A virtual actuator approach for the secure control of networked LPV systems under pulse-width modulated DoS attacks

In this paper, we formulate and analyze the problem of secure control in the context of networked linear parameter varying (LPV) systems. We consider an energy-constrained, pulse-width modulated (PWM) jammer, which corrupts the control communication channel by performing a denial-of-service (DoS) attack. In particular, the malicious attacker is able to erase the data sent to one or more actuators. In order to achieve secure control, we propose a virtual actuator technique under the assumption that the behavior of the attacker has been identified. The main advantage brought by this technique is that the existing components in the control system can be maintained without need of retuning them, since the virtual actuator will perform a reconfiguration of the plant, hiding the attack from the controller point of view. Using Lyapunov-based results that take into account the possible behavior of the attacker, design conditions for calculating the virtual actuators gains are obtained. A numerical example is used to illustrate the proposed secure control strategy.Peer ReviewedPostprint (author's final draft

Dual Rate Control for Security in Cyber-physical Systems

We consider malicious attacks on actuators and sensors of a feedback system which can be modeled as additive, possibly unbounded, disturbances at the digital (cyber) part of the feedback loop. We precisely characterize the role of the unstable poles and zeros of the system in the ability to detect stealthy attacks in the context of the sampled data implementation of the controller in feedback with the continuous (physical) plant. We show that, if there is a single sensor that is guaranteed to be secure and the plant is observable from that sensor, then there exist a class of multirate sampled data controllers that ensure that all attacks remain detectable. These dual rate controllers are sampling the output faster than the zero order hold rate that operates on the control input and as such, they can even provide better nominal performance than single rate, at the price of higher sampling of the continuous output

Detection of replay attacks in CPSs using observer-based signature compensation

© 2019 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.This paper presents a replay attack detection method that addresses the performance loss of watermarking-based approaches. The proposed method injects a sinusoidal signal that affects a subset, chosen at random, of the system outputs. The presence of the signal in each one of the outputs is estimated by means of independent observers and its effect is compensated in the control loop. When a system output is affected by a replay attack, the loss of feedback of the associated observer destabilizes the signal estimation, leading to an exponential increase of the estimation error up to a threshold, above which the estimated signal compensation in the control loop is disabled. This event triggers the detection of a replay attack over the output corresponding to the disrupted observer. The effectiveness of the method is demonstrated using results obtained with a quadruple-tank system simulator.Peer ReviewedPostprint (author's final draft