Security of Linear Control Systems

The coming decades may see the large scale deployment of networked cyber-physical systems to address global needs in areas such as energy, water, healthcare, and transportation. However, as recent events have shown, such systems are vulnerable to cyber attacks. They are not only econoically important, but being safety critical, their disruption or misbehavior can also cause injuries and loss of life. It is therefore important to secure such networked cyber-physical systems against attacks. In the absence of credible security guarantees, there will be resistance to the proliferation of cyber-physical systems, which are much needed to meet global needs in critical infrastructures and services. This study addresses the problem of secure control of networked cyber-physical systems. This problem is different from the problem of securing the communication network, since cyberphysical systems at their very essence need sensors and actuators that interface with the physical plant, and malicious agents may tamper with sensors or actuators, as recent attacks have shown. We consider physical plants that are being controlled by multiple actuators and sensors communicating over a network, where some sensors and actuators could be “malicious." A malicious sensor may not report the measurement that it observes truthfully, while a malicious actuator may not apply actuation signals in accordance with the designed control policy. In the first part of this work, we introduce, against this backdrop, the notions of securable and unsecurable subspaces of a linear dynamical system, and show that they have important operational meanings for both deterministic and stochastic linear dynamical systems in the context of secure control. These subspaces may be regarded as analogs of the controllable and unobservable subspaces reexamined in an era where there is intense interest in cybersecurity of control systems. In the second part of the work, we propose a general technique, termed “Dynamic Watermarking,” by which honest nodes in the system can detect the actions of malicious nodes, and disable closed-loop control based on their information. Dynamic Watermarking employs the technique of honest actuators injecting a “small" random noise, known as private excitation, into the system which will reveal tampering of measurements by malicious sensors. We lay the foundations for the theory for how such an active defense can be used to secure networked systems of sensors and actuators

Security Defense of Large Scale Networks Under False Data Injection Attacks: An Attack Detection Scheduling Approach

In large scale networks, communication links between nodes are easily injected with false data by adversaries, so this paper proposes a novel security defense strategy to ensure the security of the network from the perspective of attack detection scheduling. Compared with existing attack detection methods, the attack detection scheduling strategy in this paper only needs to detect half of the neighbor node information to ensure the security of the node local state estimation. We first formulate the problem of selecting the sensor to be detected as a combinatorial optimization problem, which is Nondeterminism Polynomial hard (NP-hard). To solve the above problem, we convert the objective function into a submodular function. Then, we propose an attack detection scheduling algorithm based on sequential submodular maximization, which incorporates expert problem to better cope with dynamic attack strategies. The proposed algorithm can run in polynomial time with a theoretical lower bound on the optimization rate. In addition, the proposed algorithm can guarantee the security of the whole network under two kinds of insecurity conditions from the perspective of the augmented estimation error. Finally, a numerical simulation of the industrial continuous stirred tank reactor verifies the effectiveness of the developed approach

Security of Linear Control Systems

The coming decades may see the large scale deployment of networked cyber-physical systems to address global needs in areas such as energy, water, healthcare, and transportation. However, as recent events have shown, such systems are vulnerable to cyber attacks. They are not only econoically important, but being safety critical, their disruption or misbehavior can also cause injuries and loss of life. It is therefore important to secure such networked cyber-physical systems against attacks. In the absence of credible security guarantees, there will be resistance to the proliferation of cyber-physical systems, which are much needed to meet global needs in critical infrastructures and services. This study addresses the problem of secure control of networked cyber-physical systems. This problem is different from the problem of securing the communication network, since cyberphysical systems at their very essence need sensors and actuators that interface with the physical plant, and malicious agents may tamper with sensors or actuators, as recent attacks have shown. We consider physical plants that are being controlled by multiple actuators and sensors communicating over a network, where some sensors and actuators could be “malicious." A malicious sensor may not report the measurement that it observes truthfully, while a malicious actuator may not apply actuation signals in accordance with the designed control policy. In the first part of this work, we introduce, against this backdrop, the notions of securable and unsecurable subspaces of a linear dynamical system, and show that they have important operational meanings for both deterministic and stochastic linear dynamical systems in the context of secure control. These subspaces may be regarded as analogs of the controllable and unobservable subspaces reexamined in an era where there is intense interest in cybersecurity of control systems. In the second part of the work, we propose a general technique, termed “Dynamic Watermarking,” by which honest nodes in the system can detect the actions of malicious nodes, and disable closed-loop control based on their information. Dynamic Watermarking employs the technique of honest actuators injecting a “small" random noise, known as private excitation, into the system which will reveal tampering of measurements by malicious sensors. We lay the foundations for the theory for how such an active defense can be used to secure networked systems of sensors and actuators

Replay Attack Detection in Smart Grids using Switching Multi-sine Watermarking

Cyber-Physical Systems (CPS) are systems that include physical and computational components linked by communication channels. In a Smart Grid (SG), the power plants and loads communicate with supervisors (Central Controllers (CC)) for managing the power demand more efficiently. As such, a smart grid can be regarded as a CPS. The computational components and communication links of a CPS can be subject to cyber-attacks. Researchers have been exploring detection and mitigation strategies for various types of cyber-attacks. An important type of attack is the replay attack for which various strategies based on watermarking signals have been proposed. One such scheme is based on switching multi-sine waves as the watermarking signal. This thesis adapts this scheme and develops a design procedure for detecting replay attacks for smart grids. Specifically, it examines the places in a grid where the watermarking signal can be injected and presents guidelines for choosing the amplitude and frequencies of sine waves that suit smart grids. One of the drawbacks of using a watermarking signal is the additional control cost (i.e., decrease in performance). In the context of smart grids, watermarking results in small fluctuations in delivered power. This thesis extends the single-input-single-output watermarking to a two-input-two-output watermarking scheme for smart grids in such a way to considerably lower grid power fluctuations due to watermarking. The proposed method is verified using a simulated grid connected inverter-based plants. Simulation results show that using the suggested strategy, the effect of watermarking on the overall grid power reduces significantly