Automation Science and Engineering

Abstract:A distributed adaptive secure control algorithm is proposed for asynchronous switching nonlinear multi-agent systems (MASs) in pure-feedback form while considering the sensor attacks and actuator faults, which eliminates the effect of attack signals, actuator faults and uncertainties without knowing the sign of the control gain functions. Since the system states measured by the sensors are corrupted by the malicious attacker, only the post-attack system states can be obtained. Thus, an improved coordinate transformation is constructed by using the post-attack system states and a backstepping method based on the improved coordinate transformation is developed to solve the consensus tracking control problem of the researched systems under sensor attacks. The common Lyapunov function is designed to ensure the stability of all asynchronous switching subsystems of each agent. In the end, a simulation example is presented to illustrate the theoretical results’ validity. Note to Practitioners—This paper deal with the distributed adaptive secure consensus tracking control problem for asynchronous switching nonlinear MASs, whose models can describe many phenomena in nature such as biological processes, robot team formation and sensor networks. It is extremely challenging to achieve the tracking control problem of the researched asynchronous switching nonlinear system in an unsafe network environment, where the unknown sensor attacks signals, actuator faults coefficients, and randomly switched non-affine nonlinearities exist together for the followers. Furthermore, the control design and stability analysis of the researched system is based on the common Lyapunov approach, which makes the developed approach more engineering oriented.

automation & control systems

Wente Zeng,Mo-Yuen Chow

DOI: https://doi.org/10.1109/tie.2014.2311405

IF: 7.7

2014-01-01

IEEE Transactions on Industrial Electronics

Abstract:Distributed networked control systems (D-NCSs) are more vulnerable to malicious attacks with the adoption of distributed control strategies. The misbehaving agents in the D-NCS can disrupt the distributed control algorithms and gradually compromise the entire system. In this paper, a multirobot system using the linear consensus algorithm for formation control is studied where parts of the robots are compromised. A reputation-based secure distributed control methodology with built-in defense is proposed to achieve accurate consensus computation in the presence of misbehaving robots. It embeds four phases (i.e., detection, mitigation, identification, and update) into the distributed control process. The effectiveness of the proposed method is illustrated through simulation analysis and experimental results.

Fardin Abdi,Chien-Ying Chen,Monowar Hasan,Songran Liu,Sibin Mohan,Marco Caccamo

DOI: https://doi.org/10.48550/arXiv.1705.01520

2017-05-04

Abstract:Many physical plants that are controlled by embedded systems have safety requirements that need to be respected at all times - any deviations from expected behavior can result in damage to the system (often to the physical plant), the environment or even endanger human life. In recent times, malicious attacks against such systems have increased - many with the intent to cause physical damage. In this paper, we aim to decouple the safety of the plant from security of the embedded system by taking advantage of the inherent inertia in such systems. In this paper we present a system-wide restart-based framework that combines hardware and software components to (a) maintain the system within the safety region and (b) thwart potential attackers from destabilizing the system. We demonstrate the feasibility of our approach using two realistic systems - an actual 3 degree of freedom (3-DoF) helicopter and a simulated warehouse temperature control unit. Our proof-of-concept implementation is tested against multiple emulated attacks on the control units of these systems.

Cryptography and Security

Xiangnan Xu,Zhiwen Wang,Hong-Tao Sun,Jing Shi

DOI: https://doi.org/10.1177/01423312241233316

IF: 2.146

2024-03-26

Transactions of the Institute of Measurement and Control

Abstract:Transactions of the Institute of Measurement and Control, Ahead of Print. This paper addresses the problem of adaptive security control for cyber–physical systems (CPSs) under external nonlinear disturbances and false data injection (FDI) attacks on actuators. To address FDI attacks, a full-order disturbance estimator is proposed for eliminating disturbances in the forward channel. Furthermore, an attack model based on the system state vector is developed to estimate the attack vector by considering potential attacks that can induce state errors between the reference model and the actual system. Subsequently, a novel model-based adaptive security control (MASC) strategy is devised using attack compensation and state feedback. The key advantage of our proposed strategy lies in its ability to effectively mitigate the adverse effects of attacks while accounting for nonlinear disturbances. Finally, experimental validation conducted on a brushless DC motor speed control system demonstrates the capability of achieving high output tracking accuracy.

automation & control systems,instruments & instrumentation

Xin Wang,Ju H Park,Heng Liu,Xian Zhang

DOI: https://doi.org/10.1109/TCYB.2020.3034374

Abstract:This article studies a cooperative output-feedback secure control problem for distributed cyber-physical systems over an unreliable communication interaction, which is to achieve coordination tracking in the presence of intermittent denial-of-service (DoS) attacks. Under the switching communication network environment, first, a distributed secure control method for each subsystem is proposed via neighborhood information, which includes the local state estimator and cooperative resilient controller. Second, based on the topology-dependent Lyapunov function approach, the design conditions of secure control protocol are derived such that cooperative tracking errors are uniformly ultimately bounded. Interestingly, by exploiting the topology-allocation-dependent average dwell-time (TADADT) technique, the stability analysis of closed-loop error dynamics is presented, and the proposed coordination design conditions can relax time constraints on interaction topology switching. Finally, two numerical examples are presented to demonstrate the effectiveness of the theoretical results.

Jun Zhang,Shaocheng Tong,Xiaodong Liu

DOI: https://doi.org/10.1016/j.ins.2024.121490

IF: 8.1

2024-09-26

Information Sciences

Abstract:The multi-agent systems (MASs) exchange the communication information by the wireless sensor network and communication network, which are vulnerable to denial-of-service (DoS) attacks. Since the DoS attacks can interrupt the sensor channels and communication channels, and result in the instability of MASs, to study the distributed adaptive fuzzy secure consensus control (SCC) problem for nonlinear MASs under DoS attacks is momentous. This article investigates the distributed adaptive fuzzy SCC issue for nonlinear MASs with DoS attacks for sensor channels and communication channels. Because the sensor channels and communication channels are interrupted by DoS attacks, the system states, the leader and its high-order derivatives are unavailable, a switching-type fuzzy state observer and distributed observer are first established to estimate them. Based on the proposed switching-type fuzzy state observer and distributed observer, a distributed adaptive SCC approach is proposed by backstepping control design theory and fuzzy logic systems (FLSs). It is proved that the errors of the designed observers converge to zero's a small neighborhood and the controlled nonlinear MASs are stable. Moreover, each follower is able to track the leader. Finally, we apply the proposed control approach to multiple unmanned surface vehicles (USVs), the simulation results verify its effectiveness.

computer science, information systems

Rong Zeng,Yong Li,Sijia Hu,Jiayan Liu,Huidi Wu,Jie Chen,Yong Xu,Xusheng Yang,Yijia Cao

DOI: https://doi.org/10.1109/TSG.2024.3439751

IF: 10.275

2024-01-01

IEEE Transactions on Smart Grid

Abstract:Distributed feeder automation system (DFAs), as a promising protection technology for power distribution system (PDS) with distributed generation, its vulnerability to cyberattacks and hybrid attacks (contains both physical and cyberattacks) is gradually recognized and haunts utilities, creating potential risks for its large-scale applications. This paper proposes a novel bilevel resilient control solution (BRCS) deployed to DFAs without hardware burden. Two key modules are developed: 1) Lightweight distributed cyberattack detection module (DCDM), deployed into agents of DFAs, based on unsupervised learning to realize the quick detection and reporting of cyberattacks; 2) Robust centralized fault section localization module (CFSLM), installed in DFAs’ host workstation located in control center, achieving the correctly fault section localization and the high dimensionally awareness of attack events in cyberattack and hybrid attack scenarios. By adopting BRCS, outages and load losses caused by cyberattacks can be 100% avoided, and faults caused by physical attacks can be correctly isolated at once. Finally, the effectiveness and performance of the proposal are verified and conducted by the real two-feeder test platform with DFAs. In this process, a digital high-dimensional awareness and control unit is created against cyber and hybrid attacks, contributing to the system-level application of risk management and resilient control.