Active Fault-Tolerance in Wireless Networked Control Systems

In a Wireless Networked Control System (WNCS), several nodes or components of the system may communicate over the common network that connects them together. Thus, there may be communication taking place between the sensors and the controller nodes, among the controllers themselves, among the sensors themselves, among the actuator themselves, and between the controller and the actuator nodes. The purpose of this communication is to improve the performance of the control system. The performance may be a measurable quantity defined in terms of a performance criterion, as in the case of optimal control or estimation, or it may be a qualitative measure described as a desired behaviour. Each node of the WNCS may act as a decision maker, making control as well as communication decisions. The presence of a network brings in constraints in the design of the control system, as information between the various decision makers must be exchanged according to the rules and dynamics of the network. Our goal is to quantify some of these constraints, and design the control system together with the communication system so as both do their best given the constraints. This work in no way attempts to suggest the best way to design a communication network that suits the needs of a particular control system, but some of the results obtained here may be used in conjunction with other results in forming an understanding as to how to proceed in the design of such systems in the future. The work proposes a novel real-time communication protocol based on the Time Division Multiple Access (TDMA) strategy, which has built-in tolerance against the network-induced effects like lost packets, assuring a highly deterministic and reliable behaviour of the overall networked control system, thus allowing the use of classical control design methods with WNCS. Determinism in the transmission times, for sending and for receiving, is assured by a communication schedule that is dynamically updated based on the conditions of the network and the propagation environment. An advanced experimentation platform has been developed, called WiNC, which demonstrates the efficiency of the protocol with two well-known laboratory benchmarks that have very different dynamics, namely the three-tank system and the inverted pendulum system. Wireless nodes belonging to both systems are coordinated and synchronized by a master node, namely the controller node. The WiNC platform uses only open source software and general-purpose (commercial, off-the shelf) hardware, thus making it with a minimal investment (low cost) a flexible and easily extendable research platform for WNCS. And considering the general trend towards the adoption of Linux as a real-time operating system for embedded system in automation, the developed concepts and algorithms can be ported with minimum effort to the industrial embedded devices which already run Linux

Survivability modeling for cyber-physical systems subject to data corruption

Cyber-physical critical infrastructures are created when traditional physical infrastructure is supplemented with advanced monitoring, control, computing, and communication capability. More intelligent decision support and improved efficacy, dependability, and security are expected. Quantitative models and evaluation methods are required for determining the extent to which a cyber-physical infrastructure improves on its physical predecessors. It is essential that these models reflect both cyber and physical aspects of operation and failure. In this dissertation, we propose quantitative models for dependability attributes, in particular, survivability, of cyber-physical systems. Any malfunction or security breach, whether cyber or physical, that causes the system operation to depart from specifications will affect these dependability attributes. Our focus is on data corruption, which compromises decision support -- the fundamental role played by cyber infrastructure. The first research contribution of this work is a Petri net model for information exchange in cyber-physical systems, which facilitates i) evaluation of the extent of data corruption at a given time, and ii) illuminates the service degradation caused by propagation of corrupt data through the cyber infrastructure. In the second research contribution, we propose metrics and an evaluation method for survivability, which captures the extent of functionality retained by a system after a disruptive event. We illustrate the application of our methods through case studies on smart grids, intelligent water distribution networks, and intelligent transportation systems. Data, cyber infrastructure, and intelligent control are part and parcel of nearly every critical infrastructure that underpins daily life in developed countries. Our work provides means for quantifying and predicting the service degradation caused when cyber infrastructure fails to serve its intended purpose. It can also serve as the foundation for efforts to fortify critical systems and mitigate inevitable failures --Abstract, page iii

Time domain analysis of switching transient fields in high voltage substations

Switching operations of circuit breakers and disconnect switches generate transient currents propagating along the substation busbars. At the moment of switching, the busbars temporarily acts as antennae radiating transient electromagnetic fields within the substations. The radiated fields may interfere and disrupt normal operations of electronic equipment used within the substation for measurement, control and communication purposes. Hence there is the need to fully characterise the substation electromagnetic environment as early as the design stage of substation planning and operation to ensure safe operations of the electronic equipment. This paper deals with the computation of transient electromagnetic fields due to switching within a high voltage air-insulated substation (AIS) using the finite difference time domain (FDTD) metho

Data analytics for stochastic control and prognostics in cyber-physical systems

In this dissertation, several novel cyber fault diagnosis and prognosis and defense methodologies for cyber-physical systems have been proposed. First, a novel routing scheme for wireless mesh network is proposed. An effective capacity estimation for P2P and E2E path is designed to guarantee the vital transmission safety. This scheme can ensure a high quality of service (QoS) under imperfect network condition, even cyber attacks. Then, the imperfection, uncertainties, and dynamics in the cyberspace are considered both in system model and controller design. A PDF identifier is proposed to capture the time-varying delays and its distribution. With the modification of traditional stochastic optimal control using PDF of delays, the assumption of full knowledge of network imperfection in priori is relaxed. This proposed controller is considered a novel resilience control strategy for cyber fault diagnosis and prognosis. After that, we turn to the development of a general framework for cyber fault diagnosis and prognosis schemes for CPSs wherein the cyberspace performance affect the physical system and vice versa. A novel cyber fault diagnosis scheme is proposed. It is capable of detecting cyber fault by monitoring the probability of delays. Also, the isolation of cyber and physical system fault is achieved with cooperating with the traditional observer based physical system fault detection. Next, a novel cyber fault prognosis scheme, which can detect and estimate cyber fault and its negative effects on system performance ahead of time, is proposed. Moreover, soft and hard cyber faults are isolated depending on whether potential threats on system stability is predicted. Finally, one-class SVM is employed to classify healthy and erroneous delays. Then, another cyber fault prognosis based on OCSVM is proposed --Abstract, page iv

Extending Failure Modes and Effects Analysis Approach for Reliability Analysis at the Software Architecture Design Level

Several reliability engineering approaches have been proposed to identify and recover from failures. A well-known and mature approach is the Failure Mode and Effect Analysis (FMEA) method that is usually utilized together with Fault Tree Analysis (FTA) to analyze and diagnose the causes of failures. Unfortunately, both approaches seem to have primarily focused on failures of hardware components and less on software components. Moreover, for utilizing FMEA and FTA very often an existing implementation of the system is required to perform the reliability analysis. We propose extensions to FMEA and FTA to utilize them for the reliability analysis of software at the architecture design level. We present the software architecture reliability analysis approach (SARAH) that incorporates the extended FMEA and FTA. The approach is illustrated using an industrial case for analyzing reliability of the software architecture of a Digital TV