Cyber-Resilient Self-Triggered Distributed Control of Networked Microgrids Against Multi-Layer DoS Attacks

Networked microgrids with high penetration of distributed generators have ubiquitous remote information exchange, which may be exposed to various cyber security threats. This paper, for the first time, addresses a consensus problem in terms of frequency synchronisation in networked microgrids subject to multi-layer denial of service (DoS) attacks, which could simultaneously affect communication, measurement and control actuation channels. A unified notion of Persistency-of-Data-Flow (PoDF) is proposed to characterise the data unavailability in different information network links, and further quantifies the multi-layer DoS effects on the hierarchical system. With PoDF, we provide a sufficient condition of the DoS attacks under which the consensus can be preserved with the proposed edgebased self-triggered distributed control framework. In addition, to mitigate the conservativeness of offline design against the worst-case attack across all agents, an online self-adaptive scheme of the control parameters is developed to fully utilise the latest available information of all data transmission channels. Finally, the effectiveness of the proposed cyber-resilient self-triggered distributed control is verified by representative case studies

Almost Surely T\sqrt{T} Regret Bound for Adaptive LQR

The Linear-Quadratic Regulation (LQR) problem with unknown system parameters has been widely studied, but it has remained unclear whether $\tilde{ \mathcal{O}}(\sqrt{T})$ regret, which is the best known dependence on time, can be achieved almost surely. In this paper, we propose an adaptive LQR controller with almost surely $\tilde{ \mathcal{O}}(\sqrt{T})$ regret upper bound. The controller features a circuit-breaking mechanism, which circumvents potential safety breach and guarantees the convergence of the system parameter estimate, but is shown to be triggered only finitely often and hence has negligible effect on the asymptotic performance of the controller. The proposed controller is also validated via simulation on Tennessee Eastman Process~(TEP), a commonly used industrial process example

Teleoperation of passivity-based model reference robust control over the internet

This dissertation offers a survey of a known theoretical approach and novel experimental results in establishing a live communication medium through the internet to host a virtual communication environment for use in Passivity-Based Model Reference Robust Control systems with delays. The controller which is used as a carrier to support a robust communication between input-to-state stability is designed as a control strategy that passively compensates for position errors that arise during contact tasks and strives to achieve delay-independent stability for controlling of aircrafts or other mobile objects. Furthermore the controller is used for nonlinear systems, coordination of multiple agents, bilateral teleoperation, and collision avoidance thus maintaining a communication link with an upper bound of constant delay is crucial for robustness and stability of the overall system. For utilizing such framework an elucidation can be formulated by preparing site survey for analyzing not only the geographical distances separating the nodes in which the teleoperation will occur but also the communication parameters that define the virtual topography that the data will travel through. This survey will first define the feasibility of the overall operation since the teleoperation will be used to sustain a delay based controller over the internet thus obtaining a hypothetical upper bound for the delay via site survey is crucial not only for the communication system but also the delay is required for the design of the passivity-based model reference robust control. Following delay calculation and measurement via site survey, bandwidth tests for unidirectional and bidirectional communication is inspected to ensure that the speed is viable to maintain a real-time connection. Furthermore from obtaining the results it becomes crucial to measure the consistency of the delay throughout a sampled period to guarantee that the upper bound is not breached at any point within the communication to jeopardize the robustness of the controller. Following delay analysis a geographical and topological overview of the communication is also briefly examined via a trace-route to understand the underlying nodes and their contribution to the delay and round-trip consistency. To accommodate the communication channel for the controller the input and output data from both nodes need to be encapsulated within a transmission control protocol via a multithreaded design of a robust program within the C language. The program will construct a multithreaded client-server relationship in which the control data is transmitted. For added stability and higher level of security the channel is then encapsulated via an internet protocol security by utilizing a protocol suite for protecting the communication by authentication and encrypting each packet of the session using negotiation of cryptographic keys during each session

On Resilient Control for Secure Connected Vehicles: A Hybrid Systems Approach

According to the Internet of Things Forecast conducted by Ericsson, connected devices will be around 29 billion by 2022. This technological revolution enables the concept of Cyber-Physical Systems (CPSs) that will transform many applications, including power-grid, transportation, smart buildings, and manufacturing. Manufacturers and institutions are relying on technologies related to CPSs to improve the efficiency and performances of their products and services. However, the higher the number of connected devices, the higher the exposure to cybersecurity threats. In the case of CPSs, successful cyber-attacks can potentially hamper the economy and endanger human lives. Therefore, it is of paramount importance to develop and adopt resilient technologies that can complement the existing security tools to make CPSs more resilient to cyber-attacks. By exploiting the intrinsically present physical characteristics of CPSs, this dissertation employs dynamical and control systems theory to improve the CPS resiliency to cyber-attacks. In particular, we consider CPSs as Networked Control Systems (NCSs), which are control systems where plant and controller share sensing and actuating information through networks. This dissertation proposes novel design procedures that maximize the resiliency of NCSs to network imperfections (i.e., sampling, packet dropping, and network delays) and denial of service (DoS) attacks. We model CPSs from a general point of view to generate design procedures that have a vast spectrum of applicability while creating computationally affordable algorithms capable of real-time performances. Indeed, the findings of this research aspire to be easily applied to several CPSs applications, e.g., power grid, transportation systems, and remote surgery. However, this dissertation focuses on applying its theoretical outcomes to connected and automated vehicle (CAV) systems where vehicles are capable of sharing information via a wireless communication network. In the first part of the dissertation, we propose a set of LMI-based constructive Lyapunov-based tools for the analysis of the resiliency of NCSs, and we propose a design approach that maximizes the resiliency. In the second part of the thesis, we deal with the design of DOS-resilient control systems for connected vehicle applications. In particular, we focus on the Cooperative Adaptive Cruise Control (CACC), which is one of the most popular and promising applications involving CAVs

Control over the Cloud : Offloading, Elastic Computing, and Predictive Control

The thesis studies the use of cloud native software and platforms to implement critical closed loop control. It considers technologies that provide low latency and reliable wireless communication, in terms of edge clouds and massive MIMO, but also approaches industrial IoT and the services of a distributed cloud, as an extension of commercial-of-the-shelf software and systems.First, the thesis defines the cloud control challenge, as control over the cloud and controller offloading. This is followed by a demonstration of closed loop control, using MPC, running on a testbed representing the distributed cloud.The testbed is implemented using an IoT device, clouds, next generation wireless technology, and a distributed execution platform. Platform details are provided and feasibility of the approach is shown. Evaluation includes relocating an on-line MPC to various locations in the distributed cloud. Offloaded control is examined next, through further evaluation of cloud native software and frameworks. This is followed by three controller designs, tailored for use with the cloud. The first controller solves MPC problems in parallel, to implement a variable horizon controller. The second is a hierarchical design, in which rate switching is used to implement constrained control, with a local and a remote mode. The third design focuses on reliability. Here, the MPC problem is extended to include recovery paths that represent a fallback mode. This is used by a control client if it experiences connectivity issues.An implementation is detailed and examined.In the final part of the thesis, the focus is on latency and congestion. A cloud control client can experience long and variable delays, from network and computations, and used services can become overloaded. These problems are approached by using predicted control inputs, dynamically adjusting the control frequency, and using horizontal scaling of the cloud service. Several examples are shown through simulation and on real clouds, including admitting control clients into a cluster that becomes temporarily overloaded

OpenPLC based control system testbed for PLC whitelisting system

This paper proposes a security testbed system for industrial control systems. In control systems, controllers are final fortresses to continue the operation of field systems. Then, we need countermeasures of controllers. The whitelisting function is efficient in controller security. The whitelisting function registers normal operations in a list and detects unregistered operations as abnormal. We need a testbed system to check whether the whitelist function does not affect other functions of the controller. The industrial controller and its engineering tool are relatively expensive, and are customized with respect to controller vendors. To enhance the whitelist development, this study proposes a testbed system using OpenPLC which is an open-source software. This system is independent of controller vendors and is applicable for controller programming languages. We implement a whitelist based anomaly detection method for the testbed system and validate that the anomaly detection method operates correctly

Towards an access economy model for industrial process control

With the ongoing trend in moving the upper levels of the automation hierarchy to the cloud, there has been investigation into supplying industrial automation as a cloud based service. There are many practical considerations which pose limitations on the feasibility of the idea. This research investigates some of the requirements which would be needed to implement a platform which would facilitate competition between different controllers which would compete to control a process in real-time. This work considers only the issues relating to implementation of the philosophy from a control theoretic perspective, issues relating to hardware/communications infrastructure and cyber security are beyond the scope of this work. A platform is formulated and all the relevant control requirements of the system are discussed. It is found that in order for such a platform to determine the behaviour of a controller, it would need to simulate the controller on a model of the process over an extended period of time. This would require a measure of the disturbance to be available, or at least an estimate thereof. This therefore increases the complexity of the platform. The practicality of implementing such a platform is discussed in terms of system identification and model/controller maintenance. A model of the surge tank from SibanyeStillwater’s Platinum bulk tailings treatment (BTT) plant, the aim of which is to keep the density of the tank outflow constant while maintaining a steady tank level, was derived, linearised and an input-output controllability analysis performed on the model. Six controllers were developed for the process, including four conventional feedback controllers (decentralised PI, inverse, modified inverse and H¥) and two Model Predictive Controllers (MPC) (one linear and another nonlinear). It was shown that both the inverse based and H¥ controllers fail to control the tank level to set-point in the event of an unmeasured disturbance. The competing concept was successfully illustrated on this process with the linear MPC controller being the most often selected controller, and the overall performance of the plant substantially improved by having access to more advanced control techniques, which is facilitated by the proposed platform. A first appendix presents an investigation into a previously proposed switching philosophy [15] in terms of its ability to determine the best controller, as well as the stability of the switching scheme. It is found that this philosophy cannot provide an accurate measure of controller performance owing to the use of one step ahead predictions to analyse controller behaviour. Owing to this, the philosophy can select an unstable controller when there is a stable, well tuned controller competing to control the process. A second appendix shows that there are cases where overall system performance can be improved through the use of the proposed platform. In the presence of constraints on the rate of change of the inputs, a more aggressive controller is shown to be selected so long as the disturbance or reference changes do not cause the controller to violate these input constraints. This means that switching back to a less aggressive controller is necessary in the event that the controller attempts to violate these constraints. This is demonstrated on a simple first order plant as well as the surge tank process. Overall it is concluded that, while there are practical issues surrounding plant and system identification and model/controller maintenance, it would be possible to implement such a platform which would allow a given plant access to advanced process control solutions without the need for procuring the services of a large vendor.Dissertation (MEng)--University of Pretoria, 2020.Electrical, Electronic and Computer EngineeringMEngUnrestricte