4 research outputs found
Resilience Against Sensor Deception Attacks at the Supervisory Control Layer of Cyber-Physical Systems: A Discrete Event Systems Approach
Cyber-Physical Systems (CPS) are already ubiquitous in our society and include medical devices, (semi-)autonomous vehicles, and smart grids. However, their security aspects were only recently incorporated into their design process, mainly in response to catastrophic incidents caused by cyber-attacks on CPS. The Stuxnet attack that successfully damaged a nuclear facility, the Maroochy water breach that released millions of gallons of untreated water, the assault on power plants in Brazil that disrupted the distribution of energy in many cities, and the intrusion demonstration that stopped the engine of a 2014 Jeep Cherokee in the middle of a highway are examples of well-publicized cyber-attacks on CPS. There is now a critical need to provide techniques for analyzing the behavior of CPS while under attack and to synthesize attack-resilient CPS. In this dissertation, we address CPS under the influence of an important class of attacks called sensor deception attacks, in which an attacker hijacks sensor readings to inflict damage to CPS.
The formalism of regular languages and their finite-state automata representations is used to capture the dynamics of CPS and their attackers, thereby allowing us to leverage the theory of supervisory control of discrete event systems to pose our investigations. First, we focus on developing a supervisory control framework under sensor deception attacks. We focus on two questions: (1) Can we automatically find sensor deception attacks that damage a given CPS? and (2) Can we design a secure-by-construction CPS against sensor deception attacks? Answering these two questions is the main contribution of this dissertation.
In the first part of the dissertation, using techniques from the fields of graph games and Markov decision processes, we develop algorithms for synthesizing sensor deception attacks in both qualitative and quantitative settings. Graph games provide the means of synthesizing sensor deception attacks that might damage the given CPS. In a second step, equipped with stochastic information about the CPS, we can leverage Markov decision processes to synthesize attacks with the highest likelihood of damage.
In the second part of the dissertation, we tackle the problem of designing secure-by-construction CPS. We provide two different methodologies to design such CPS, in which there exists a trade-off between flexibility on selecting different designs and computational complexity of the methods. The first method is developed based on supervisory control theory, and it provides a computationally efficient way of designing secure CPS. Alternatively, a graph-game method is presented as a second solution for this investigated problem.
The graph-game method grants flexible selection of the CPS at the cost of computational complexity. The first method finds one robust supervisor, whereas the second method provides a structure in which all robust supervisors are included.
Overall, this dissertation provides a comprehensive set of algorithmic techniques to analyze and mitigate sensor deception attacks at the supervisory layer of cyber-physical control systems.PHDElectrical and Computer EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttp://deepblue.lib.umich.edu/bitstream/2027.42/166117/1/romulo_1.pd
Investigating Robustness in Cyber-Physical Systems: Specification-Centric Analysis in the face of System Deviations
The adoption of cyber-physical systems (CPS) is on the rise in complex
physical environments, encompassing domains such as autonomous vehicles, the
Internet of Things (IoT), and smart cities. A critical attribute of CPS is
robustness, denoting its capacity to operate safely despite potential
disruptions and uncertainties in the operating environment. This paper proposes
a novel specification-based robustness, which characterizes the effectiveness
of a controller in meeting a specified system requirement, articulated through
Signal Temporal Logic (STL) while accounting for possible deviations in the
system. This paper also proposes the robustness falsification problem based on
the definition, which involves identifying minor deviations capable of
violating the specified requirement. We present an innovative two-layer
simulation-based analysis framework designed to identify subtle robustness
violations. To assess our methodology, we devise a series of benchmark problems
wherein system parameters can be adjusted to emulate various forms of
uncertainties and disturbances. Initial evaluations indicate that our
falsification approach proficiently identifies robustness violations, providing
valuable insights for comparing robustness between conventional and
reinforcement learning (RL)-based controllersComment: 12 page
Synthesis of Supervisors Robust Against Sensor Deception Attacks
International audienceWe consider feedback control systems where sensor readings may be compromised by a malicious attacker intending on causing damage to the system. We study this problem at the supervisory layer of the control system, using discrete event systems techniques. We assume that the attacker can edit the outputs from the sensors of the system before they reach the supervisory controller. In this context, we formulate the problem of synthesizing a supervisor that is robust against the class of edit attacks on the sensor readings and present a solution methodology for this problem. This methodology blends techniques from games on automata with imperfect information with results from supervisory control theory of partially-observed discrete event systems. Necessary and sufficient conditions are provided for the investigated problem