Genghong Lu,Dongqin Feng,Biao Huang

DOI: https://doi.org/10.1002/acs.3163

IF: 3.369

2020-01-01

International Journal of Adaptive Control and Signal Processing

Abstract:SummaryThe problem of robust attack detection and prediction for networked control systems in the presence of outliers is discussed in this article. The conventional hidden Markov model (HMM) is trained to learn the system behavior (ie, transitions between different operating modes) in the nominal process. The HMM with time‐varying transition probabilities is used to track the attack behavior in which the adversary triggers more hazard modes to hasten fatigue of control devices by injecting attack signals with random magnitude and frequency. For different operating modes, the observations are assumed to follow different multivariate Student's t distributions instead of Gaussian distributions and thus address the robust estimation problem. The expectation maximization algorithm is used to estimate parameters. Finally, simulations are conducted to verify the effectiveness of the proposed method.

Dandan Zhang,Xin Jin,Hongye Su

DOI: https://doi.org/10.1109/tac.2023.3343588

IF: 6.549

2024-01-01

IEEE Transactions on Automatic Control

Abstract:By designing a time-regularized (Zeno-free) event-triggered strategy for the state-feedback control law, this paper considers the stochastic stabilization of networked control systems, where the networked communication is constrained by stochastic pulsing denial-of-service (DoS) attacks. The attacks' cardinal number is supposed to be subject to Poisson distribution, so the inter-attack time, i.e., the time between two consecutive attack instants, is subject to exponential distribution. The considered system is modeled as the stochastic hybrid formalism, where the randomness enters through the jump map into the reset value (inter-attack time directly related) of the designed triggered strategy. Using stochastic hybrid tools to combine attack-active parts with attack-over parts, we show that the designed triggered strategy, if designed well according to the actual system needs, can tolerate (be resilient to) the pulsing DoS attacks without jeopardizing the stability and Zeno-freeness.

Meng-zhou Gao,Dong-qin Feng

DOI: https://doi.org/10.1631/fitee.1700334

IF: 2.526

2018-01-01

Frontiers of Information Technology & Electronic Engineering

Abstract:Security issues in networked control systems (NCSs) have received increasing attention in recent years. However, security protection often requires extra energy consumption, computational overhead, and time delays, which could adversely affect the real-time and energy-limited system. In this paper, random cryptographic protection is implemented. It is less expensive with respect to computational overhead, time, and energy consumption, compared with persistent cryptographic protection. Under the consideration of weak attackers who have little system knowledge, ungenerous attacking capability and the desire for stealthiness and random zero-measurement attacks are introduced as the malicious modification of measurements into zero signals. NCS is modeled as a stochastic system with two correlated Bernoulli distributed stochastic variables for implementation of random cryptographic protection and occurrence of random zero-measurement attacks; the stochastic stability can be analyzed using a linear matrix inequality (LMI) approach. The proposed stochastic stability analysis can help determine the proper probability of running random cryptographic protection against random zero-measurement attacks with a certain probability. Finally, a simulation example is presented based on a vertical take-off and landing (VTOL) system. The results show the effectiveness, robustness, and application of the proposed method, and are helpful in choosing the proper protection mechanism taking into account the time delay and in determining the system sampling period to increase the resistance against such attacks.

Genghong Lu,Dongqin Feng

DOI: https://doi.org/10.23919/icif.2018.8455208

2018-01-01

Abstract:Due to the wide implementation of communication networks, industrial control systems are vulnerable to malicious attacks, which could cause potentially devastating results. Adversaries launch integrity attacks by injecting false data into systems to create fake events or cover up the plan of damaging the systems. In addition, the complexity and nonlinearity of control systems make it more difficult to detect attacks and defense it. Therefore, a novel security situation awareness framework based on particle filtering, which has good ability in estimating state for nonlinear systems, is proposed to provide an accuracy understanding of system situation. First, a system state estimation based on particle filtering is presented to estimate nodes state. Then, a voting scheme is introduced into hazard situation detection to identify the malicious nodes and a local estimator is constructed to estimate the actual system state by removing the identified malicious nodes. Finally, based on the estimated actual state, the actual measurements of the compromised nodes are predicted by using the situation prediction algorithm. At the end of this paper, a simulation of a continuous stirred tank is conducted to verify the efficiency of the proposed framework and algorithms.

Yi Gao,Yunji Li,Ziyan Hua,Junjie Chen,Yajun Wu

DOI: https://doi.org/10.3390/info15100649

2024-01-01

Information

Abstract:In modern industrial applications, production quality, system performance, process reliability, and safety have received considerable attention. This article proposes a dynamic event-triggered attack estimator for Markovian jump stochastic systems susceptible to actuator deception attacks. Utilizing the developed estimator, the presented attack-tolerant control strategy can tolerate the effects of such attacks and ensure the mean-square convergence of the overall closed-loop system. A dynamic event-triggered mechanism is implemented on the sensor side to optimize communication efficiency. To address the potential threat of deception attacks, a plug-and-play (PnP) secure monitoring and control architecture is introduced. This architecture facilitates the seamless integration of the designed attack-tolerant controller with the nominal feedback controller, thereby enhancing system security without requiring significant modifications to the existing control structure. The practicality and effectiveness of the proposed approaches are demonstrated through experimental results on a switched boost converter circuit.

Ying Liu,Dongqin Feng

DOI: https://doi.org/10.1109/iccasit48058.2019.8973161

2019-01-01

Abstract:Computer network technology has been increasingly infiltrated into the industrial control system and made the security problems more complex and changeable. Network security situation awareness technology can perceive the real-time threats that the network faced, and provide reliable basis for decision-making. This paper mainly focuses on the situation assessment and introduces finite state machine and fuzzy logic theory. Finite state machine can intuitively show the internal state transition of the industrial control system and detect the malicious packet attack's type and severity. Fuzzy logic balances the semantic fuzziness and event uncertainty in the process of situation assessment, fuses the output data of the state machine and obtains the threat level which is helpful for decision analysis. Proved, the method proposed in this paper can give a reasonable and accurate security assessment of industrial control system.

Shanling Dong,Enjun Liu,Bo Wang,Meiqin Liu,Guanrong Chen

DOI: https://doi.org/10.1002/rnc.7420

IF: 3.8973

2024-01-01

International Journal of Robust and Nonlinear Control

Abstract:The article deals with the security control stabilization problem of uncertain Markov jump power systems with input dead zone under stochastic denial-of-service (DoS) attack. DoS attack is modeled as a discrete-time Markov process. Dual hidden Markov models are respectively used to detect the modes of the original power systems and the one under DoS attack. Based on the detected modes and neural networks (NNs), adaptive NN-based security asynchronous control strategies are proposed, where both state feedback and output feedback are studied simultaneously. With the developed control laws, all trajectories of the closed-loop systems are bounded stable in the stochastic setting. Simulation results demonstrate the correctness and usefulness of the proposed techniques.

Jue Tian,Rui Tan,Xiaohong Guan,Zhanbo Xu,Ting Liu

DOI: https://doi.org/10.1109/tsg.2019.2921245

IF: 10.275

2020-01-01

IEEE Transactions on Smart Grid

Abstract:Recent cybersecurity incidents such as Stuxnet and Irongate alert us to the threats faced by critical cyber-physical systems. These attacks compromise the control signals to push the system to unsafe regions and meanwhile, inject fake sensor measurements to cover the ongoing attack. Detecting these Stuxnet-like (SL) attacks still remains an open research issue. This paper analyzes the taxonomy, construction, and implication of SL attacks in CPS control loops. We propose to apply the moving target defense (MTD) approach that actively changes the system configuration to detect SL attacks, since these attacks are generally constructed based on the knowledge about the system's configuration. We analyze the basic conditions for MTD to be successful. Finally, as a case study, we apply MTD for the secondary voltage control of power grids and present simulation results based on the IEEE 39-bus test system under realistic settings.

engineering, electrical & electronic

Wenhai Qi,Yanjing Yi,Peng Shi,Guangdeng Zong,Zheng-Guang Wu

DOI: https://doi.org/10.1109/tcsii.2023.3300727

2024-01-01

Abstract:This brief studies the adaptive event-driven control for continuous positive stochastic semi-Markov jump models in the presence of cyber attacks. To save the limited network resources, an adaptive event-driven mechanism is constructed, in which the communication threshold can be dynamically tuned according to the error and state signals. On the basis of linear co-positive Lyapunov function and gain matrix decomposition, stochastic stability conditions are developed under the framework of deception attacks. Next, the design strategy of adaptive event-driven controller is proposed to guarantee the positivity and stochastic stability of the underlying system in linear programming. Furthermore, by means of a lower bound of inter execution time, it is illustrated that there will be finite triggering within a limited time, resulting in no Zeno phenomenon. Finally, a communication network model is shown to verify the theoretical findings.

Jinliang Liu,Zheng-Guang Wu,Dong Yue,Ju H. Park

DOI: https://doi.org/10.1109/tsmc.2018.2888633

2021-01-01

Abstract:This paper investigates the controller design problem of networked control systems subject to cyber attacks. A hybrid-triggering communication strategy is employed to save the limited communication resources. State measurements are transmitted over a communication network and may be corrupted by cyber attacks. The aim of this paper is to design a controller for a new closed-loop system model with consideration of randomly occurring cyber attacks and the hybrid-triggering scheme. A stability criterion is obtained for the system stabilization by employing Lyapunov stability theory and stochastic analysis techniques. Moreover, the desired controller gain is derived by resorting to some matrix inequalities. Finally, a numerical example is exploited to demonstrate the usefulness of the proposed scheme.

Xiaoyu Jiang,Zhiqiang Ge

DOI: https://doi.org/10.1109/tai.2022.3145335

2022-01-01

IEEE Transactions on Artificial Intelligence

Abstract:With the rapid development of information technology, intelligent upgrading of the manufacturing industry has broken the closed environment of traditional industrial control systems (ICS); thus, the information security of ICS has been seriously threatened. As part of ICS, the process monitoring system (PMS) is heavily subject to external risks. Data-driven PMSs have been widely used as initial lines of defense to ensure ICS safety. Once the PMS is under attack, the consequences on the whole ICS will be unimaginable. Unfortunately, the safety issues of the PMS have received inadequate attention. This article reveals PMS’s vulnerabilities through effective attacks. A novel method called subspace transfer network (STN) is proposed to conduct adversarial and poisoning attacks on the PMS simultaneously. Then the attack task flow is defined and explained to make online adversarial attacks and data poisoning on PMS. Meanwhile, aiming at two poisoning goals, targeted and untargeted attacks of STN are designed, respectively. Finally, the PMS’s fragility is verified in two industrial benchmarks.

Shanling Dong,Meiqin Liu

DOI: https://doi.org/10.1109/tfuzz.2022.3193805

IF: 12.253

2022-01-01

IEEE Transactions on Fuzzy Systems

Abstract:This article investigates the adaptive fuzzy asynchronous control problem for discrete-time nonhomogeneous Markov jump power systems under hybrid attacks. A nonhomogeneous Markov process is used to describe the phenomenon of transient failures occurring in power lines and subsequent switching of associated circuit breakers. The corresponding nonhomogeneous hidden Markov model is utilized to detect the jump modes of power systems. Both deception attack and denial-of-service attack are analyzed simultaneously owing to the vulnerability of power systems. With detected modes and fuzzy logic systems, an adaptive fuzzy asynchronous control strategy is proposed. Using the mode-dependent Lyapunov function, the existence conditions of the desired controller law are obtained such that the closed-loop power systems are bounded stable in the mean-square sense. Finally, the usefulness of the developed control strategy is demonstrated by a numerical example.

Bin Liu,Jingzhao Chen,Yong Hu

DOI: https://doi.org/10.1016/j.compind.2022.103609

IF: 10

2022-05-01

Computers in Industry

Abstract:Integrity and availability attacks can cause serious damage to modern industrial cyber-physical systems (ICPS). It is critical to detect and identify these attacks promptly and accurately. This paper investigates the anomaly detection for ICPS in the process industry. Three typical attacks, the Stuxnet-like, denial-of-service, and false data injection, are taken as specific defense targets. We propose to detect anomalies by quantifying the dynamic variations of generalized model implied by operating data, and present a mode division as the novel detection framework. The subspace technique and a quantization method for the amplitude-frequency characteristic deviation are employed to design the detector, which can be deployed independently in the active ICPS and does not cause any loss of control performance. An attack-defense experimental platform is developed to evaluate the detector under the attack scenarios of interest. The results show that the detector can detect any of the three attacks in a maximum of 28 s after the attack onset, and that these attacks can be distinguished by combining the state estimation residuals and system errors.

computer science, interdisciplinary applications

Shaodong Wang,Chao Li,Qinmin Yang,Wenchao Meng,Yunpeng Li

DOI: https://doi.org/10.1109/CSIS-IAC60628.2023.10364018

2023-01-01

Abstract:This paper mainly focuses on the problem of detecting stealthy attacks in power systems with unknown-but-bounded (UBB) disturbances and noises based on switching and zonotopes. A switching-based moving target defense (MTD) strategy, which is characterized by the average dwell time (ADT) property, is presented in order to enhance the uncertainty of the power system. In addition, sufficient conditions are given for the switched power system to be robust with the degree of <tex xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">$H$</tex> disturbance attenuation. The impact of MTD strategy on stealthy assaults is then analyzed in two scenarios, in which the adversary can attack either all measurement output channels or a subset of them. Meanwhile, a novel detector based on MTD and zonotopes is designed to detect stealthy attacks for the switched power system. Finally, a three-generator and six-load-bus power system is provided to illustrate the effectiveness of the main results.

Kang-Di Lu,Zheng-Guang Wu

DOI: https://doi.org/10.1109/tii.2021.3129487

IF: 12.3

2022-01-01

IEEE Transactions on Industrial Informatics

Abstract:As the next-generation power grids, smart grids are integrated with advanced information and communication technology (ICT) to make the grid more efficient and stable than conventional power systems. Given the mounting cyber-attack threats, these critical ICT systems create great security issues for smart grids. Additionally, the clever attackers have the ability to not only access and monitor the smart grid, but also hack it by launching well-established cyber-attacks. Thus, this article is devoted to understanding the potential stealthy cyber-attack and its countermeasure. First, this article proposes a stealthy sparse cyber-attack model in an ac smart grid by considering both the residual test-based detector and the interval-state-estimation-based detector, which is not considered in previous studies. The design model is formulated as a constrained optimization problem by minimizing the number of contaminated meters, where the characteristics of two types of detector are considered simultaneously as the constraints for the first time. A constrained differential evolution (CDE) is proposed as the solver because the optimization problem is NP-hard. Then, a generalized-cumulative-sum-based detector is developed to detect the proposed cyber-attacks, where a fractional-order state transition matrix is originally introduced into the estimator to describe the dynamics of the power system. Numerical studies illustrate the feasibility of CDE-based stealthy sparse cyber-attacks and the effectiveness of the proposed countermeasure.

Chensheng Liu,Wangli He,Ruilong Deng,Yu-Chu Tian,Wenli Du

DOI: https://doi.org/10.1109/tii.2022.3172688

IF: 12.3

2023-01-01

IEEE Transactions on Industrial Informatics

Abstract:Due to the close relevance to the reliability and efficiency of power systems, network parameters such as branch admittance have been the target of various cyberattacks. However, existing attack models are generally based on the impractical assumption that attackers can directly modify the data of network parameter stored in well-secured control centers. This article proposes a practical attack model and designs an optimal strategy to detect malicious modification of critical network parameters. Specifically, the vulnerability of network parameter error processing is discovered and exploited to indirectly modify the data of network parameter without accessing to the well-secured control center. A model of false-data-injection-enabled network parameter modification is proposed, which significantly reduces the requirements on attackers’ capability and system information. An optimal detection strategy is designed based on the analysis of the minimal protection set at a single branch, which can significantly reduce the number of protected measurements in detecting malicious modification of critical network parameters. Finally, numerical simulations are carried out on the PJM 5-bus and the IEEE 118-bus test systems to validate the theoretical results.

Jie Shao,Zehua Ye,Dan Zhang,Huaicheng Yan,Junwei Zhu

DOI: https://doi.org/10.1016/j.isatra.2022.02.005

IF: 7.3

2022-02-01

ISA Transactions

Abstract:This paper is concerned with the injection attack estimation for a class of networked control systems with Deny-of-Service (DoS) attack, where unknown signals are injected into the sensor reading and actuator. The main goal is to design an estimator to estimate the injected signals subject to stochastic hidden DoS attack. By introducing a semi-Markov chain, the complex aperiodic sampling behavior caused by DoS attack is first modeled as a stochastic switching system. By using the Lyapunov stability theory and stochastic system analysis method, the σ-error mean square stability (σ-EMSS) conditions of estimation error system are then derived and the state of the attack estimation error system is shown to be uniformly ultimately bounded. Some linear matrix inequalities are proposed to determine the estimation gain matrices. Finally, both simulation and experimental studies on the motor system are conducted, and the effectiveness of the main results are demonstrated.

automation & control systems,instruments & instrumentation,engineering, multidisciplinary

Yunjun Chen,Delong Zhang,Xiehuan Li

DOI: https://doi.org/10.1177/01423312241266688

IF: 2.146

2024-08-25

Transactions of the Institute of Measurement and Control

Abstract:Transactions of the Institute of Measurement and Control, Ahead of Print. In this article, the mode-based two-channel dynamic event-triggered mechanisms (DETMs) [math] control problem is investigated for Markovian jump systems (MJSs) under multiple cyber attacks. Unlike some existing results, the proposed mode-based two-channel DETMs not only reduces the transmission numbers of the system state from the sensor to controller (S-C) but also decreases the update frequency of the control input from the controller to actuator (C-A). Then, a new time-delay MJSs model under multiple cyber attacks is constructed by simultaneously considering mode-based two-channel DETMs, random deception attacks, and non-periodic DoS attacks. On this basis, in order to improve the overall security of the systems, the impact of random deception attacks on the trigger data in the C-A channel is considered. Finally, the Lyapunov–Krasovskii functional method and linear matrix inequality (LMI) are used to ensure the stochastic stabilization with [math] performance for time-delay MJSs. The effectiveness of the proposed method is validated through two examples.

automation & control systems,instruments & instrumentation

Lu Yu,Richard R. Brooks

DOI: https://doi.org/10.1007/978-3-319-75683-7_15

2017-09-22

Abstract:With the rapid development of Internet and the sharp increase of network crime, network security has become very important and received a lot of attention. We model security issues as stochastic systems. This allows us to find weaknesses in existing security systems and propose new solutions. Exploring the vulnerabilities of existing security tools can prevent cyber-attacks from taking advantages of the system weaknesses. We propose a hybrid network security scheme including intrusion detection systems (IDSs) and honeypots scattered throughout the network. This combines the advantages of two security technologies. A honeypot is an activity-based network security system, which could be the logical supplement of the passive detection policies used by IDSs. This integration forces us to balance security performance versus cost by scheduling device activities for the proposed system. By formulating the scheduling problem as a decentralized partially observable Markov decision process (DEC-POMDP), decisions are made in a distributed manner at each device without requiring centralized control. The partially observable Markov decision process (POMDP) is a useful choice for controlling stochastic systems. As a combination of two Markov models, POMDPs combine the strength of hidden Markov Model (HMM) (capturing dynamics that depend on unobserved states) and that of Markov decision process (MDP) (taking the decision aspect into account). Decision making under uncertainty is used in many parts of business and <a class="link-external link-http" href="http://science.We" rel="external noopener nofollow">this http URL</a> use here for security <a class="link-external link-http" href="http://tools.We" rel="external noopener nofollow">this http URL</a> adopt a high-quality approximation solution for finite-space POMDPs with the average cost criterion, and their extension to DEC-POMDPs. We show how this tool could be used to design a network security framework.

Cryptography and Security

Yingshuai Hao,Meng Wang,Joe Chow

DOI: https://doi.org/10.48550/arXiv.1512.05008

2015-12-15

Systems and Control

Abstract:Cyber data attacks are the worst-case interacting bad data to power system state estimation and cannot be detected by existing bad data detectors. In this paper, we for the first time analyze the likelihood of cyber data attacks by characterizing the actions of a malicious intruder. We propose to use Markov decision process to model an intruder's strategy, where the objective is to maximize the cumulative reward across time. Linear programming method is employed to find the optimal attack policy from the intruder's perspective. Numerical experiments are conducted to study the intruder's attack strategy in test power systems.