State of the art of cyber-physical systems security: An automatic control perspective

Cyber-physical systems are integrations of computation, networking, and physical processes. Due to the tight cyber-physical coupling and to the potentially disrupting consequences of failures, security here is one of the primary concerns. Our systematic mapping study sheds light on how security is actually addressed when dealing with cyber-physical systems from an automatic control perspective. The provided map of 138 selected studies is defined empirically and is based on, for instance, application fields, various system components, related algorithms and models, attacks characteristics and defense strategies. It presents a powerful comparison framework for existing and future research on this hot topic, important for both industry and academia

Performance analysis with network-enhanced complexities: On fading measurements, event-triggered mechanisms, and cyber attacks

Copyright © 2014 Derui Ding et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.Nowadays, the real-world systems are usually subject to various complexities such as parameter uncertainties, time-delays, and nonlinear disturbances. For networked systems, especially large-scale systems such as multiagent systems and systems over sensor networks, the complexities are inevitably enhanced in terms of their degrees or intensities because of the usage of the communication networks. Therefore, it would be interesting to (1) examine how this kind of network-enhanced complexities affects the control or filtering performance; and (2) develop some suitable approaches for controller/filter design problems. In this paper, we aim to survey some recent advances on the performance analysis and synthesis with three sorts of fashionable network-enhanced complexities, namely, fading measurements, event-triggered mechanisms, and attack behaviors of adversaries. First, these three kinds of complexities are introduced in detail according to their engineering backgrounds, dynamical characteristic, and modelling techniques. Then, the developments of the performance analysis and synthesis issues for various networked systems are systematically reviewed. Furthermore, some challenges are illustrated by using a thorough literature review and some possible future research directions are highlighted.This work was supported in part by the National Natural Science Foundation of China under Grants 61134009, 61329301, 61203139, 61374127, and 61374010, the Royal Society of the UK, and the Alexander von Humboldt Foundation of Germany

Stability analysis of token-based wireless networked control systems under deception attacks

Currently, cyber-security has attracted a lot of attention, in particular in wireless industrial control networks (WICNs). In this paper, the stability of wireless networked control systems (WNCSs) under deception, attacks is studied with a token-based protocol applied to the data link layer (DLL) of WICNS. Since deception attacks cause the stability problem of WNCSs by changing the data transmitted over a wireless network, it is important to detect deception attacks, discard the injected false data and compensate for the missing data (i.e., the discarded original data with the injected false data). The main contributions of this paper are: 1) With respect to the character of the token-based protocol, a switched system model is developed. Different from the traditional switched system where the number of subsystems is fixed, in our new model this number will be changed under deception attacks. 2) For this model, a new Kalman filter (KF) is developed for the purpose of attack detection and the missing data reconstruction. 3) For the given linear feedback WNCSs, when the noise level is below a threshold derived in this paper, the maximum allowable duration of deception attacks is obtained to maintain the exponential stability of the system. Finally, a numerical example based on a linearized model of an inverted pendulum is provided to demonstrate the proposed design

On Reachable Sets of Hidden CPS Sensor Attacks

For given system dynamics, observer structure, and observer-based fault/attack detection procedure, we provide mathematical tools -- in terms of Linear Matrix Inequalities (LMIs) -- for computing outer ellipsoidal bounds on the set of estimation errors that attacks can induce while maintaining the alarm rate of the detector equal to its attack-free false alarm rate. We refer to these sets to as hidden reachable sets. The obtained ellipsoidal bounds on hidden reachable sets quantify the attacker's potential impact when it is constrained to stay hidden from the detector. We provide tools for minimizing the volume of these ellipsoidal bounds (minimizing thus the reachable sets) by redesigning the observer gains. Simulation results are presented to illustrate the performance of our tools