Haicheng Tu,Yongxiang Xia,Xi Zhang,Hui-liang Shen

DOI: https://doi.org/10.1063/5.0043601

2021-01-01

Chaos An Interdisciplinary Journal of Nonlinear Science

Abstract:With the rapid development of information technology, traditional infrastructure networks have evolved into cyber physical systems (CPSs). However, this evolution has brought along with it cyber failures, in addition to physical failures, which can affect the safe and stable operation of the whole system. In light of this, in this paper, we propose an interdependence-constrained optimization model to improve the robustness of the cyber physical system. The proposed model includes not only the realistic physical law but also the interdependence between the physical network and the cyber network. However, this model is highly nonlinear and cannot be solved directly. Therefore, we transform the model into a bi-level mixed integer linear programming problem, which can be easily and effectively solved in polynomial time. We conduct the simulation based on standard Institute of Electrical and Electronics Engineers test cases and study the impact of the disaster level and coupling strength on the robustness of the whole system. The simulation results show that our proposed model can effectively improve the robustness of the cyber physical system. Moreover, we compare the performance of the power supply in different CPSs, which have different network structures of the cyber network. Our work can provide useful instructions for system operators to improve the robustness of CPSs after extreme events happen in them.

Lin Zhang,Kaustubh Sridhar,Mengyu Liu,Pengyuan Lu,Xin Chen,Fanxin Kong,Oleg Sokolsky,Insup Lee

DOI: https://doi.org/10.1109/RTAS58335.2023.00024

2023-01-01

Abstract:Cyber-physical systems (CPSs) leverage computations to operate physical objects in real-world environments, and increasingly more CPS-based applications have been designed for life-critical applications. Therefore, any vulnerability in such a system can lead to severe consequences if exploited by adversaries. In this paper, we present a data predictive recovery system to safeguard the CPS from sensor attacks, assuming that we can identify compromised sensors from data. Our recovery system guarantees that the CPS will never encounter unsafe states and will smoothly recover to a target set within a conservative deadline. It also guarantees that the CPS will remain within the target set for a specified period. Major highlights of our paper include (i) the recovery procedure works on nonlinear systems, (ii) the method leverages uncorrupted sensors to relieve uncertainty accumulation, and (iii) an extensive set of experiments on various nonlinear benchmarks that demonstrate our framework's performance and efficiency.

Dong-Hoon Shin,Shibo He,Junshan Zhang

DOI: https://doi.org/10.1109/tnet.2015.2403862

2016-01-01

IEEE/ACM Transactions on Networking

Abstract:Cyber-Physical Systems (CPS) are emerging as the underpinning technology for major industries in this century. Wide-area monitoring and control is an essential ingredient of CPS to ensure reliability and security. Traditionally, a hierarchical system has been used to monitor and control remote devices deployed in a large geographical region. However, a general consensus is that such a hierarchical system can be highly vulnerable to component (i.e., nodes and links) failures, calling for a robust and cost-effective communication system for CPS. To this end, we consider a middleware approach to leverage the existing commercial communication infrastructure (e.g., Internet and cellular networks) with abundant connectivity. In this approach, a natural question is how to use the middleware to cohesively "glue" the physical system and the commercial communication infrastructure together, in order to enhance robustness and cost-effectiveness. We tackle this problem while taking into consideration two different cases of middleware deployment: single-stage and multi-stage deployments. We design offline and online algorithms for these two cases, respectively. We show that the offline algorithm achieves the best possible approximation ratio while the online algorithm attains the order-optimal competitive ratio. We also demonstrate the performance of our proposed algorithms through simulations.

Somali Chaterji,Parinaz Naghizadeh,Muhammad Ashraful Alam,Saurabh Bagchi,Mung Chiang,David Corman,Brian Henz,Suman Jana,Na Li,Shaoshuai Mou,Meeko Oishi,Chunyi Peng,Tiark Rompf,Ashutosh Sabharwal,Shreyas Sundaram,James Weimer,Jennifer Weller

DOI: https://doi.org/10.48550/arXiv.2001.00090

2019-12-20

Abstract:Cyberphysical systems (CPS) are ubiquitous in our personal and professional lives, and they promise to dramatically improve micro-communities (e.g., urban farms, hospitals), macro-communities (e.g., cities and metropolises), urban structures (e.g., smart homes and cars), and living structures (e.g., human bodies, synthetic genomes). The question that we address in this article pertains to designing these CPS systems to be resilient-from-the-ground-up, and through progressive learning, resilient-by-reaction. An optimally designed system is resilient to both unique attacks and recurrent attacks, the latter with a lower overhead. Overall, the notion of resilience can be thought of in the light of three main sources of lack of resilience, as follows: exogenous factors, such as natural variations and attack scenarios; mismatch between engineered designs and exogenous factors ranging from DDoS (distributed denial-of-service) attacks or other cybersecurity nightmares, so called "black swan" events, disabling critical services of the municipal electrical grids and other connected infrastructures, data breaches, and network failures; and the fragility of engineered designs themselves encompassing bugs, human-computer interactions (HCI), and the overall complexity of real-world systems. In the paper, our focus is on design and deployment innovations that are broadly applicable across a range of CPS application areas.

Computers and Society,Distributed, Parallel, and Cluster Computing,Systems and Control

Lingjuan Chen,Bin Wang

DOI: https://doi.org/10.1016/j.epsr.2024.110397

IF: 3.818

2024-04-28

Electric Power Systems Research

Abstract:Improving the resilience of Cyber-Physical Systems (CPS) against extreme events is vital. Current research, overly focused on power system restoration, often misses the complex interplay between the physical and cyber aspects of these systems, leading to potential vulnerabilities. This paper first proposes a framework for CPS considering interdependence. The framework accounts for cyber-physical collaborative recovery and the connectivity between cyber nodes and control center in the cyber system. The model is built considering factors such as repair crew, repair time, and network reconstruction, aimed at rapidly restoring the structural and functional resilience of CPS in the shortest possible time. Next, it integrates complex network theory to propose different repair strategies based on structural and functional indicators. Finally, the repair efficiency of the proposed strategies is comprehensively evaluated using structural and functional metrics. Simulation results show that the repair efficiency of CPS is superior to traditional power grids, and moderate reduction in the repair time of cyber nodes and a decrease in network size both contribute to enhancing repair efficiency.

engineering, electrical & electronic

Lin Zhang,Xin Chen,Fanxin Kong,Alvaro A. Cardenas

DOI: https://doi.org/10.1109/rtss49844.2020.00028

2021-01-01

ACM Transactions on Embedded Computing Systems

Abstract:The increasing autonomy and connectivity in cyber-physical systems (CPS) come with new security vulnerabilities that are easily exploitable by malicious attackers to spoof a system to perform dangerous actions. While the vast majority of existing works focus on attack prevention and detection, the key question is "what to do after detecting an attack?". This problem attracts fairly rare attention though its significance is emphasized by the need to mitigate or even eliminate attack impacts on a system. In this article, we study this attack response problem and propose novel real-time recovery for securing CPS. First, this work's core component is a recovery control calculator using a Linear-Quadratic Regulator (LQR) with timing and safety constraints. This component can smoothly steer back a physical system under control to a target state set before a safe deadline and maintain the system state in the set once it is driven to it. We further propose an Alternating Direction Method of Multipliers (ADMM) based algorithm that can fast solve the LQR-based recovery problem. Second, supporting components for the attack recovery computation include a checkpointer, a state reconstructor, and a deadline estimator. To realize these components respectively, we propose (i) a sliding-windowbased checkpointing protocol that governs sufficient trustworthy data, (ii) a state reconstruction approach that uses the checkpointed data to estimate the current system state, and (iii) a reachability-based approach to conservatively estimate a safe deadline. Finally, we implement our approach and demonstrate its effectiveness in dealing with totally 15 experimental scenarios which are designed based on 5 CPS simulators and 3 types of sensor attacks.

Pengyuan Lu,Lin Zhang,Mengyu Liu,Kaustubh Sridhar,Fanxin Kong,Oleg Sokolsky,Insup Lee

DOI: https://doi.org/10.1145/3653974

2024-04-06

Abstract:Cyber-physical systems (CPS) have experienced rapid growth in recent decades. However, like any other computer-based systems, malicious attacks evolve mutually, driving CPS to undesirable physical states and potentially causing catastrophes. Although the current state-of-the-art is well aware of this issue, the majority of researchers have not focused on CPS recovery, the procedure we defined as restoring a CPS's physical state back to a target condition under adversarial attacks. To call for attention on CPS recovery and identify existing efforts, we have surveyed a total of 30 relevant papers. We identify a major partition of the proposed recovery strategies: shallow recovery vs. deep recovery, where the former does not use a dedicated recovery controller while the latter does. Additionally, we surveyed exploratory research on topics that facilitate recovery. From these publications, we discuss the current state-of-the-art of CPS recovery, with respect to applications, attack type, attack surfaces and system dynamics. Then, we identify untouched sub-domains in this field and suggest possible future directions for researchers.

Systems and Control

Heping Jia,Yi Ding,Rui Peng

DOI: https://doi.org/10.1109/icsrs.2018.8688837

2018-01-01

Abstract:With the deep integration of cyber physical systems, data storage systems might suffer from both physical failures and cyber attacks which significantly impact the systems' reliability. The data can be partitioned into several data parts to enhance data security and multiple replications can be created for each data part in the storage systems. In this paper, both the failures of data storage devices and cyber attacks including data theft and data corruption are considered in the proposed system model. Moreover, the multi-valued decision diagram (MDD) technique is developed for considering chronological characteristics of sequential events to achieve the quantitative reliability assessment. A numerical example is provided to validate the proposed model and method.

Peng Zhou,Decheng Zuo,Kun Mean Hou,Zhan Zhang,Jian Dong,Jianjin Li,Haiying Zhou

DOI: https://doi.org/10.3390/s19051033

IF: 3.9

2019-01-01

Sensors

Abstract:Cyber Physical Systems (CPS) has been a popular research area in the last decade. The dependability of CPS is still a critical issue, and few surveys have been published in this domain. CPS is a dynamic complex system, which involves various multidisciplinary technologies. To avoid human errors and to simplify management, self-management CPS (SCPS) is a wise choice. To achieve dependable self-management, systematic solutions are necessary to verify the design and to guarantee the safety of self-adaptation decisions, as well as to maintain the health of SCPS. This survey first recalls the concepts of dependability, and proposes a generic environment-in-loop processing flow of self-management CPS, and then analyzes the error sources and challenges of self-management through the formal feedback flow. Focusing on reducing the complexity, we first survey the self-adaptive architecture approaches and applied dependability means, then we introduce a hybrid multi-role self-adaptive architecture, and discuss the supporting technologies for dependable self-management at the architecture level. Focus on dependable environment-centered adaptation, we investigate the verification and validation (V&V) methods for making safe self-adaptation decision and the solutions for processing decision dependably. For system-centered adaptation, the comprehensive self-healing methods are summarized. Finally, we analyze the missing pieces of the technology puzzle and the future directions. In this survey, the technical trends for dependable CPS design and maintenance are discussed, an all-in-one solution is proposed to integrate these technologies and build a dependable organic SCPS. To the best of our knowledge, this is the first comprehensive survey on dependable SCPS building and evaluation.

Yu Jiang,Mingzhe Wang,Xun Jiao,Houbing Song,Hui Kong,Rui Wang,Yongxin Liu,Jian Wang,Jiaguang Sun

DOI: https://doi.org/10.1109/iThings/GreenCom/CPSCom/SmartData.2019.00055

2019-01-01

Abstract:Cyber-physical systems (CPSs) are built from, and depend upon, the seamless integration of software and hardware components. The most important challenge in CPS design and verification is to design CPS to be reliable in a variety of uncertainties, i.e., unanticipated and rapidly evolving environments and disturbances. The costs, delays and reliability of the designed CPS are highly dependent on software-hardware partitioning in the design. The key challenges in partitioning CPSs is that it is difficult to formalize reliability characterization in the same way as the uncertain cost and time delay. In this paper, we propose a new CPS design paradigm for reliability assurance while coping with uncertainty. To be specific, we develop an uncertain programming model for partitioning based on the uncertainty theory, to support the assured reliability. The uncertainty effect of the cost and delay time of components to be implemented can be modeled by the uncertainty variables with uncertainty distributions, and the reliability characterization is recursively derived. We convert the uncertain programming model and customize an improved heuristic to solve the converted model. Experiment results on some benchmarks and random graphs show that the uncertain method produces the design with higher reliability. Besides, in order to demonstrate the effectiveness of our model for in coping with uncertainty in design stage, we apply this uncertain framework and existing deterministic models in the design process of a sub-system that is used in real world subway control. The system implemented based on the uncertain model works better than the result of deterministic models. The proposed design paradigm has the potential to be generalized to the design of CPSs for greater assurances of safety and security under a variety of uncertainties

Junlong Zhou,Jin Sun,Mingyue Zhang,Yue Ma

DOI: https://doi.org/10.1109/tii.2020.3011506

IF: 12.3

2021-11-01

IEEE Transactions on Industrial Informatics

Abstract:Cyber–physical cloud systems (CPCS) are integrations of cyber–physical systems (CPS) and cloud computing infrastructures. Integrating CPS into cloud computing infrastructures could improve the performance in many aspects. However, new reliability and security challenges are also introduced. This fact highlights the need to develop novel methodologies to tackle these challenges in CPCS. To this end, this article is oriented toward enhancing the soft-error reliability of real-time workflows on CPCS while satisfying the lifetime reliability, security, and real-time constraints. In this article, we propose a dependable algorithm for scheduling workflow applications on CPCS. The proposed algorithm uses slack to recover failed tasks and allows all tasks to share the available slack in the system. To improve soft-error reliability, the algorithm first determines the priority of tasks, then assigns the maximum frequency to each task, and finally assigns the recoveries to tasks dynamically. Slack also can be used to utilize security services for satisfying system security requirements. The lifetime reliability constraint is met by dynamically scaling down the operating frequency of low-priority tasks. Extensive experiments on real-world workflow benchmarks demonstrate that the proposed scheme reduces the probability of failure by up to $52.1%$ and improves the scheduling feasibility by up to $83.5%$ compared to a number of representative approaches.

automation & control systems,computer science, interdisciplinary applications,engineering, industrial

Randolph Loh,Vrizlynn L. L. Thing

2023-05-15

Abstract:Self-Healing Cyber-Physical Systems (SH-CPS) effectively recover from system perceived failures without human intervention. They ensure a level of resilience and tolerance to unforeseen situations that arise from intrinsic system and component degradation, errors, or malicious attacks. Implicit redundancy can be exploited in SH-CPS to structurally adapt without the need to explicitly duplicate components. However, implicitly redundant components do not guarantee the same level of dependability as the primary component used to provide for a given function. Additional processes are needed to restore critical system functionalities as desired. This work introduces implicit guarantees to ensure the dependability of implicitly redundant components and processes. Implicit guarantees can be obtained through inheritance and decomposition. Therefore, a level of dependability can be guaranteed in SH-CPS after adaptation and recovery while complying with requirements. We demonstrate compliance with the requirement guarantees while ensuring resilience in SH-CPS.

Cryptography and Security,Robotics,Systems and Control

Peng Zhou,Kunmean HOU,Zhan Zhang,Decheng Zuo,Jian Dong,Jianjin Li,Haiyin Zhou

DOI: https://doi.org/10.20944/preprints201707.0044.v1

2017-01-01

Abstract:Though Cyber Physical Systems (CPS) become very popular in last the decade, dependability of CPS is still a critical issue and related survey is rare. We try to spell out the jigsaw of technologies and figure out the technical trends of dependable self-managing CPS. This survey first recalls the motivation and the similar concepts. By analyzing four generic architectures, we summarize the common characteristics and related assurance technologies, and propose a more generic environment-in-loop processing flow of CPS and a formal interaction flow between physical space and cyber space. Further, the similarity between correctness and dependability is formally analyzed and the new five research questions of dependable self-managing CPS are presented. Then we review the critical technologies and related correctness verification & validation (V&V) methods, the architectures for dependable self-managing CPS. Further, the detail dependability management and V&V technologies are surveyed, which covers the areas of running-time fault management methods and whole life cycle V&V technologies, maintenance and available tool sets. For holistic CPS development, Modeling techniques and MDE (model driven engineering) based V&V methods are analyzed in detail. Then we complete the jigsaw of technologies and figure out the missing part. Further, we propose the technical challenges and the further direction. To our best knowledge, this is the first comprehensive survey on dependable self-managing CPS development and evaluation.

Yan Wang,Yan Li,Tianqi Xu,Mengmeng Zhu

DOI: https://doi.org/10.1109/icpst56889.2023.10164915

2023-01-01

Abstract:The integration of communication technology into power systems enhances their observability and controllability but also introduces additional risks caused by the interaction between cyber and physical systems, leading to the expansion of cascading failures in cyber-physical power systems (CPPSs). To address this problem, this article proposes a cascading failure risk assessment method for CPPS based on an event-driven model, which provides technical support for risk warning and security analysis of CPPSs. The proposed method involves the establishment of a state transition matrix of CPPS based on a dynamic Bayesian network and analysis of the triggering law of cascading faults. A dynamic HMM model and a set of expected risk scenarios of CPPS are established based on the observable results of physical system faults by the information system. Furthermore, the corresponding multi-index risk assessment model of CPPS is established to describe the risk propagation ability of the system in its operation state, followed by the migration of the operation mode according to the adjustment of the high-risk event-driven control strategy. Finally, the effectiveness of the method is verified using the IEEE-39 system.

Peng Zhou,Decheng Zuo,Kun-Mean Hou,Zhan Zhang

DOI: https://doi.org/10.3390/s17112580

IF: 3.9

2017-01-01

Sensors

Abstract:Cyber Physical Systems (CPSs) need to interact with the changeable environment under various interferences. To provide continuous and high quality services, a self-managed CPS should automatically reconstruct itself to adapt to these changes and recover from failures. Such dynamic adaptation behavior introduces systemic challenges for CPS design, advice evaluation and decision process arrangement. In this paper, a formal compositional framework is proposed to systematically improve the dependability of the decision process. To guarantee the consistent observation of event orders for causal reasoning, this work first proposes a relative time-based method to improve the composability and compositionality of the timing property of events. Based on the relative time solution, a formal reference framework is introduced for self-managed CPSs, which includes a compositional FSM-based actor model (subsystems of CPS), actor-based advice and runtime decomposable decisions. To simplify self-management, a self-similar recursive actor interface is proposed for decision (actor) composition. We provide constraints and seven patterns for the composition of reliability and process time requirements. Further, two decentralized decision process strategies are proposed based on our framework, and we compare the reliability with the static strategy and the centralized processing strategy. The simulation results show that the one-order feedback strategy has high reliability, scalability and stability against the complexity of decision and random failure. This paper also shows a way to simplify the evaluation for dynamic system by improving the composability and compositionality of the subsystem.

Miguel Arroyo,Hidenori Kobayashi,Simha Sethumadhavan,Junfeng Yang

DOI: https://doi.org/10.48550/arXiv.1702.06595

2017-02-22

Abstract:A Cyber-Physical System (CPS) is defined by its unique characteristics involving both the cyber and physical domains. Their hybrid nature introduces new attack vectors, but also provides an opportunity to design new security defenses. In this paper, we present a new domain-specific security mechanism, FIRED, that leverages physical properties such as inertia of the CPS to improve security. FIRED is simple to describe and implement. It goes through two operations: Reset and Diversify, as frequently as possible -- typically in the order of seconds or milliseconds. The combined effect of these operations is that attackers are unable to gain persistent control of the system. The CPS stays safe and stable even under frequent resets because of the inertia present. Further, resets simplify certain diversification mechanisms and makes them feasible to implement in CPSs with limited computing resources. We evaluate our idea on two real-world systems: an engine management unit of a car and a flight controller of a quadcopter. Roughly speaking, these two systems provide typical and extreme operational requirements for evaluating FIRED in terms of stability, algorithmic complexity, and safety requirements. We show that FIRED provides robust security guarantees against hijacking attacks and persistent CPS threats. We find that our defense is suitable for emerging CPS such as commodity unmanned vehicles that are currently unregulated and cost sensitive.

Systems and Control,Cryptography and Security

Sizhe He,Yadong Zhou,Yujie Yang,Ting Liu,Yuxun Zhou,Jie Li,Tong Wu,Xiaohong Guan

DOI: https://doi.org/10.1109/tcyb.2024.3411868

IF: 11.8

2024-01-01

IEEE Transactions on Cybernetics

Abstract:Cascading failures pose a significant security threat to networked systems, with recent global incidents underscoring their destructive potential. The security threat of cascading failures has always existed, but the evolution of cyber-physical systems (CPSs) has introduced novel dimensions to cascading failures, intensifying their threats owing to the intricate fusion of cyber and physical domains. Addressing these threats requires a nuanced understanding achieved through failure modeling and vulnerability analysis. By analyzing the historical failures in different CPSs, the cascading failure in CPSs is comprehensively defined as a complicated propagation process in coupled cyber and physical systems, initialized by natural accidents or human interference, which exhibits a progressive evolution within the networked structure and ultimately results in unexpected large-scale systemic failures. Subsequently, this study advances the development of instructions for modeling cascading failures and conducting vulnerability analyses within CPSs. The examination also delves into the core challenges inherent in these methodologies. Moreover, a comprehensive survey and classification of extant research methodologies and solutions are undertaken, accompanied by a concise evaluation of their advancements and limitations. To validate the performance of these methodologies, numerical experiments are conducted to ascertain their distinct features. In conclusion, this article advocates for future research initiatives, particularly emphasizing the exploration of uncertainty analysis, defense strategies, and verification platforms. By addressing these areas, the resilience of CPSs against cascading failures can be significantly enhanced.

Carlos M. Paredes,Diego Martínez Castro,Apolinar González Potes,Andrés Rey Piedrahita,Vrani Ibarra Junquera

DOI: https://doi.org/10.3390/sym16060684

2024-06-04

Symmetry

Abstract:Modern industrial automation supported by Cyber–Physical Systems (CPSs) requires high flexibility, which is achieved through increased interconnection between modules. This interconnection introduces a layer of symmetry into the design and operation of CPSs, balancing the distribution of tasks and resources across the system and streamlining the flow of information. However, this adaptability also exposes control systems to security threats, particularly through novel communication links that are vulnerable to cyberattacks. Traditional strategies may have limitations in these applications. This research proposes a design approach for control applications supported by CPSs that incorporates cyberattack detection and tolerance strategies. Using a modular and adaptive approach, the system is partitioned into microservices for scalability and resilience, allowing structural symmetry to be maintained. Schedulability assessments ensure that critical timing constraints are met, improving overall system symmetry and performance. Advanced cyberattack detection and isolation systems generate alarms and facilitate rapid response with replicas of affected components. These replicas enable the system to recover from and tolerate cyberattacks, maintaining uninterrupted operation and preserving the balanced structure of the system. In conclusion, the proposed approach addresses the security challenges in CPS-based control applications and provides an integrated and robust approach to protect industrial automation systems from cyber threats. A case study conducted at a juice production facility in Colima, México, demonstrated how the architecture can be applied to complex processes such as pH control, from simulation to industrial implementation. The study highlighted a plug-and-play approach, starting with component definitions and relationships, and extending to technology integration, thereby reinforcing symmetry and efficiency within the system.

multidisciplinary sciences

Lin Zhang,Luis Burbano,Xin Chen,Alvaro A. Cardenas,Steven Drager,Matthew Anderson,Fanxin Kong

DOI: https://doi.org/10.1109/rtas61025.2024.00030

2023-01-01

Abstract:Cyber-physical systems tightly integrate computational resources with physical processes through sensing and actuating, widely penetrating various safety-critical domains, such as autonomous driving, medical monitoring, and industrial control. Unfortunately, they are susceptible to assorted attacks that can result in injuries or physical damage soon after the system is compromised. Consequently, we require mechanisms that swiftly recover their physical states, redirecting a compromised system to desired states to mitigate hazardous situations that can result from attacks. However, existing recovery studies have overlooked stochastic uncertainties that can be unbounded, making a recovery infeasible or invalidating safety and real-time guarantees. This paper presents a novel recovery approach that achieves the highest probability of steering the physical states of systems with stochastic uncertainties to a target set rapidly or within a given time. Further, we prove that our method is sound, complete, fast, and has low computational complexity if the target set can be expressed as a strip. Finally, we demonstrate the practicality of our solution through the implementation in multiple use cases encompassing both linear and nonlinear dynamics, including robotic vehicles, drones, and vehicles in high-fidelity simulators.