Actuator Cyberattack Handling Using Lyapunov-based Economic Model Predictive Control

Cybersecurity has gained increasing interest as a consequence of the potential impacts of cyberattacks on profits and safety. While attacks can affect various components of a plant, prior work from our group has focused on the impact of cyberattacks on control components such as process sensors and actuators and the development of detection strategies for cybersecurity derived from control theory. In this work, we provide greater focus on actuator attacks; specifically, we extend a detection and control strategy previously applied for sensor attacks and based on an optimization-based control technique called Lyapunov-based economic model predictive control (LEMPC) to detect attacks impacting the control action applied by the actuators when the state measurements provided to the controller are accurate. Closed-loop stability guarantees are rigorously derived. A continuous stirred tank reactor is simulated to elucidate aspects of the detection strategy proposed

Lyapunov-Based Economic Model Predictive Control for Detecting and Handling Actuator and Simultaneous Sensor/Actuator Cyberattacks on Process Control Systems

The controllers for a cyber-physical system may be impacted by sensor measurement cyberattacks, actuator signal cyberattacks, or both types of attacks. Prior work in our group has developed a theory for handling cyberattacks on process sensors. However, sensor and actuator cyberattacks have a different character from one another. Specifically, sensor measurement attacks prevent proper inputs from being applied to the process by manipulating the measurements that the controller receives, so that the control law plays a role in the impact of a given sensor measurement cyberattack on a process. In contrast, actuator signal attacks prevent proper inputs from being applied to a process by bypassing the control law to cause the actuators to apply undesirable control actions. Despite these differences, this manuscript shows that we can extend and combine strategies for handling sensor cyberattacks from our prior work to handle attacks on actuators and to handle cases where sensor and actuator attacks occur at the same time. These strategies for cyberattack-handling and detection are based on the Lyapunov- based economic model predictive control (LEMPC) and nonlinear systems theory. We first review our prior work on sensor measurement cyberattacks, providing several new insights regarding the methods. We then discuss how those methods can be extended to handle attacks on actuator signals and then how the strategies for handling sensor and actuator attacks individually can be combined to produce a strategy that is able to guarantee safety when attacks are not detected, even if both types of attacks are occurring at once. We also demonstrate that the other combinations of the sensor and actuator attack-handling strategies cannot achieve this same effect. Subsequently, we provide a mathematical characterization of the “discoverability” of cyberattacks that enables us to consider the various strategies for cyberattack detection presented in a more general context. We conclude by presenting a reactor example that showcases the aspects of designing LEMPC

Perspectives on Design Considerations Inspired by Security and Quantum Technology in Cyberphysical Systems for Process Engineering

Advances in computer science have been a driving force for change in process systems engineering for decades. Faster computers, expanded computing resources, simulation software, and improved optimization algorithms have all changed chemical engineers’ abilities to predict, control, and optimize process systems. Two newer areas relevant to computer science that are impacting process systems engineering are cybersecurity and quantum computing. This work reviews some of our group’s recent work in control-theoretic approaches to control system cybersecurity and touches upon the use of quantum computers, with perspectives on the relationships between process design and control when cybersecurity and quantum technologies are of interest

Test Methods for Image-Based Information in Next-Generation Manufacturing

Typical control designs in the process systems engineering literature have assumed that the primary sensing methodologies are traditional instruments such as thermocouples. Dig- italization is changing the landscape for manufacturing, and data-based sensing modalities (e.g., image-based sensing) are becoming of greater interest for plant control. These considerations require novel test/evaluation solutions. For example, process systems engineering researchers may wish to test image-based sensors in simulation. In this work, we provide preliminary thoughts on how image-based technologies might be evaluated via simulation for process systems

Development of directed randomization for discussing a minimal security architecture

Strategies for mitigating the impacts of cyberattacks on control systems using a control-oriented perspective have become of greater interest in recent years. Our group has contributed to this trend by developing several methods for detecting cyberattacks on process sensors, actuators, or both sensors and actuators simultaneously using an advanced optimization-based control strategy known as Lyapunov-based economic model predictive control (LEMPC). However, each technique comes with benefits and limitations, both with respect to one another and with respect to traditional information technology and computer science-type approaches to cybersecurity. An important question to ask, therefore, is what the goal should be of the development of new control-based techniques for handling cyberattacks on control systems, and how we will be able to benchmark these as “successful” compared to other techniques to drive development or signal when the research in this direction has reached maturity. In this paper, we propose that the goal of research in control system cybersecurity for next-generation manufacturing should be the development of a security architecture that provides flexibility and safety with lowest cost, and seek to clarify this concept by re-analyzing some of the security techniques from our prior work in such a context. We also show how new methods can be developed and analyzed within this “minimum security architecture” context by proposing a technique which we term “directed randomization” that may require less sensors to be secured in a system than some of our prior methods, potentially adding flexibility to the system while still maintaining security. Directed randomization seeks to utilize the existence of two possible stabilizing inputs at every sampling time to attempt to create a challenge for an attacker for setting up an arbitrary sensor attack policy without being detected within a finite number of sampling periods. We discuss benefits and limitations of this technique with respect to our prior cybersecurity strategies and also with respect to extended versions of these prior concepts, such as image-based control and distributed control, to provide further insights into the minimum security concep

Quantum Computing and Resilient Design Perspectives for Cybersecurity of Feedback Systems

Cybersecurity of control systems is an important issue in next-generation manufac- turing that can impact both operational objectives (safety and performance) as well as process designs (via hazard analysis). Cyberattacks differ from faults in that they can be coordinated efforts to exploit system vulnerabilities to create otherwise unlikely hazard scenarios. Because coordination and targeted process manipulation can be characteristics of attacks, some of the tactics previously analyzed in our group from a control system cybersecurity perspective have incorporated randomness to attempt to thwart attacks. The underlying assumption for the generation of this randomness has been that it can be achieved on a classical computer; however, quantum computers can also create random behavior in the results of computations. This work explores how errors in quantum hardware that can create non-deterministic outputs from quantum computers interact with control system cybersecurity. These studies serve as a reminder of the need to incorporate cybersecurity considerations at the process design stage

Handling of Stealthy Sensor and Actuator Cyberattacks on Evolving Nonlinear Process Systems

Cyberattacks on control systems in the chemical process industries cause concern regarding how they can impact finances, safety, and production levels of companies. A key practical challenge for cyberattack detection and handling using process information is that process behavior evolves over time. Conceivably, changes in process dynamics might cause some detection strategies to flag a change in the dynamics as an attack due to the new data appearing abnormal compared to data from before the dynamics changed. In this work, we utilize several case studies to probe the question of what might be the impacts, benefits, and limitations of cyberattack detection and handling policies when the process dynamics change over time. The goal of this work is to characterize, through simulation studies, characteristics, which might be desirable and undesirable in cyberattack detection and handling procedures when process evolution is inevitable. We demonstrate challenges with cyberattack detection when process dynamics change and subsequently, discuss two concepts for handling attacks—one which utilizes a two-tier detection strategy in which model reidentification is triggered when it is not clear whether an attack or a change in the process dynamics has occurred, and one in which control signals are injected at intervals by the actuators. We utilize simulations to elucidate characteristics of these strategies and demonstrate that verifiability of attack-handling methods is key to their implementation (i.e., ad hoc tuning has potential to leave vulnerabilities which an attacker might locate and exploit)

Control Implemented on Quantum Computers: Effects of Noise, Nondeterminism, and Entanglement

Quantum computing has advanced in recent years to the point that there are now some quantum computers and quantum simulators available to the public for use. In addition, quantum computing is beginning to receive attention within the process systems engineering community for directions such as machine learning and optimization. A logical next step for its evaluation within process systems engineering is for control, specifically for computing control actions to be applied to process systems. In this work, we provide some initial studies regarding the implementation of control on quantum computers, including the implementation of a single-input/single-output proportional control law on a quantum simulator with noise, evaluation of potential impacts of nondeterminism on theory for advanced control laws, and discussion of consequences of the way that entanglement works for next-generation manufacturing communication objectives

Integrated Cyberattack Detection and Handling for Nonlinear Systems with Evolving Process Dynamics under Lyapunov-Based Economic Model Predictive Control

Safety-critical processes are becoming increasingly automated and connected. While automation can increase effciency, it brings new challenges associated with guaranteeing safety in the presence of uncertainty especially in the presence of control system cyberattacks. One of the challenges for developing control strategies with guaranteed safety and cybersecurity properties under suffcient conditions is the development of appropriate detection strategies that work with control laws to prevent undetected attacks that have immediate closed-loop stability consequences. Achieving this, in the presence of uncertainty brought about by plant/model mismatch and process dynamics that can change with time, requires a fundamental understanding of the characteristics of attacks that can be detected with reasonable detection mechanisms and characterizing and verifying system safety properties when cyberattacks and changing system behavior cannot be distinguished. Motivated by this, this paper discusses three cyberattack detection strategies for nonlinear processes whose dynamics change with time when these processes are operated under an optimization-based control strategy known as Lyapunov-based economic model predictive control (LEMPC) until the closedloop state either leaves a characterizable region of state-space or an attack detection threshold related to state estimates or state predictions is exceeded. Following this, the closed-loop state is maintained within a larger region of operation under an updated cyberattack detection strategy for a characterizable time period. A Taylor series-based model is used for making state predictions to allow theoretical guarantees to be explicitly tied to the numerical approximation of the model used within the LEMPC. A process example illustrates the Taylor series-based model concept

Cyberphysical Systems and Energy: A Discussion with Reference to an Enhanced Geothermal Process

As cyberphysical systems research advances, energy systems will be able to benefit from the developments. In this section, we discuss several points in two newer areas for cyberphysical systems research in chemical engineering: 1) cybersecurity of process control systems; and 2) quantum computation of control actions. The discussion is presented in a general manner, with relevance to flow systems or under traditional control laws (e.g., proportional control). However, to showcase energy systems relevance, we will provide links, at intervals, between the developments discussed and enhanced geothermal systems with energy production through the Organic Rankine Cycle (ORC)