Resilient Monitoring and Control Systems: Design, Analysis, and Performance Evaluation.

Abstract

Critical infrastructure systems (i.e., power plants, transportation networks, chemical plants, etc.) and their sensor networks are vulnerable to cyber-physical attacks. Cyber-attacks refer to the malicious manipulation of the sensor data, while physical attacks refer to the intentional damage of the plant components, by an adversary. The goal of this dissertation is to develop monitoring and control systems that are resilient to these attacks. The monitoring system is termed resilient if it provides the least uncertain process variable estimates and plant condition assessment. The control system is termed resilient if it identifies the attacked actuators and generates the best possible control signals (in terms of the largest probability of maintaining the process variables in the desired range). The resilient monitoring system (RMS) developed in this research consists of five layers: Data quality acquisition, process variable assessment, plant condition assessment, sensor network adaptation, and decentralized knowledge fusion. The techniques involved in each of these layers are rigorously analyzed and are shown to identify the plant condition in a reliable and timely manner. The RMS is applied to a power plant model, and its performance is evaluated under several cyber-physical attack scenarios. The measure of resiliency is quantified using Kullback-Leibler divergence and is shown to be high in all scenarios considered. The resilient control system (RCS) is developed based on two approaches: Model predictive control (MPC)-based approach and synchronous detection (SD)-based approach. In the MPC approach, a control input is calculated using the information provided by the RMS. The goal here is to steer the process variable to the desired value, while ensuring that it always remains within a safe domain. In the SD approach, the condition of the sensor and actuator is assessed using the method of synchronous detection. Then, the controller is modified so that the effects of the attacks are eliminated. Using simulations, it is shown that both these approaches are viable for the design of RCS. Thus, the main contribution of this research is in providing the theoretical foundation for the design of RMS and RCS applicable to critical infrastructures that are characterized by complex interactions of process variables.PhDElectrical Engineering: SystemsUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttp://deepblue.lib.umich.edu/bitstream/2027.42/113431/1/marutrav_1.pd