34 research outputs found
Event-triggered control systems under denial-of-service attacks
In this paper, we propose a systematic design framework for output-based dynamic event-triggered control (ETC) systems under Denial-of-Service (DoS) attacks. These malicious DoS attacks are intended to interfere with the communication channel causing periods in time at which transmission of measurement data is impossible. We show that the proposed ETC scheme, if well designed, can tolerate a class of DoS signals characterized by frequency and duration properties without jeopardizing the stability, performance and Zeno-freeness of the ETC system. In fact, the design procedure of the ETC condition allows trade-offs between performance, robustness to DoS attacks and utilization of communication resources. The main results will be illustrated by means of a numerical example
An Unknown Input Multi-Observer Approach for Estimation, Attack Isolation, and Control of LTI Systems under Actuator Attacks
We address the problem of state estimation, attack isolation, and control for
discrete-time Linear Time Invariant (LTI) systems under (potentially unbounded)
actuator false data injection attacks. Using a bank of Unknown Input Observers
(UIOs), each observer leading to an exponentially stable estimation error in
the attack-free case, we propose an estimator that provides exponential
estimates of the system state and the attack signals when a sufficiently small
number of actuators are attacked. We use these estimates to control the system
and isolate actuator attacks. Simulations results are presented to illustrate
the performance of the results
Learning-based attacks in cyber-physical systems
We introduce the problem of learning-based attacks in a simple abstraction of
cyber-physical systems---the case of a discrete-time, linear, time-invariant
plant that may be subject to an attack that overrides the sensor readings and
the controller actions. The attacker attempts to learn the dynamics of the
plant and subsequently override the controller's actuation signal, to destroy
the plant without being detected. The attacker can feed fictitious sensor
readings to the controller using its estimate of the plant dynamics and mimic
the legitimate plant operation. The controller, on the other hand, is
constantly on the lookout for an attack; once the controller detects an attack,
it immediately shuts the plant off. In the case of scalar plants, we derive an
upper bound on the attacker's deception probability for any measurable control
policy when the attacker uses an arbitrary learning algorithm to estimate the
system dynamics. We then derive lower bounds for the attacker's deception
probability for both scalar and vector plants by assuming a specific
authentication test that inspects the empirical variance of the system
disturbance. We also show how the controller can improve the security of the
system by superimposing a carefully crafted privacy-enhancing signal on top of
the "nominal control policy." Finally, for nonlinear scalar dynamics that
belong to the Reproducing Kernel Hilbert Space (RKHS), we investigate the
performance of attacks based on nonlinear Gaussian-processes (GP) learning
algorithms
Towards Stabilization of Distributed Systems under Denial-of-Service
In this paper, we consider networked distributed systems in the presence of
Denial-of-Service (DoS) attacks, namely attacks that prevent transmissions over
the communication network. First, we consider a simple and typical scenario
where communication sequence is purely Round-robin and we explicitly calculate
a bound of attack frequency and duration, under which the interconnected
large-scale system is asymptotically stable. Second, trading-off system
resilience and communication load, we design a hybrid transmission strategy
consisting of Zeno-free distributed event-triggered control and Round-robin. We
show that with lower communication loads, the hybrid communication strategy
enables the systems to have the same resilience as in pure Round-robin
A Multi-Observer Approach for Attack Detection and Isolation of Discrete-Time Nonlinear Systems
We address the problem of attack detection and isolation for a class of
discrete-time nonlinear systems under (potentially unbounded) sensor attacks
and measurement noise. We consider the case when a subset of sensors is subject
to additive false data injection attacks. Using a bank of observers, each
observer leading to an Input-to-State Stable (ISS) estimation error, we propose
two algorithms for detecting and isolating sensor attacks. These algorithms
make use of the ISS property of the observers to check whether the trajectories
of observers are `consistent' with the attack-free trajectories of the system.
Simulations results are presented to illustrate the performance of the proposed
algorithms.Comment: arXiv admin note: text overlap with arXiv:1805.0424
On Joint Reconstruction of State and Input-Output Injection Attacks for Nonlinear Systems
We address the problem of robust state reconstruction for discrete-time
nonlinear systems when the actuators and sensors are injected with (potentially
unbounded) attack signals. Exploiting redundancy in sensors and actuators and
using a bank of unknown input observers (UIOs), we propose an observer-based
estimator capable of providing asymptotic estimates of the system state and
attack signals under the condition that the numbers of sensors and actuators
under attack are sufficiently small. Using the proposed estimator, we provide
methods for isolating the compromised actuators and sensors. Numerical examples
are provided to demonstrate the effectiveness of our methods.Comment: arXiv admin note: text overlap with arXiv:1904.0423
Resilient Consensus Control Design for DC Microgrids against False Data Injection Attacks Using a Distributed Bank of Sliding Mode Observers
This paper investigates the problem of false data injection attack (FDIA) detection in microgrids. The grid under study is a DC microgrid with distributed boost converters, where the false data are injected into the voltage data so as to investigate the effect of attacks. The proposed algorithm uses a bank of sliding mode observers that estimates the states of the neighbor agents. Each agent estimates the neighboring states and, according to the estimation and communication data, the detection mechanism reveals the presence of FDIA. The proposed control scheme provides resiliency to the system by replacing the conventional consensus rule with attack-resilient ones. In order to evaluate the efficiency of the proposed method, a real-time simulation with eight agents has been performed. Moreover, a verification experimental test with three boost converters has been utilized to confirm the simulation results. It is shown that the proposed algorithm is able to detect FDI attacks and it protects the consensus deviation against FDI attacks
Resilient Control Under Denial-of-Service:Results and Research Directions
The question of security is becoming central for the current generation of engineering systems which more and more rely on networks to support monitoring and control tasks. This chapter addresses the question of designing network control systems that are resilient to Denial-of-Service, that is to phenomena which render a communication network unavailable to use. We review recent results in this area and discuss some of the research challenges.</p