Peili Ding,Yinan Wang,Gangfeng Yan,Wei Li

DOI: https://doi.org/10.1109/cac.2017.8243929

2017-01-01

Abstract:Recent years, the issue of cyber security has become ever more prevalent in the analysis and design of electrical cyber-physical systems (ECPSs). In this paper, we present the TrueTime Network Library for modeling the framework of ECPSs and focuses on the vulnerability analysis of ECPSs under DoS attacks. Model predictive control algorithm is used to control the ECPS under disturbance or attacks. The performance of decentralized and distributed control strategies are compared on the simulation platform. It has been proved that DoS attacks happen at dada collecting sensors or control instructions actuators will influence the system differently.

Kang-Di Lu,Zheng-Guang Wu

DOI: https://doi.org/10.1109/tcsii.2022.3181827

2022-01-01

Abstract:In cyber-physical power systems (CPPSs), false data injection attack (FDIA) has drawn much attention due to its stealthiness. It is of great importance to investigate the potential behaviors of attackers to improve the cyber-security of CPPSs. However, most FDIA models are often constructed separately on the effect of attackers or the impact of attacks. Accordingly, this brief proposes a multi-objective stealthy FDIA scheme in AC grid model. The attack model is described as a multi-objective optimization problem, where minimization of contaminated measurements and maximization of the attack impact are considered as two objectives while remaining stealthy. To deal with the established attack model, a non-dominated sorting genetic algorithm II (NSGAII) is introduced as the solver. To improve the efficiency of generating attack vector, a new representation mechanism is proposed to describe locations and values of injected states. Additionally, during the evolutionary process, we propose a mutation operation to balance the sparsity and impact of FDIA. Simulation results on the IEEE 14-bus, 30-bus, and 118-bus systems demonstrate the feasibility of the NSGAII-based FDIA model.

Kang-Di Lu,Zheng-Guang Wu,Tingwen Huang

DOI: https://doi.org/10.1109/tmech.2022.3214314

2023-01-01

Abstract:With the rapid development of communication, control, and computer technology, traditional power systems have evolved into cyber-physical power system (CPPS). However, CPPS not only affords convenience but also introduces more cyber-attacks. Among many types of cyber-attacks, false data injection attacks (FDIAs) have drawn much attention in the CPPS security domain due to their stealthiness. Most FDIAs are based on the static model on a single snapshot and often ignore the reality of dynamically time-evolving CPPS. Accordingly, this article proposes a novel three-stage dynamic false data injection attack (DFDIA) model in CPPS by considering potential dynamic behaviors. To consider both attack location and attack amplitude, the designing DFDIA is formulated as two constrained single-objective optimization problems. Two versions of constrained differential evolution are presented as the solver to determine the attack location and optimize the attack vector for collaboratively altering the meter measurements. Then, an interval state forecasting-based countermeasure is proposed to detect the established DFDIA. In this detector, the variation bounds of state values are determined via ensemble deep learning-based state forecasting method. Finally, extensive simulation results on several IEEE bus systems demonstrate the feasibility of DFDIA and the effectiveness of the defense mechanism.

Tian-Yu Zhang,Dan Ye

DOI: https://doi.org/10.1016/j.automatica.2020.109117

IF: 6.4

2020-10-01

Automatica

Abstract:<p>In this paper, we consider the security problem of dynamic state estimations in cyber–physical systems (CPSs) when the sensors are compromised by false data injection (FDI) attacks with complete stealthiness. The FDI attacks with complete stealthiness can completely remove its influences on monitored residuals, which have better stealthy performance against residual-based detectors than existing FDI attacks. Based on self-generated FDI attacks that are independent of real-time data of CPSs, we propose the necessary and sufficient condition of attack parameters such that FDI attacks can achieve complete stealthiness. Furthermore, we introduce the energy stealthiness of FDI attacks, which is a special case of complete stealthiness and makes the accumulated attack energy on residuals is bounded. Then, the existence and design conditions of FDI attacks with energy stealthiness are given. Finally, the superiority of the FDI attacks with complete stealthiness is demonstrated by the IEEE 6 bus power system.</p>

automation & control systems,engineering, electrical & electronic

Prakhar Ganesh,Xin Lou,Yao Chen,Rui Tan,David K. Y. Yau,Deming Chen,Marianne Winslett

DOI: https://doi.org/10.1109/tsg.2021.3058682

IF: 10.275

2021-07-01

IEEE Transactions on Smart Grid

Abstract:Control and communication technologies are key building blocks of cyber-physical systems (CPSes) that can improve the efficiency of the physical processes. However, they also make a CPS vulnerable to cyberattacks that can cause disruptions or even severe damage. This article focuses on one particular type of CPS cyberattack, namely the time delay attack (TDA), which exploits vulnerabilities in the communication channels to cause potentially serious harm to the system. Much work proposed for TDA detection is tested offline only and under strong assumptions. In order to construct a practical solution to deal with real-world scenarios, we propose a deep learning-based method to detect and characterize TDA. Specifically, we design a hierarchical long short-term memory model to process raw data streams from relevant CPS sensors online and continually monitor embedded signals in the data to detect and characterize the attack. Moreover, various strategies of interpreting the outputs of the model are proposed, which allow the user to tune the performance based on different objectives. We evaluate our model on two representative types of CPS, namely power plant control system (PPCS) and automatic generation control (AGC).Code and dataset can be found at: https://github.com/prakharg24/tda For TDA detection, our solution achieves an accuracy of 92% in PPCS, compared with 81% by random forests (RFs) and 72% by k-nearest neighbours (kNNs). For AGC, our solution achieves 98% accuracy, compared with 74% by RFs and 71% by kNNs. It also reduces the mean absolute error in the delay value characterization from about six to two seconds in the PPCS, and from about three seconds to half a second in the AGC, with about 3x to 4x shorter reaction latency in both systems.

engineering, electrical & electronic

Wenjie Liu,Lidong Li,Jian Sun,Fang Deng,Gang Wang,Jie Chen

2024-06-06

Abstract:The rise of cyber-security concerns has brought significant attention to the analysis and design of cyber-physical systems (CPSs). Among the various types of cyberattacks, denial-of-service (DoS) attacks and false data injection (FDI) attacks can be easily launched and have become prominent threats. While resilient control against DoS attacks has received substantial research efforts, countermeasures developed against FDI attacks have been relatively limited, particularly when explicit system models are not available. To address this gap, the present paper focuses on the design of data-driven controllers for unknown linear systems subject to FDI attacks on the actuators, utilizing input-state data. To this end, a general FDI attack model is presented, which imposes minimally constraints on the switching frequency of attack channels and the magnitude of attack matrices. A dynamic state feedback control law is designed based on offline and online input-state data, which adapts to the channel switching of FDI attacks. This is achieved by solving two data-based semi-definite programs (SDPs) on-the-fly to yield a tight approximation of the set of subsystems consistent with both offline clean data and online attack-corrupted data. It is shown that under mild conditions on the attack, the proposed SDPs are recursively feasible and controller achieves exponential stability. Numerical examples showcase its effectiveness in mitigating the impact of FDI attacks.

Systems and Control

Baoling Miao,Hao Wang,Yan-Jun Liu,Lei Liu

DOI: https://doi.org/10.1109/jetcas.2023.3253483

IF: 5.877

2023-01-01

IEEE Journal on Emerging and Selected Topics in Circuits and Systems

Abstract:In this paper, for a class of nonlinear cyber-physical systems (CPSs), the problem of adaptive security control for false data injection (FDI) attacks on the sensor and actuator is solved. Both sensor and actuator are destroyed by attackers, which makes the feedback control design unable to access the traditional error surface. Firstly, a state observer is constructed to mitigate the impact of sensor attacks. And then neural networks are used to approximate the nonlinear term and compensate for state-dependent actuator attacks. Finally, in order to reduce the impact of FDI attacks, we design a special time-varying symmetry barrier function in backstepping control design, which can achieve specific output signal constraints under FDI attacks. Through the above control strategy, the output constraint control problem of CPSs under FDI attacks is solved. Finally, a numerical simulation example demonstrates the effectiveness of the proposed controller.

engineering, electrical & electronic

Zhenyong Zhang,Ke Zuo,Ruilong Deng,Fei Teng,Mingyang Sun

DOI: https://doi.org/10.1109/jiot.2023.3264492

IF: 10.6

2023-01-01

IEEE Internet of Things Journal

Abstract:Machine learning-based intelligent systems enhanced with Internet of Things (IoT) technologies have been widely developed and exploited to enable the real-time stability assessment of a large-scale electricity grid. However, it has been extensively recognized that the IoT-enabled communication network of power systems is vulnerable to cyberattacks. In particular, system operating states, critical attributes that act as input to the data-driven stability assessment, can be manipulated by malicious actors to mislead the system operator into making disastrous decisions and thus cause major blackouts and cascading events. In this article, we explore the vulnerability of the data-driven power system stability assessment, with a special emphasis on decision tree-based stability assessment (DTSA) approaches, and investigate the feasibility of constructing a physics-constrained adversarial attack (PCAA) to undermine the DTSA. The PCAA is formulated as a nonlinear programming problem considering the misclassification constraint, power limits, and bad data detection, computing potential adversarial perturbations that reverse the “stable/unstable” prediction of the real-time input while remaining invisible/stealthy. Extensive experiments based on the IEEE 68-bus system are conducted to evaluate the impact of PCAAs on predictions of DTSA and their transferability.

Lewei Dong,Huiling Xu,Xinjiang Wei,Xin Hu

DOI: https://doi.org/10.1016/j.isatra.2021.05.015

IF: 7.3

2021-01-01

ISA Transactions

Abstract:In this paper, the interconnected observer intervention-based security correction control idea is proposed for stochastic cyber-physical systems (CPSs) subjected to false data injection attacks (FDIAs). The FDIAs are injected into the controller-to-actuator channel by the adversary via wireless transmission. In particular, the FDIAs with heterogeneous effects are constructed, which consist of periodic attacks with unknown parameters and bias injection attacks with asymptotic convergence property. A novel interconnected adaptive observer structure is designed to online estimate the heterogeneous attack effects. The security correction control scheme with resilience is presented by integrating interconnected adaptive observer and robust technology. It is demonstrated that the impaired state signals can be corrected and desired security performance can be guaranteed for stochastic CPSs under FDIAs with heterogeneous effects. Finally, two simulation verifications, including a F-16 longitudinal dynamics system controlled by network, are established to verify the validity and feasibility for the presented strategy.

Yue-Ming Wang,Yuan-Xin Li

DOI: https://doi.org/10.1080/23307706.2022.2136274

2022-10-21

Journal of Control and Decision

Abstract:In this article, an adaptive security control scheme is presented for cyber-physical systems (CPSs) suffering from false data injection (FDI) attacks and time-varying state constraints. Firstly, an adaptive bound estimation mechanism is introduced in the backstepping control design to mitigate the effect of FDI attacks. Secondly, to solve the unknown sign time-varying state-feedback gains aroused by the FDI attacks, a type of Nussbaum function is employed in the adaptive security control. Then, by constructing a barrier Lyapunov function, it can be ensured that all signals of controlled system are bounded and the time-varying state constraints are not transgressed. Finally, the provided simulation examples demonstrate the effectiveness of the proposed controller.

Yuhang Chen,Tieshan Li,Yue Long,Weiwei Bai

DOI: https://doi.org/10.1016/j.jfranklin.2023.07.020

IF: 4.246

2023-07-01

Journal of the Franklin Institute

Abstract:This paper is concerned with the attack detection and security control problem for discrete-time nonlinear cyber-physical systems (CPSs) under false data injection (FDI) attacks, which can bypass the traditional error detection mechanism. With the help of the T–S fuzzy models, a novel robust extended state observer with H ∞ performance is proposed to estimate this kind of attack. The attacks are included inside the observer as an internal state variable and the estimation of the FDI attack can be obtained from the outputs of the observer. By utilizing the observation of the FDI attack, a compensator is designed to negate the attack. Additionally, a controller is proposed to bring on the attack ineffective. Finally, simulation examples are given to illustrate the effectiveness of the developed schemes.

automation & control systems,engineering, electrical & electronic, multidisciplinary,mathematics, interdisciplinary applications

Zhang Yifang,Wu Zhengguang,Wu Zongze,Meng Deyuan

DOI: https://doi.org/10.1007/s11432-020-3190-2

2022-01-01

Science China Information Sciences

Abstract:We develop the resilient observer-based event-triggered control update strategy in this paper.It is utilized to achieve the input-to-state stability(ISS) of cyber-physical systems(CPSs) when there is an asynchronous denial-of-service(DoS) attack, which is launched by malicious adversaries both on measurement channel and control channel in a random attack strategy. To estimate the unmeasurable states while saving the limited networked bandwidth, an H_∞ observer-based event-triggered control scheme is first designed to guarantee the ISS of CPSs with economic communication. Moreover, the occurrence of Zeno behavior can be eliminated by providing the existence of a lower positive bound of any two inter-event times. Then, a recursive model of asynchronous DoS attacks is introduced. A resilient control update strategy is proposed and further analyzed to derive the stability criterion of CPSs. At last, a numerical simulation example is given to demonstrate the effectiveness of the introduced control update policy.

Li Zhao,Wei Li,YaJie Li

DOI: https://doi.org/10.1177/00202940221092101

2022-08-09

Measurement and Control

Abstract:Measurement and Control, Ahead of Print. In this study, a co-design method of dual security control and communication is investigated for a nonlinear cyber–physical system (CPS) with an actuator fault and false data injection (FDI) attacks. First, under the discrete event trigger communication scheme, considering the different effects of actuator fault and FDI attacks on a double-end network, a dual security control strategy with active fault-tolerance and active–passive attack-tolerance is proposed. It can accommodate an actuator fault, actively compensate an actuator FDI attack, and passively resist a sensor FDI attack, respectively, thereby establishing a new dual security control framework with fault-tolerance and attack-tolerance. Moreover, the Takagi–Sugeno (T-S) fuzzy model for the nonlinear CPS is established under this framework. Second, by constructing an appropriate Lyapunov–Krasovskii functional and introducing the time-delay theory and the affine Bessel–Legendre inequality, lesser conservative design methods of a robust augmented observer for the estimation of the state, FDI attacks, and fault as well as a dual security controller are obtained. Finally, a classical quadruple-tank model is used to show the validity and feasibility of the proposed method.

automation & control systems,instruments & instrumentation

Baoling Miao,Qiang Zeng,Lei Liu

DOI: https://doi.org/10.1049/cth2.12616

IF: 2.67

2024-01-11

IET Control Theory and Applications

Abstract:This work develops a novel event‐triggered controller for the cyber‐physical systems to solve the problem with unknown false data injection attacks and state constraints, which saves communication resources and improves the working efficiency of the system. In this paper, an adaptive event‐triggered control scheme is proposed for a class of continuous‐time linear cyber‐physical systems (CPSs) with unknown false data injection attacks (FDIA) and state constraints. First, the adaptive boundary estimation mechanism and Nussbaum‐type function are introduced into the two‐step backstepping control, which successfully reduces the impact of unknown attack gain. Second, considering that the Nussbaum function causes the chattering problem of the system state, the Tangent Barrier Lyapunov function (TBLF) is used to constrain the state. Then, the controller is designed in combination with the event‐triggered mechanism (ETM), which saves communication resources. Based on the designed adaptive event‐triggered security control method, all signals of the closed‐loop system can be guaranteed to be bounded, and the state constraints are not violated. Finally, the simulation results verify the effectiveness and rationality of the proposed control strategy.

automation & control systems,engineering, electrical & electronic,instruments & instrumentation

Xiao-Lei Wang

DOI: https://doi.org/10.1016/j.ins.2021.09.042

IF: 8.1

2021-12-01

Information Sciences

Abstract:This paper is concerned with the design of false data injection attacks (FDIAs) against fault detectors (FD) for linear cyber-physical systems (CPSs). The purpose of the attacker is to design an stealthy attack scheme such that the defenders cannot detect the faults in time or fail to detect the faults, and at the same time the robustness of the CPS is deteriorated. Unlike the existing optimal attack strategies (OASs) that are established based on sufficient conditions, necessary and sufficient conditions (NASCs) are established to maximize the degradation of the FD performance and robustness of CPS while maintaining stealth. Subsequently, an OAS is constructed by solving coupled backward recursive Riccati difference equations (RDEs). Finally, two simulation examples are employed to show the effectiveness of the designed attack scheme.

computer science, information systems

Younan Zhao,Peng Gu,Fanglai Zhu,Tianyi Liu,Runjie Shen

DOI: https://doi.org/10.1016/j.amc.2023.127908

IF: 4.397

2023-01-01

Applied Mathematics and Computation

Abstract:In this paper, based on finite-frequency domain H 00 control techniques, security control issues are investigated for a cyber-physical system (CPS) suffering from false data injection (FDI) attacks on sensors and actuators, where the real system in the physical layer is a complex network system . First, for each subsystem of the complex network system, an H 00 proportion integral (PI) observer is designed to estimate the system states and attack signals on the sensors and actuators simultaneously. Second, a state feedback controller with attack compensation is proposed using the estimates of the attack signals and the states. Thus, an observer-based security control strategy against FDI attack is set up and the stability analysis is accomplished by frequency domain H 00 control techniques. Finally, a simulation example is given to illustrate the better performance of the proposed methods compared with the traditional H 00 method.(c) 2023 Elsevier Inc. All rights reserved.

Xiaojie Huang,Zhiqiang Li,Da-Wei Ding

DOI: https://doi.org/10.1016/j.jfranklin.2022.07.050

IF: 4.246

2022-08-05

Journal of the Franklin Institute

Abstract:This paper investigates the problem of finite-time attack detection for nonlinear complex cyber-physical networks under false data injection (FDI) attacks. Firstly, a Takagi-Sugeno (T-S) fuzzy model is used to approximate nonlinear complex cyber-physical networks in which the measurement channels are injected by FDI attacks. Secondly, based on adding a power integrator technique, a finite-time fuzzy observer is designed to achieve the rapid state observation of complex cyber-physical networks within a finite time by adjusting the observer parameters. Then, an attack detection mechanism consisting of the finite-time fuzzy observer and an attack detector is developed to detect FDI attacks, which can trigger an alarm within a finite time when FDI attacks occur. Finally, simulation results are given to show the effectiveness and superiority of the proposed method.

automation & control systems,engineering, electrical & electronic, multidisciplinary,mathematics, interdisciplinary applications

Wei Fu,Yunqi Yan,Ying Chen,Zhisheng Wang,Danlong Zhu,Longxing Jin

DOI: https://doi.org/10.1049/stg2.12141

2023-11-16

IET Smart Grid

Abstract:This study introduces the temporal FDI (TFDI) attack and its detection countermeasure. The attack utilises a deep Q network (DQN) algorithm driven by temporal observations and employs long short‐term memory (LSTM) cells to capture time‐series measurements. A countermeasure based on binary classifiers is also introduced, which detects suspicious local measurements to effectively identify TFDI attacks. False data injection (FDI) attacks are serious threats to a cyber‐physical power system (CPPS), which may be launched by a malicious software or virus accessing only the measurements from one substation. This study proposes a novel attack method named the temporal FDI (TFDI) attack. Namely, the virus makes decisions based on temporal observations of the CPPS, and the attack is driven by a deep Q network (DQN) algorithm. As DQN takes vectors of continuous variables as input states, the proposed method is free of the state space explosion problem, which helps the virus to learn the optimal attack strategy efficiently. Moreover, for adopting time‐series measurements as quasi‐dynamic observations, long short‐term memory cells are employed as a layer of the Q network. The TFDI attack enables the virus to discern trends of load variations and enhance the attack's effectiveness. Meanwhile, a countermeasure is also presented to detect the proposed FDI attack. Binary classifiers are trained for each bus to detect suspicious local measurements according to their deviations from system‐state manifolds. When suspicious measurements are spotted frequently, the corresponding bus is believed to be under FDI attacks. Test cases validate the efficacy of the proposed FDI attack method as well as its countermeasure.

Yifan Hu,Peidong Zhu,Peng Xun,Bo Liu,Wenjie Kang,Yinqiao Xiong,Weiheng Shi

DOI: https://doi.org/10.1016/j.cose.2021.102465

2021-12-01

Abstract:Cyber-physical system (CPS) like smart grid deeply integrated with communication networks are often subjected to sophisticated cyber-attacks like false data injection attack (FDIA) with a strong capability of strategic reconnaissance required to learn the environment, where the static characteristics of the system enable easier profiling of the critical infrastructure resources by the adversary. In this paper, we propose a cyber-physical moving target defense (CPMTD) mechanism that focuses on both attack prevention and detection to mitigate such static vulnerabilities and provide combined protections for power system. For attack prevention, we design the Cyber-MTD strategy to disrupt and mislead attack preparation by randomizing data acquisitions with controlled change across multiple system dimensions based on protocol oblivious forwarding (POF) among trusted peer devices in SCADA networks. For attack detection, we design the Physical-MTD strategy to improve the detection probability of FDIAs by periodically changing the measurement matrix of state estimation based on the D-FACTS devices' capability of perturbing the transmission line susceptances in power grids and explore the optimal perturbation in transmission line susceptances based on a cost-benefit analysis. Finally, we discuss two attack cases for network security analysis and evaluate the impact on network performance. Simulations on IEEE 14-bus and 57-bus systems verify the improvement of FDIA detection without significantly increasing operation cost.

computer science, information systems

Yang Gao,Jiaqi Wang,Jiali Ma,Yifei Wu

DOI: https://doi.org/10.1109/TCSII.2022.3217823

2023-01-01

Abstract:This brief investigates the event-triggered adaptive fixed-time secure control problem for nonlinear cyber-physical systems (CPSs) under false data-injection attacks. By employing adding a power integrator technique, an adaptive controller along with the triggering mechanism is designed by using the compromised state variables. To compensate the effect of the unknown attacks, a dynamic switching function is introduced into the controller and a corresponding switching mechanism is developed based on the fixed-time stability theorem. Under the adaptive secure control scheme, the dynamic controller parameter can be regulated online to compensate the cyber attacks such that the fixed-time stability can be ensured for the considered nonlinear CPSs and Zeno behavior can be avoided. A simulation example is given to demonstrate the effectiveness of the proposed control strategy.

Computer Science,Engineering