Discrete Event System Methods for Control Problems Arising in Cyber-physical Systems.

We consider two problems in cyber-physical systems. The first is that of dynamic fault diagnosis. Specifically, we assume that a plant model is available in the form of a discrete event system (DES) containing special fault events whose occurrences are to be diagnosed. Furthermore, it is assumed that there exist sensors that can be turned on or off and are capable of detecting some subset of the system’s non-faulty events. The problem to be solved consists of constructing a compact structure, called the most permissive observer (MPO), containing the set of all sequences of sensor activations that ensure the timely diagnosis of any fault event’s occurrence. We solve this problem by defining an appropriate notion of information state summarizing the information obtained from the past sequence of observations and sensor activations. The resulting MPO has a better space complexity than that of the previous approach in the literature. The second problem considered in this thesis is that of controlling vehicles through an intersection. Specifically, we wish to obtain a supervisor for the vehicles that is safe, non-deadlocking, and maximally permissive. Furthermore, we solve this problem in the presence of uncontrolled vehicles, bounded disturbances in the dynamics, and measurement uncertainty. Our approach consists of discretizing the system in time and space, obtaining a DES abstraction, solving for maximally permissive supervisors in the abstracted domain, and refining the supervisor to one for the original, continuous, problem domain. We provide general results under which this approach yields maximally permissive memoryless supervisors for the original system and show that, under certain conditions, the resulting supervisor will be maximally permissive over the class of all supervisors, not merely memoryless ones. Our contributions are as follows. First, by constructing DES abstractions from continuous systems, we can leverage the supervisory control theory of DES, which is well-suited to finding maximally permissive supervisors under safety and non-blocking constraints. Second, we define different types of relations between transition systems and their abstractions and, for each relation, characterize the class of supervisors over which the supervisors obtained under our approach are maximally permissive.PHDElectrical Engineering: SystemsUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttp://deepblue.lib.umich.edu/bitstream/2027.42/108720/1/edallal_1.pd

Modeling Under-Reporting in Cyber Incidents

Under-reporting in cyber incidents is a well-established problem. Due to reputational risk and the consequent financial impact, a large proportion of incidents are never disclosed to the public, especially if they do not involve a breach of protected data. Generally, the problem of under-reporting is solved through a proportion-based approach, where the level of under-reporting in a data set is determined by comparison to data that is fully reported. In this work, cyber insurance claims data is used as the complete data set. Unlike most other work, however, our goal is to quantify under-reporting with respect to multiple dimensions: company revenue, industry, and incident categorization. The research shows that there is a dramatic difference in under-reporting—a factor of 100—as a function of these variables. Overall, it is estimated that only approximately 3% of all cyber incidents are accounted for in databases of publicly reported events. The output of this work is an under-reporting model that can be used to correct incident frequencies derived from data sets of publicly reported incidents. This diminishes the “barrier to entry” in the development of cyber risk models, making it accessible to researchers who may not have the resources to acquire closely guarded cyber insurance claims data

Modeling Under-Reporting in Cyber Incidents

Under-reporting in cyber incidents is a well-established problem. Due to reputational risk and the consequent financial impact, a large proportion of incidents are never disclosed to the public, especially if they do not involve a breach of protected data. Generally, the problem of under-reporting is solved through a proportion-based approach, where the level of under-reporting in a data set is determined by comparison to data that is fully reported. In this work, cyber insurance claims data is used as the complete data set. Unlike most other work, however, our goal is to quantify under-reporting with respect to multiple dimensions: company revenue, industry, and incident categorization. The research shows that there is a dramatic difference in under-reporting—a factor of 100—as a function of these variables. Overall, it is estimated that only approximately 3% of all cyber incidents are accounted for in databases of publicly reported events. The output of this work is an under-reporting model that can be used to correct incident frequencies derived from data sets of publicly reported incidents. This diminishes the “barrier to entry” in the development of cyber risk models, making it accessible to researchers who may not have the resources to acquire closely guarded cyber insurance claims data

Supervisory control for collision avoidance in vehicular networks using discrete event abstractions

We consider the problem of collision avoidance at vehicular intersections for a set of controlled and uncontrolled vehicles that are linked by wireless communication. Each vehicle is modeled by a first order system. We use a disturbance to account for bounded model uncertainty. We construct a discrete event system abstraction and formulate the problem in the context of supervisory control for discrete event systems with uncontrollable events. This allows us to mitigate computational limitations related to the presence of continuous dynamics and infinite state spaces. For solving the resulting supervisory control problem at the discrete event level, we develop an algorithm that exploits the structure of the transition map to compute the supremal controllable sublanguage more efficiently than standard algorithms. We present implementation results on an intersection with several vehicles.National Science Foundation (U.S.) (Grant CNS-0930081

Supervisory control for collision avoidance in vehicular networks with imperfect measurements

We consider the problem of collision avoidance at road intersections in vehicular networks in the presence of uncontrolled vehicles, a disturbance, and measurement uncertainty. Our goal is to construct a supervisor of the continuous time system that is safe (i.e., avoids collisions), non-blocking (i.e., all vehicles eventually cross the intersection), and maximally permissive with respect to the discretization, despite the presence of a disturbance and of measurement uncertainty. We proceed in four steps: defining a discrete event system (DES) abstraction of the continuous time system, using uncontrollable events to model the uncontrolled vehicles and the disturbance; translating safety and non-blocking requirements to the DES level; solving at the DES level; and translating the resulting supervisor back from the DES level to the continuous level. We give sufficient conditions for this procedure to maintain the safety, non-blocking and maximal permissive properties as the supervisor is translated back from the DES level to the continuous level. Prior work on this problem based on similar abstractions assumes perfect measurement of position. Our method for handling measurement uncertainty is to introduce measurement events into the DES abstraction and then to compute the observer of the DES abstraction and the supremal controllable solution of the DES supervisory control problem.National Science Foundation (U.S.) (grant CNS-0930081