ترغب بنشر مسار تعليمي؟ اضغط هنا

Secure Control of Networked Control Systems Using Dynamic Watermarking

138   0   0.0 ( 0 )
 نشر من قبل Changda Zhang
 تاريخ النشر 2021
والبحث باللغة English




اسأل ChatGPT حول البحث

We here investigate secure control of networked control systems developing a new dynamic watermarking (DW) scheme. Firstly, the weaknesses of the conventional DW scheme are revealed, and the tradeoff between the effectiveness of false data injection attack (FDIA) detection and system performance loss is analysed. Secondly, we propose a new DW scheme, and its attack detection capability is interrogated using the additive distortion power of a closed-loop system. Furthermore, the FDIA detection effectiveness of the closed-loop system is analysed using auto/cross covariance of the signals, where the positive correlation between the FDIA detection effectiveness and the watermarking intensity is measured. Thirdly, the tolerance capacity of FDIA against the closed-loop system is investigated, and theoretical analysis shows that the system performance can be recovered from FDIA using our new DW scheme. Finally, experimental results from a networked inverted pendulum system demonstrate the validity of our proposed scheme.



قيم البحث

اقرأ أيضاً

Networked robotic systems, such as connected vehicle platoons, can improve the safety and efficiency of transportation networks by allowing for high-speed coordination. To enable such coordination, these systems rely on networked communications. This can make them susceptible to cyber attacks. Though security methods such as encryption or specially designed network topologies can increase the difficulty of successfully executing such an attack, these techniques are unable to guarantee secure communication against an attacker. More troublingly, these security methods are unable to ensure that individual agents are able to detect attacks that alter the content of specific messages. To ensure resilient behavior under such attacks, this paper formulates a networked linear time-varying version of dynamic watermarking in which each agent generates and adds a private excitation to the input of its corresponding robotic subsystem. This paper demonstrates that such a method can enable each agent in a networked robotic system to detect cyber attacks. By altering measurements sent between vehicles, this paper illustrates that an attacker can create unstable behavior within a platoon. By utilizing the dynamic watermarking method proposed in this paper, the attack is detected, allowing the vehicles in the platoon to gracefully degrade to a non-communicative control strategy that maintains safety across a variety of scenarios.
This paper aims to create a secure environment for networked control systems composed of multiple dynamic entities and computational control units via networking, in the presence of disclosure attacks. In particular, we consider the situation where s ome dynamic entities or control units are vulnerable to attacks and can become malicious. Our objective is to ensure that the input and output data of the benign entities are protected from the malicious entities as well as protected when they are transferred over the networks in a distributed environment. Both these security requirements are achieved using cryptographic techniques. However, the use of cryptographic mechanisms brings additional challenges to the design of controllers in the encrypted state space; the closed-loop system gains and states are required to match the specified cryptographic algorithms. In this paper, we propose a methodology for the design of secure networked control systems integrating the cryptographic mechanisms with the control algorithms. The approach is based on the separation principle, with the cryptographic techniques addressing the security requirements and the control algorithms satisfying their performance requirements.
In this paper, we investigate the role of a physical watermarking signal in quickest detection of a deception attack in a scalar linear control system where the sensor measurements can be replaced by an arbitrary stationary signal generated by an att acker. By adding a random watermarking signal to the control action, the controller designs a sequential test based on a Cumulative Sum (CUSUM) method that accumulates the log-likelihood ratio of the joint distribution of the residue and the watermarking signal (under attack) and the joint distribution of the innovations and the watermarking signal under no attack. As the average detection delay in such tests is asymptotically (as the false alarm rate goes to zero) upper bounded by a quantity inversely proportional to the Kullback-Leibler divergence(KLD) measure between the two joint distributions mentioned above, we analyze the effect of the watermarking signal variance on the above KLD. We also analyze the increase in the LQG control cost due to the watermarking signal, and show that there is a tradeoff between quick detection of attacks and the penalty in the control cost. It is shown that by considering a sequential detection test based on the joint distributions of residue/innovations and the watermarking signal, as opposed to the distributions of the residue/innovations only, we can achieve a higher KLD, thus resulting in a reduced average detection delay. Numerical results are provided to support our claims.
Closed-loop control systems employ continuous sensing and actuation to maintain controlled variables within preset bounds and achieve the desired system output. Intentional disturbances in the system, such as in the case of cyberattacks, can compromi se reachability of control goals, and in several cases jeopardize safety. The increasing connectivity and exposure of networked control to external networks has enabled attackers to compromise these systems by exploiting security vulnerabilities. Attacks against safety-critical control loops can not only drive the system over a trajectory different from the desired, but also cause fatal consequences to humans. In this paper we present a physics-based Intrusion Detection System (IDS) aimed at increasing the security in control systems. In addition to conventional process state estimation for intrusion detection, since the controller cannot be trusted, we introduce a controller state estimator. Additionally, we make our detector context-aware by utilizing sensor measurements from other control loops, which allows to distinguish and characterize disturbances from attacks. We introduce adaptive thresholding and adaptive filtering as means to achieve context-awareness. Together, these methodologies allow detection and localization of attacks in closed-loop controls. Finally, we demonstrate feasibility of the approach by mounting a series of attacks against a networked Direct Current (DC) motor closed-loop speed control deployed on an ECU testbed, as well as on a simulated automated lane keeping system. Among other application domains, this set of approaches is key to support security in automotive systems, and ultimately increase road and passenger safety.
Estimating the occurrence of packet losses in a networked control systems (NCS) can be used to improve the control performance and to detect failures or cyber-attacks. This study considers simultaneous estimation of the plant state and the packet los s occurrences at each time step. After formulation of the problem, two solutions are proposed. In the first one, an input-output representation of the NCS model is used to design a recursive filter for estimation of the packet loss occurrences. This estimation is then used for state estimation through Kalman filtering. In the second solution, a state space model of NCS is used to design an estimator for both the plant state and the packet loss occurrences which employs a Kalman filter. The effectiveness of the solutions is shown during an example and comparisons are made between the proposed solutions and another solution based on the interacting multiple model estimation method.
التعليقات
جاري جلب التعليقات جاري جلب التعليقات
سجل دخول لتتمكن من متابعة معايير البحث التي قمت باختيارها
mircosoft-partner

هل ترغب بارسال اشعارات عن اخر التحديثات في شمرا-اكاديميا