Peili Ding,Yinan Wang,Gangfeng Yan,Wei Li

DOI: https://doi.org/10.1109/cac.2017.8243929

2017-01-01

Abstract:Recent years, the issue of cyber security has become ever more prevalent in the analysis and design of electrical cyber-physical systems (ECPSs). In this paper, we present the TrueTime Network Library for modeling the framework of ECPSs and focuses on the vulnerability analysis of ECPSs under DoS attacks. Model predictive control algorithm is used to control the ECPS under disturbance or attacks. The performance of decentralized and distributed control strategies are compared on the simulation platform. It has been proved that DoS attacks happen at dada collecting sensors or control instructions actuators will influence the system differently.

Meng-zhou Gao,Dong-qin Feng

DOI: https://doi.org/10.1631/fitee.1700334

IF: 2.526

2018-01-01

Frontiers of Information Technology & Electronic Engineering

Abstract:Security issues in networked control systems (NCSs) have received increasing attention in recent years. However, security protection often requires extra energy consumption, computational overhead, and time delays, which could adversely affect the real-time and energy-limited system. In this paper, random cryptographic protection is implemented. It is less expensive with respect to computational overhead, time, and energy consumption, compared with persistent cryptographic protection. Under the consideration of weak attackers who have little system knowledge, ungenerous attacking capability and the desire for stealthiness and random zero-measurement attacks are introduced as the malicious modification of measurements into zero signals. NCS is modeled as a stochastic system with two correlated Bernoulli distributed stochastic variables for implementation of random cryptographic protection and occurrence of random zero-measurement attacks; the stochastic stability can be analyzed using a linear matrix inequality (LMI) approach. The proposed stochastic stability analysis can help determine the proper probability of running random cryptographic protection against random zero-measurement attacks with a certain probability. Finally, a simulation example is presented based on a vertical take-off and landing (VTOL) system. The results show the effectiveness, robustness, and application of the proposed method, and are helpful in choosing the proper protection mechanism taking into account the time delay and in determining the system sampling period to increase the resistance against such attacks.

Genghong Lu,Dongqin Feng

DOI: https://doi.org/10.23919/icif.2018.8455208

2018-01-01

Abstract:Due to the wide implementation of communication networks, industrial control systems are vulnerable to malicious attacks, which could cause potentially devastating results. Adversaries launch integrity attacks by injecting false data into systems to create fake events or cover up the plan of damaging the systems. In addition, the complexity and nonlinearity of control systems make it more difficult to detect attacks and defense it. Therefore, a novel security situation awareness framework based on particle filtering, which has good ability in estimating state for nonlinear systems, is proposed to provide an accuracy understanding of system situation. First, a system state estimation based on particle filtering is presented to estimate nodes state. Then, a voting scheme is introduced into hazard situation detection to identify the malicious nodes and a local estimator is constructed to estimate the actual system state by removing the identified malicious nodes. Finally, based on the estimated actual state, the actual measurements of the compromised nodes are predicted by using the situation prediction algorithm. At the end of this paper, a simulation of a continuous stirred tank is conducted to verify the efficiency of the proposed framework and algorithms.

Wei Dong,Xiaojin Liu

DOI: https://doi.org/10.1109/tii.2015.2495147

IF: 12.3

2015-01-01

IEEE Transactions on Industrial Informatics

Abstract:Time synchronization is crucial for cyber-physical systems (CPSs), e.g., wireless sensor and actuator networks. Cyber physical security is an important yet challenging problem. In particular, attacks to the time synchronization service may incur data distortion or even malfunction of the whole system. Sybil attack is one of the most common attack types for sensor networks, where a node illegitimately claims multiple identities. Existing secure time-synchronization protocols; however, cannot well address Sybil attacks in the time synchronization process. We propose a robust and secure time-synchronization protocol (RTSP) to defend against Sybil attacks. Different from previous secure timesync protocols, RTSP employs a novel graph theoretical approach, which is able to perform anomaly detection at the message level instead of the node level. This fine-grained detection ability enables RTSP to become robust against Sybil attacks, as well as node compromise and message manipulation attacks. Extensive experimental results show the effectiveness of our proposed protocol.

芦帅,张建明,王树青

DOI: https://doi.org/10.3969/j.issn.1002-0411.2004.05.013

2004-01-01

Abstract:This paper presents the status of research on network time delay, system modeling, control system design and analysis techniques in the network-based real-time control system(NRTCS), specifies their advantages and disadvantages, and discusses the future development of NRTCS research works.

Mengzhou Gao,Dongqin Feng

DOI: https://doi.org/10.1016/j.jfranklin.2018.08.033

IF: 4.246

2019-01-01

Journal of the Franklin Institute

Abstract:This paper investigates the problem of secure control for networked control systems (NCSs) under randomly occurring zero-value attacks (ROZVAs). Specifically, ROZVAs only offset the true signal without injecting obfuscated information or noises, and possess the minimum energy of the added malicious information. To protect system stability against ROZVA, randomly occurring integrity check protection (ROICP) is introduced which prevents malicious data injection with less energy cost than persistently occurring protection. Besides the random phenomena of ROZVA and ROICP, which are characterized by two mutually independent random variables obeying the Bernoulli distribution, the randomly occurring time delays caused by ROICP are also considered in system modelling. According to the built stochastic linear system model, security analysis of the NCS with ROICP subject to ROZVA is carried out and sufficient condition for stochastic stability is derived via a linear matrix inequality (LMI) approach. Based on the proposed condition, a compensation feedback controller is designed to facilitate system stability. Finally, simulation results show the effectiveness of the proposed method.

Zhong-Hua Pang,Lan-Zhi Fan,Haibin Guo,Yuntao Shi,Runqi Chai,Jian Sun,Guo-Ping Liu

DOI: https://doi.org/10.1080/00207721.2022.2143735

2022-11-14

Abstract:A networked control system (NCS), which integrates various physical components by utilising communication networks, is a complex intelligent control system with high flexibility and reliability. It has been widely applied in various areas, such as power grids, intelligent transportation, and smart manufacturing. However, compared with traditional control systems, NCSs expose more extra vulnerabilities with the openness of communication networks, leading to long-term concerns for the security of NCSs against cyber attacks. This paper gives a survey in detail on recent developments on the security of NCSs subject to deception attacks from the two domains of information technology (IT) and system control, respectively. First, several security incidents reported in recent years are reviewed and a couple of prevailing cyber attacks are analysed. Besides, the results on IT security with respect to the protection-detection-reaction model are summarised. Then, from the domain of system control, the security issues on attack design, attack detection, secure state estimation and resilient control are surveyed in depth. Furthermore, several novel security topics from the combination of IT and system control are also discussed. Finally, several future research directions are presented on this topic.

Zhong-Hua Pang,Guo-Ping Liu,Donghua Zhou,Dehui Sun

DOI: https://doi.org/10.1007/978-981-13-0520-7_9

2019-01-01

Abstract:In this chapter, a secure networked control scheme is presented based on the data secure transmission scheme designed in Chap. 8, which can deal with deception attacks and packet disorders in the feedback and forward channels. The attacked packets and the out-of-order packets are detected and then discarded. To show the effectiveness of the proposed scheme, practical experiments are performed on an Internet-based DC motor system (an open-loop stable plant) and an inverted pendulum system (an open-loop unstable plant) based on a wireless metropolitan area network, respectively.

Rachana A Gupta,Avesh Kumar Agarwal,Mo-Yuen Chow,Wenye Wang

DOI: https://doi.org/10.1109/MILCOM.2007.4455044

2007-01-01

Abstract:Distributed network-control-systems (D-NCS) are a network structure and components that are capable of integrating sensors, actuators, communication, and control algorithms to suit real-time applications. They have been gaining popularity due to their high potential in widespread applications and becoming realizable due to the rapid advancements in embedded systems, wireless communication and data transfer technologies. This paper addresses the issue of D-NCS information security as well its time-sensitive performance with respect to network security schemes. We use a wireless network based, robot navigation path tracking system called Intelligent Space (iSpace) as a D-NCS test bed in this paper. The paper classifies the delay data from every NCS module (sensors, actuators and controllers). We define performance parameters for this NCS test bed. Various system factors including network delay, system gain, affecting these performance parameters are recognized. Network security algorithms DES and 3DES are integrated with the application to secure the sensitive information flow. Standard statistical approach such as 2k factorial experiment design, analysis of variance, hypothesis testing is used to study and estimate the effect of each factor on the system performance especially security features. Thorough experimental results, tables of detailed characterization and effect estimate analysis is presented followed by the discussion on the performance comparison of NCS with and without wireless security.

Zhou Gu,Ju H. Park,Dong Yue,Zheng-Guang Wu,Xiangpeng Xie

DOI: https://doi.org/10.1109/tsmc.2019.2960115

2021-01-01

Abstract:This article studies the security of networked interconnected systems (NISs) subject to cyber-attacks based on a new event-triggered mechanism (ETM). NISs with spatially distributed subsystems are vulnerable to cyber-attacks. With a new concept of security control, attention is focused on designing a novel ETM together with a decentralized output feedback control (DOFC) scheme such that the NIS subject to cyber-attacks is stable in secure sense. Under the proposed ETM, the average data-releasing rate over the whole operating period can be extremely decreased, thereby reducing the burden of network bandwidth, computation, and battery-supply. Moreover, during the system with external disturbance or attack on the communication network, more transmission-events can be generated than other periods. As a result, the desired control performance can be achieved. By using stochastic analysis techniques and Lyapunov stability theory, sufficient conditions are derived to obtain both the controller gains and the parameters of the ETM. Numerical simulation of chemical reactor systems is given to illustrate the advantages and effectiveness of the proposed theories and design techniques.

Pang Zhonghua,Liu Guoping,Zhou Donghua

2012-01-01

Abstract:This paper addresses the security issues of data transmitted in the backward channel of networked control systems (NCSs) under deception attacks, especially confidentiality and integrity. As a kind of typical active attacks, deception attacks can severely degrade the system performance or even destabilize the system. To detect the deception attacks on the backward channel of NCSs, a detection scheme is presented in this paper, which mainly integrates the Data Encryption Standard (DES) algorithm and strong tracking filter (STF). A numerical example is employed to illustrate the effectiveness of the proposed method.

Shang, Sitong,Zhang, Linchuang,Pan, Yingnan

DOI: https://doi.org/10.1007/s40815-024-01810-3

IF: 4.085

2024-09-20

International Journal of Fuzzy Systems

Abstract:This paper studies the finite-time security control problem based on a dynamic adaptive event-triggered mechanism (DAETM) for interval type-2 fuzzy networked control systems (NCSs) under deception attacks. Firstly, a DAETM is proposed to conserve network resources of NCSs. In contrast to existing DAETMs, the threshold of the proposed DAETM is determined founded on the average of the triggering error. This approach provides greater adaptability and flexibility in maintaining system control performance and conserving network communication bandwidth burden. Then, the closed-loop system is finite-time bounded and fulfills the desired performance through constructing an appropriate Lyapunov function. Furthermore, the sufficient conditions for the existence of the finite-time fuzzy controller are proved. Finally, a simulation example is provided to demonstrate the effectiveness of the proposed design approach.

computer science, information systems,automation & control systems, artificial intelligence

Biao Xiang,Xia Liu,Yong Chen

DOI: https://doi.org/10.1007/s12555-021-0265-z

2022-04-01

Abstract:This paper addresses the issues of time delay and deception attacks in networked control systems. An event-based secure networked predictive control system (ESNPCS) architecture is proposed. The ESNPCS integrates a secure transmission protocol and an event-based networked predictive control. The secure transmission protocol guarantees the integrity, confidentiality and authenticity of transmitted data in networked control systems. The networked predictive control compensates time delay based on the control signal prediction sequence derived from the previous states, control inputs and outputs. The event-based control method alleviates the adverse influence of network congestion through the event trigger conditions. A theoretical result using the Lyapunov theory is obtained for the stability of the ESNPCS. Practical experiments are implemented to demonstrate the effectiveness of the proposed ESNPCS.

Jie Cao,Da Ding,Jinliang Liu,Engang Tian,Songlin Hu,Xiangpeng Xie

DOI: https://doi.org/10.1016/j.ins.2020.09.046

IF: 8.1

2021-02-01

Information Sciences

Abstract:<p>This paper addresses the hybrid-triggered security control design for the networked control system (NCS) under multiple cyber attacks. A hybrid-triggered scheme (HTS) is introduced to mitigate the burden of the network transmission. Besides, a new model of multiple cyber attacks is built by simultaneously considering deception attacks and DoS attacks. In addition, A novel NCS model based on multiple cyber attacks is established with the hybrid-triggered scheme. Then, based on Lyapunov stability theory, criteria for guaranteeing the closed-loop system stability and achieving hybrid-triggered security controller design are derived. Finally, an illustrative example is given to validate the usefulness of the theoretical results.</p>

computer science, information systems

Ning Zhao,Peng Shi,Wen Xing

DOI: https://doi.org/10.1002/rnc.5384

IF: 3.8973

2021-01-05

International Journal of Robust and Nonlinear Control

Abstract:<p>This article studies the problems of exponential stabilization and ‐gain performance for networked control systems (NCSs) with transmission delays and periodic denial‐of‐service (DoS) attacks by exploring a resilient event‐triggered communication mechanism. First, a new resilient event‐triggered mechanism is developed to eliminate the adverse effects of network congestion caused by DoS attacks and decrease redundant communication so as to ensure efficient utilization of the limited network resources. The threshold parameter in the predefined event‐triggered condition can be adjusted according to the dynamic characteristics of the system. Then, an event‐driven control protocol is proposed, and a new switched NCS model is constructed. Sufficient conditions are then presented to ensure the exponential stability and ‐gain performance of the resulting closed‐loop system. Moreover, a co‐design scheme of the parameters in the event‐triggered condition and the controller gain is provided. Finally, the effectiveness and advantages of the new design techniques are verified through a comparative study for a robot manipulator control system.</p>

automation & control systems,engineering, electrical & electronic,mathematics, applied

Wente Zeng,Moyuen Chow

DOI: https://doi.org/10.1109/ISIE.2011.5984466

2011-01-01

Abstract:Networked Control Systems (NCS) is a fast growing technology that integrates distributed sensors, actuators, and computing processors over a communication network for a vast amount of applications. However, the NCS can be vulnerable to various network attacks when the network used is insecure (e.g., Internet). Thus, secure NCS need to have embedded security mechanism to ensure its security operating requirements, which may sacrifice its performance due to limited system resources. This paper addresses the trade-off between NCS security and its real-time performance and use a secured networked DC motor system for illustration. This paper will present a trade-off model for system dynamic performance and system security. This model can be used to adapt security configurations to provide sufficient protection and satisfy real-time dynamic performance requirements of the NCS simultaneously. The construction of this model includes the development of a set of metrics to quantitatively measure the performance and security levels of NCS and the development of a trade-off objective function incorporating performance and security. A Simulink based test-bed implemented to control the speed of the DC motor is used to illustrate the effectiveness of this model.

Rachana A Gupta,Mo-Yuen Chow,Avesh Kumar Agarwal,Wenye Wang

DOI: https://doi.org/10.1109/IECON.2007.4460391

2007-01-01

Abstract:Abstract- Distributed network-control-systems (D-NCS) are a multidisciplinary effort whose,aim is to produce a network structure and,components,that are capable of integrating sensors, actuators, communication, and control algorithms in a manner,to suit real-time applications. They have been gaining popularity due ,to their ,high ,potential in widespread applications and becoming more,realizable due to the rapid advancements,in wireless communication,and data transfer technologies. This paper ,addresses the issue of D-NCS information security as well its real-time performance with respect to network security protocols and encryption schemes. We use a wireless network based, robot navigation path tracking system called Intelligent Space (iSpace) as a D-NCS test bed in this paper. The paper classifies the data from every NCS module (sensors, actuators and controllers) according to bandwidth requirement, time and information sensitivity. We define performance parameters for this NCS test bed. Various system factors affecting these performance,parameters are recognized. Network security algorithms DES and 3DES are integrated with ,the ,application to secure ,the ,sensitive information,flow. These wireless security features are considered as an added factor to the NCS. Standard statistical approach (2, factorial experiment design) is used to study and estimate the effect of each factor on the system performance especially security additions. Thorough experimental results, tables of detailed characterization and,effect estimate analysis is presented followed by the discussion on the performance comparison of NCS with and without wireless security. Index terms – Distributed networked-control-system, iSpace,

Zhangwei Yu,Yan Liu,Guoqi Xie,Renfa Li,Siming Liu,Laurence T. Yang

DOI: https://doi.org/10.1109/tii.2022.3202539

IF: 12.3

2022-12-17

IEEE Transactions on Industrial Informatics

Abstract:Intelligent connected vehicle is rapidly growing with the 5-G technology; the diversity of functional interfaces has significantly expanded the avenues of attack, making automotive controller area network (CAN) more vulnerable to cyberthreats. Automotive CAN network attacks are a direct threat to traffic safety, and in this study, we explore the use of intrusion detection techniques for mitigating cyberattacks. However, most automotive CAN network intrusion detection technologies are not capable of defending against sophisticated attacks, making it extremely challenging for detecting intrusions in practice. In this article, we propose a novel time interval conditional entropy method for detecting intrusions in automotive CAN networks. The time interval conditional entropy intrusion detection method is not susceptible to interference and is capable of detecting a variety of attacks. In our experiments, the conditional entropy values of regular communication messages are collected and utilized to distinguish and detect the attacks. The time interval conditional entropy detection method is implemented and evaluated in our controller area net-work bus (CAN-BUS) network platform. The experiments show that our method has higher detection accuracy and is easier to deploy compared to existing automotive CAN network intrusion detection methods.

automation & control systems,computer science, interdisciplinary applications,engineering, industrial

Zhong-Hua Pang,Guo-Ping Liu,Donghua Zhou,Dehui Sun

2019-01-01

Abstract:In this chapter, from the perspectives of both information security and real-time control, a secure networked predictive control method is proposed by combining the data secure transmission scheme in Chap. 8 and the incremental networked predictive control scheme in Chap. 4. It can actively compensate for random RTT delays introduced by network communication constraints and additional RTT delays resulted from deception attacks simultaneously. Simulation and experimental results are presented to validate the proposed method.

Yeping Shen,Wen-an Zhang,Hongjie Ni,Dan Zhang,Li Yu

DOI: https://doi.org/10.1007/s12555-018-0324-2

2019-02-22

Abstract:This paper is concerned with the guaranteed cost control for a class of networked control systems (NCSs) with denial-of-service (DoS) attack and time-varying communication delay. First, an uncertain switched system model is proposed that is capable of capturing the DoS attack and the short time-varying delay simultaneously. To achieve the exponential stability with a guaranteed cost performance level, a sufficient condition is derived in terms of matrix inequalities. In our work, the proposed design condition establishes several quantitative relations between system performance and attack parameters. Moreover, the critical value of strong attack frequency is also obtained. Finally, a practical example is given to show the effectiveness of our results.