Security of Linear Control Systems

The coming decades may see the large scale deployment of networked cyber-physical systems to address global needs in areas such as energy, water, healthcare, and transportation. However, as recent events have shown, such systems are vulnerable to cyber attacks. They are not only econoically important, but being safety critical, their disruption or misbehavior can also cause injuries and loss of life. It is therefore important to secure such networked cyber-physical systems against attacks. In the absence of credible security guarantees, there will be resistance to the proliferation of cyber-physical systems, which are much needed to meet global needs in critical infrastructures and services. This study addresses the problem of secure control of networked cyber-physical systems. This problem is different from the problem of securing the communication network, since cyberphysical systems at their very essence need sensors and actuators that interface with the physical plant, and malicious agents may tamper with sensors or actuators, as recent attacks have shown. We consider physical plants that are being controlled by multiple actuators and sensors communicating over a network, where some sensors and actuators could be “malicious." A malicious sensor may not report the measurement that it observes truthfully, while a malicious actuator may not apply actuation signals in accordance with the designed control policy. In the first part of this work, we introduce, against this backdrop, the notions of securable and unsecurable subspaces of a linear dynamical system, and show that they have important operational meanings for both deterministic and stochastic linear dynamical systems in the context of secure control. These subspaces may be regarded as analogs of the controllable and unobservable subspaces reexamined in an era where there is intense interest in cybersecurity of control systems. In the second part of the work, we propose a general technique, termed “Dynamic Watermarking,” by which honest nodes in the system can detect the actions of malicious nodes, and disable closed-loop control based on their information. Dynamic Watermarking employs the technique of honest actuators injecting a “small" random noise, known as private excitation, into the system which will reveal tampering of measurements by malicious sensors. We lay the foundations for the theory for how such an active defense can be used to secure networked systems of sensors and actuators

Security of Linear Control Systems

The coming decades may see the large scale deployment of networked cyber-physical systems to address global needs in areas such as energy, water, healthcare, and transportation. However, as recent events have shown, such systems are vulnerable to cyber attacks. They are not only econoically important, but being safety critical, their disruption or misbehavior can also cause injuries and loss of life. It is therefore important to secure such networked cyber-physical systems against attacks. In the absence of credible security guarantees, there will be resistance to the proliferation of cyber-physical systems, which are much needed to meet global needs in critical infrastructures and services. This study addresses the problem of secure control of networked cyber-physical systems. This problem is different from the problem of securing the communication network, since cyberphysical systems at their very essence need sensors and actuators that interface with the physical plant, and malicious agents may tamper with sensors or actuators, as recent attacks have shown. We consider physical plants that are being controlled by multiple actuators and sensors communicating over a network, where some sensors and actuators could be “malicious." A malicious sensor may not report the measurement that it observes truthfully, while a malicious actuator may not apply actuation signals in accordance with the designed control policy. In the first part of this work, we introduce, against this backdrop, the notions of securable and unsecurable subspaces of a linear dynamical system, and show that they have important operational meanings for both deterministic and stochastic linear dynamical systems in the context of secure control. These subspaces may be regarded as analogs of the controllable and unobservable subspaces reexamined in an era where there is intense interest in cybersecurity of control systems. In the second part of the work, we propose a general technique, termed “Dynamic Watermarking,” by which honest nodes in the system can detect the actions of malicious nodes, and disable closed-loop control based on their information. Dynamic Watermarking employs the technique of honest actuators injecting a “small" random noise, known as private excitation, into the system which will reveal tampering of measurements by malicious sensors. We lay the foundations for the theory for how such an active defense can be used to secure networked systems of sensors and actuators

Bibliographical review on cyber attacks from a control oriented perspective

This paper presents a bibliographical review of definitions, classifications and applications concerning cyber attacks in networked control systems (NCSs) and cyber-physical systems (CPSs). This review tackles the topic from a control-oriented perspective, which is complementary to information or communication ones. After motivating the importance of developing new methods for attack detection and secure control, this review presents security objectives, attack modeling, and a characterization of considered attacks and threats presenting the detection mechanisms and remedial actions. In order to show the properties of each attack, as well as to provide some deeper insight into possible defense mechanisms, examples available in the literature are discussed. Finally, open research issues and paths are presented.Peer ReviewedPostprint (author's final draft

A virtual actuator approach for the secure control of networked LPV systems under pulse-width modulated DoS attacks

In this paper, we formulate and analyze the problem of secure control in the context of networked linear parameter varying (LPV) systems. We consider an energy-constrained, pulse-width modulated (PWM) jammer, which corrupts the control communication channel by performing a denial-of-service (DoS) attack. In particular, the malicious attacker is able to erase the data sent to one or more actuators. In order to achieve secure control, we propose a virtual actuator technique under the assumption that the behavior of the attacker has been identified. The main advantage brought by this technique is that the existing components in the control system can be maintained without need of retuning them, since the virtual actuator will perform a reconfiguration of the plant, hiding the attack from the controller point of view. Using Lyapunov-based results that take into account the possible behavior of the attacker, design conditions for calculating the virtual actuators gains are obtained. A numerical example is used to illustrate the proposed secure control strategy.Peer ReviewedPostprint (author's final draft

An Observer-Based Key Agreement Scheme for Remotely Controlled Mobile Robots

Remotely controlled mobile robots are important examples of Cyber-Physical Systems (CPSs). Recently, these robots are being deployed in many safety critical applications. Therefore, ensuring their cyber-security is of paramount importance. Different control schemes that have been proposed to secure such systems against sophisticated cyber-attacks require the exchange of secret messages between their smart actuators and the remote controller. Thus, these schemes require pre-shared secret keys, or an established Public Key Infrastructure (PKI) that allows for key agreement. Such cryptographic approaches might not always be suitable for the deployment environments of such remotely mobile robots. To address this problem, in this paper, we consider a control theoretic approach for establishing a secret key between the remotely controlled robot and the networked controller without resorting to traditional cryptographic techniques. Our key agreement scheme leverages a nonlinear unknown input observer and an error correction code mechanism to allow the robot to securely agree on a secret key with its remote controller. To validate the proposed scheme, we implement it using a Khepera-IV differential drive robot and evaluate its efficiency and the additional control cost acquired by it. Our experimental results confirm the effectiveness of the proposed key establishment scheme.Comment: This preprint has been submitted to the 2023 IFAC World Congres

Supporting Cyber-Physical Systems with Wireless Sensor Networks: An Outlook of Software and Services

Sensing, communication, computation and control technologies are the essential building blocks of a cyber-physical system (CPS). Wireless sensor networks (WSNs) are a way to support CPS as they provide fine-grained spatial-temporal sensing, communication and computation at a low premium of cost and power. In this article, we explore the fundamental concepts guiding the design and implementation of WSNs. We report the latest developments in WSN software and services for meeting existing requirements and newer demands; particularly in the areas of: operating system, simulator and emulator, programming abstraction, virtualization, IP-based communication and security, time and location, and network monitoring and management. We also reflect on the ongoing efforts in providing dependable assurances for WSN-driven CPS. Finally, we report on its applicability with a case-study on smart buildings