An Analytical Framework for Control Synthesis of Cyber-Physical Systems with Safety Guarantee

Cyber-physical systems (CPS) are required to operate safely under fault and malicious attacks. The simplex architecture and the recently proposed cyber resilient architectures, e.g., Byzantine fault tolerant++ (BFT++), provide safety for CPS under faults and malicious cyber attacks, respectively. However, these existing architectures make use of different timing parameters and implementations to provide safety, and are seemingly unrelated. In this paper, we propose an analytical framework to represent the simplex, BFT++ and other practical cyber resilient architectures (CRAs). We construct a hybrid system that models CPS adopting any of these architectures. We derive sufficient conditions via our proposed framework under which a control policy is guaranteed to be safe. We present an algorithm to synthesize the control policy. We validate the proposed framework using a case study on lateral control of a Boeing 747, and demonstrate that our proposed approach ensures safety of the system

A Compositional Approach to Safety-Critical Resilient Control for Systems with Coupled Dynamics

Complex, interconnected Cyber-physical Systems (CPS) are increasingly common in applications including smart grids and transportation. Ensuring safety of interconnected systems whose dynamics are coupled is challenging because the effects of faults and attacks in one sub-system can propagate to other sub-systems and lead to safety violations. In this paper, we study the problem of safety-critical control for CPS with coupled dynamics when some sub-systems are subject to failure or attack. We first propose resilient-safety indices (RSIs) for the faulty or compromised sub-systems that bound the worst-case impacts of faulty or compromised sub-systems on a set of specified safety constraints. By incorporating the RSIs, we provide a sufficient condition for the synthesis of control policies in each failure- and attack- free sub-systems. The synthesized control policies compensate for the impacts of the faulty or compromised sub-systems to guarantee safety. We formulate sum-of-square optimization programs to compute the RSIs and the safety-ensuring control policies. We present a case study that applies our proposed approach on the temperature regulation of three coupled rooms. The case study demonstrates that control policies obtained using our algorithm guarantee system's safety constraints

Exploiting visual cues for safe and flexible cyber-physical production systems

Human workers are envisioned to work alongside robots and other intelligent factory modules, and fulfill supervision tasks in future smart factories. Technological developments, during the last few years, in the field of smart factory automation have introduced the concept of cyber-physical systems, which further expanded to cyber-physical production systems. In this context, the role of collaborative robots is significant and depends largely on the advanced capabilities of collision detection, impedance control, and learning new tasks based on artificial intelligence. The system components, collaborative robots, and humans need to communicate for collective decision-making. This requires processing of shared information keeping in consideration the available knowledge, reasoning, and flexible systems that are resilient to the real-time dynamic changes on the industry floor as well as within the communication and computer network infrastructure. This article presents an ontology-based approach to solve industrial scenarios for safety applications in cyber-physical production systems. A case study of an industrial scenario is presented to validate the approach in which visual cues are used to detect and react to dynamic changes in real time. Multiple scenarios are tested for simultaneous detection and prioritization to enhance the learning surface of the intelligent production system with the goal to automate safety-based decisions

Design science research towards resilient cyber-physical eHealth systems

Most eHealth systems are cyber-physical systems (CPSs) making safety-critical decisions based on information from other systems not known during development. In this design science research, a conceptual resilience governance framework for eHealth CPSs is built utilizing 1) cybersecurity initiatives, standards and frameworks, 2) science of design for software-intensive systems and 3) empowering cyber trust and resilience. According to our study, a resilient CPS consists of two sub-systems: the proper resilient system and the situational awareness system. In a system of CPSs, three networks are composed: platform, software and social network. The resilient platform network is the basis on which information sharing between stakeholders could be created via software layers. However, the trust inside social networks quantifies the pieces of information that will be shared - and with whom. From citizens’ point of view, eHealth is wholeness in which requirements of information security hold true. Present procedures emphasize confidentiality at the expense of integrity and availability, and regulations/instructions are used as an excuse not to change even vital information. The mental-picture of cybersecurity should turn from “threat, crime, attack” to “trust” and “resilience”. Creating confidence in safe digital future is truly needed in the integration of the digital and physical world’s leading to a new digital revolution. The precondition for the exchange of information “trust” must be systematically built at every CPS’ level. In health sector, increasingly interconnected social, technical and economic networks create large complex CPSs, and risk assessment of many individual components becomes cost and time prohibitive. When no-one can control all aspects of CPSs, protection-based risk management is not enough to help prepare for and prevent consequences of foreseeable events, but resilience must be built into systems to help them quickly recover and adapt when adverse events do occur.Most eHealth systems are cyber-physical systems (CPSs) making safety-critical decisions based on information from other systems not known during development. In this design science research, a conceptual resilience governance framework for eHealth CPSs is built utilizing 1) cybersecurity initiatives, standards and frameworks, 2) science of design for software-intensive systems and 3) empowering cyber trust and resilience. According to our study, a resilient CPS consists of two sub-systems: the proper resilient system and the situational awareness system. In a system of CPSs, three networks are composed: platform, software and social network. The resilient platform network is the basis on which information sharing between stakeholders could be created via software layers. However, the trust inside social networks quantifies the pieces of information that will be shared - and with whom. From citizens’ point of view, eHealth is wholeness in which requirements of information security hold true. Present procedures emphasize confidentiality at the expense of integrity and availability, and regulations/instructions are used as an excuse not to change even vital information. The mental-picture of cybersecurity should turn from “threat, crime, attack” to “trust” and “resilience”. Creating confidence in safe digital future is truly needed in the integration of the digital and physical world’s leading to a new digital revolution. The precondition for the exchange of information “trust” must be systematically built at every CPS’ level. In health sector, increasingly interconnected social, technical and economic networks create large complex CPSs, and risk assessment of many individual components becomes cost and time prohibitive. When no-one can control all aspects of CPSs, protection-based risk management is not enough to help prepare for and prevent consequences of foreseeable events, but resilience must be built into systems to help them quickly recover and adapt when adverse events do occur

Characterization of Multi-Channel Denial-of-Service and Full-Scale Denial-of-Service

Over the past decades, interest in enhancing the safety of cyber-physical systems (CPSs) has risen. The systems and control research society has recognised that the embedded closed-loop in integrated systems may be damaged if attackers can execute a successful malicious attack. This article examines the resilient control problem for CPSs with numerous transmission channels under Denial-of-Service (DoS). First, a partial observer technique is developed in response to the Multi-Channel DoS (MCDoS) condition. The changing frequency of MCDoS is characterized while maintaining the Global Asymptotic Stability (GAS) of the closed loop system. The partial observer is modified then to reduce the effect of the changing frequency of MCDoS in the system. Then a resilient event-based feedback control scheme is developed to address the Full-Scale DoS (FSDoS). We depict the changing frequency of MCDoS and the frequency and duration of FSDoS, allowing the feedback system's Global Asymptotic Stability (GAS) to be maintained. We regard event-based controllers for which a minimal inter-sample time is precisely formulated in response to the existence of digital channels

A Resilient Control Approach to Secure Cyber Physical Systems (CPS) with an Application on Connected Vehicles

The objective of this dissertation is to develop a resilient control approach to secure Cyber Physical Systems (CPS) against cyber-attacks, network failures and potential physical faults. Despite being potentially beneficial in several aspects, the connectivity in CPSs poses a set of specific challenges from safety and reliability standpoint. The first challenge arises from unreliable communication network which affects the control/management of overall system. Second, faulty sensors and actuators can degrade the performance of CPS and send wrong information to the controller or other subsystems of the CPS. Finally, CPSs are vulnerable to cyber-attacks which can potentially lead to dangerous scenarios by affecting the information transmitted among various components of CPSs. Hence, a resilient control approach is proposed to address these challenges. The control approach consists of three main parts:(1) Physical fault diagnostics: This part makes sure the CPS works normally while there is no cyber-attacks/ network failure in the communication network; (2) Cyber-attack/failure resilient strategy: This part consists of a resilient strategy for specific cyber-attacks to compensate for their malicious effects ; (3) Decision making algorithm: The decision making block identifies the specific existing cyber-attacks/ network failure in the system and deploys corresponding control strategy to minimize the effect of abnormality in the system performance. In this dissertation, we consider a platoon of connected vehicle system under Co-operative Adaptive Cruise Control (CACC) strategy as a CPS and develop a resilient control approach to address the aforementioned challenges. The first part of this dissertation investigates fault diagnostics of connected vehicles assuming ideal communication network. Very few works address the real-time diagnostics problem in connected vehicles. This study models the effect of different faults in sensors and actuators, and also develops fault diagnosis scheme for detectable and identifiable faults. The proposed diagnostics scheme is based on sliding model observers to detect, isolate and estimate faults in the sensors and actuators. One of the main advantages of sliding model approach lies in applicability to nonlinear systems. Therefore, the proposed method can be extended for other nonlinear cyber physical systems as well. The second part of the proposed research deals with developing strategies to maintain performance of cyber-physical systems close to the normal, in the presence of common cyber-attacks and network failures. Specifically, the behavior of Dedicated Short-Range Communication (DSRC) network is analyzed under cyber-attacks and failures including packet dropping, Denial of Service (DOS) attack and false data injection attack. To start with, packet dropping in network communication is modeled by Bernoulli random variable. Then an observer based modifying algorithm is proposed to modify the existing CACC strategy against the effect of packet dropping phenomena. In contrast to the existing works on state estimation over imperfect communication network in CPS which mainly use either holding previous received data or Kalman filter with intermittent observation, a combination of these two approaches is used to construct the missing data over packet dropping phenomena. Furthermore, an observer based fault diagnostics based on sliding mode approach is proposed to detect, isolate and estimate sensor faults in connected vehicles platoon. Next, Denial of Service (DoS) attack is considered on the communication network. The effect of DoS attack is modeled as an unknown stochastic delay in data delivery in the communication network. Then an observer based approach is proposed to estimate the real data from the delayed measured data over the network. A novel approach based on LMI theory is presented to design observer and estimate the states of the system via delayed measurements. Next, we explore and alternative approach by modeling DoS with unknown constant time delay and propose an adaptive observer to estimate the delay. Furthermore, we study the effects of system uncertainties on the DoS algorithm. In the third algorithm, we considered a general CPS with a saturated DoS attack modeled with constant unknown delay. In this part, we modeled the DoS via a PDE and developed a PDE based observer to estimate the delay as well as states of the system while the only available measurements are delayed. Furthermore, as the last cyber-attack of the second part of the dissertation, we consider false data injection attack as the fake vehicle identity in the platoon of vehicles. In this part, we develop a novel PDE-based modeling strategy for the platoon of vehicles equipped with CACC. Moreover, we propose a PDE based observer to detect and isolate the location of the false data injection attack injected into the platoon as fake identity. Finally, the third part of the dissertation deals with the ongoing works on an optimum decision making strategy formulated via Model Predictive Control (MPC). The decision making block is developed to choose the optimum strategy among available strategies designed in the second part of the dissertation