Resilient control under Denial-of-Service: Robust design

Feng, Shuai; Tesi, Pietro

doi:10.1109/acc.2016.7526102

Cited by 61 publications

(120 citation statements)

References 20 publications

Supporting

Mentioning

118

Contrasting

Order By: Relevance

“…In Feng and Tesi (2016), we have investigated the problem of designing control architectures that achieve maximal robustness against DoS. We briefly summarize the main result of that paper.…”

Section: Previous Work and Paper Outline: Co-located And Remote Contrmentioning

confidence: 99%

“…Theorem 1. (Feng and Tesi (2016)). Consider a process as in (1) under a co-located control system as in (6) and (7).…”

Section: Previous Work and Paper Outline: Co-located And Remote Contrmentioning

confidence: 99%

“…Lemma 1. [Feng and Tesi (2016)] Consider a transmission policy as in (2), along with a DoS signal satisfying Assumptions 1 and 2. If (10) holds true, then the sequence of successful transmissions satisfies z 0 ≤ Q and z m+1 − z m ≤ Q + ∆ for all m ∈ N 0 , where where m ∈ N 0 .…”

Section: Key Lemmamentioning

confidence: 99%

“…In a recent paper (Feng and Tesi, 2016), we have investigated networked systems under DoS attacks from the perspective of designing "maximally robust" controllers. There, it is shown that co-located architectures (control unit co-located with the actuators and networked sensor channel) can guarantee the highest possible level of robustness against DoS, in the sense that they can guarantee closed-loop stability for all the DoS signals with frequency and duration below a certain critical threshold beyond which stability can be lost irrespective of the adopted control system.…”

Section: Introductionmentioning

confidence: 99%

“…The contribution is an explicit characterization of DoS frequency and duration for which stability can be preserved through state-feedback control. Extensions have been considered dealing with co-located robust controller design (Feng and Tesi, 2017), nonlinear (De Persis and Tesi, 2014a) and distributed (Senejohnny et al, 2015) systems, as well as with systems where jamming attacks and genuine packet losses coexist (Cetinkaya et al, 2016).…”

Section: Introductionmentioning

confidence: 99%

See 4 more Smart Citations

Networked Systems under Denial-of-Service: Co-located vs. Remote Control Architectures

Feng

Tesi

2017

IFAC-PapersOnLine

Self Cite

View full text Add to dashboard Cite

In this paper, we study networked systems in the presence of Denial-of-Service (DoS) attacks, namely attacks that prevent transmissions over the communication network. Previous studies have shown that co-located architectures (control unit co-located with the actuators and networked sensor channel) can ensure a high level of robustness against DoS. However, co-location requires a wired or dedicated actuator channel, which could not meet flexibility and cost requirements. In this paper we consider a control architecture that approximates co-location while enabling remote implementation (networked sensor and actuator channels). We analyze closed-loop stability and quantify the robustness "gap" between this architecture and the co-located one.

show abstract

Section: Previous Work and Paper Outline: Co-located And Remote Contrmentioning

confidence: 99%

“…Theorem 1. (Feng and Tesi (2016)). Consider a process as in (1) under a co-located control system as in (6) and (7).…”

Section: Previous Work and Paper Outline: Co-located And Remote Contrmentioning

confidence: 99%

Section: Key Lemmamentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Networked Systems under Denial-of-Service: Co-located vs. Remote Control Architectures

Feng

Tesi

2017

IFAC-PapersOnLine

Self Cite

View full text Add to dashboard Cite

show abstract

Observer‐based attack‐resilient control for linear systems against FDI attacks on communication links from controller to actuators

Xie

Yang

2018

Intl J Robust & Nonlinear

View full text Add to dashboard Cite

For the adversarial attacks on the communication links from the controller to the actuators, most of the existing attack-resilient control results focus on denial-of-service attacks. Unlike the existing results, this paper studies the observer-based attack-resilient control problem for linear systems with false data injection attacks and process disturbances. Due to limited resources, the malicious attacker is assumed to only manipulate a certain number of communication links from the controller to the actuators. A novel control architecture is proposed, which consists of an attack-resilient state observer, a controller gain scheme, and a supervisory switching strategy. The observer is developed based on the maximin strategy, and state estimation will be used to construct the controller. The switching strategy is designed to pick an appropriate controller gain and prevent the attack signals from entering the plant automatically. It is shown that the closed-loop system is stable with an attack-resilient performance.Finally, to verify the effectiveness of the proposed controller, simulation results on a linearized reduced-order aircraft system and an IEEE six-bus power system are provided. KEYWORDSattack-resilient control, cyber-physical systems, observer, supervisory switching strategy INTRODUCTIONCyber-physical systems (CPSs) integrate physical processes, computational resources, and communication capabilities 1 and merge the cyber-world with the physical world. CPSs have become prevalent in multifarious real-wold systems, including communication systems, power systems, and aerospace systems. Since CPSs are increasingly connected to the intranet and internet for remote monitoring and control, they become more vulnerable to malicious cyberattacks. For this reason, security issues of CPSs subject to cyberattacks have attracted considerable attention in the last decades. [2][3][4] In a networked control system, cyberattacks to the communication links can be broadly divided into two categories: denial-of-service (DoS) attacks and deception attacks. DoS attacks refer to obstructing/blocking the communication between networked agents 5,6 and causing packet losses. Deception attacks (including false data injection [FDI] attacks, 7,8 sparse attacks, 9 replay attacks, 10 zero-dynamic attacks, 11 etc) are intended to manipulate transmitted data packages and result in false feedback information. 8 For the immense field of CPSs' application, various problems have been investigated, eg, sensor scheduling, 12,13 secure state estimation, 14-16 and secure control. 17 4382It is also worth noting that there are many research challenges toward achieving a secure control objective, as argued in the work of Cardenas et al. 17 During recent years, some researchers have tried to solve the challenging secure control problem for CPSs.Related works on secure control: The secure estimation and control problem was addressed in the work of Fawzi et al 18 for the discrete-time systems with FDI sensor attacks. The main idea is to first design ...

show abstract

Security measure allocation for industrial control systems: Exploiting systematic search techniques and submodularity

Milošević

Teixeira

Tanaka

et al. 2018

Intl J Robust & Nonlinear

View full text Add to dashboard Cite

To protect industrial control systems from cyberattacks, multiple layers of security measures need to be allocated to prevent critical security vulnerabilities.However, both finding the critical vulnerabilities and then allocating security measures in a cost-efficient way become challenging when the number of vulnerabilities and measures is large. This paper proposes a framework that can be used once this is the case. In our framework, the attacker exploits security vulnerabilities to gain control over some of the sensors and actuators. The critical vulnerabilities are those that are not complex to exploit and can lead to a large impact on the physical world through the compromised sensors and actuators. To find these vulnerabilities efficiently, we propose an algorithm that uses the nondecreasing properties of the impact and complexity functions and properties of the security measure allocation problem to speed up the search. Once the critical vulnerabilities are located, the security measure allocation problem reduces to an integer linear program. Since integer linear programs are NP-hard in general, we reformulate this problem as a problem of minimizing a linear set function subject to a submodular constraint. A polynomial time greedy algorithm can then be applied to obtain a solution with guaranteed approximation bound. The applicability of our framework is demonstrated on a control system used for regulation of temperature within a building.

show abstract

Resilient control under Denial-of-Service: Robust design

Cited by 61 publications

References 20 publications

Networked Systems under Denial-of-Service: Co-located vs. Remote Control Architectures

Networked Systems under Denial-of-Service: Co-located vs. Remote Control Architectures

Observer‐based attack‐resilient control for linear systems against FDI attacks on communication links from controller to actuators

Security measure allocation for industrial control systems: Exploiting systematic search techniques and submodularity

Contact Info

Product

Resources

About