Biblio

With the development of industrial informatization, information security in the power production industry is becoming more and more important. In the power production industry, as the critical information egress of the industrial control system, the information security of the Networked Control System is particularly important. This paper proposes a construction method for an information security platform of Networked Control System, which is used for research, testing and training of Networked Control System information security.

Cyber-physical Systems can be defined as a complex networked control system, which normally develop by combining several physical components with the cyber space. Cyber Physical System are already a part of our daily life. As its already being a part of everyone life, CPS also have great potential security threats and can be vulnerable to various cyber-attacks without showing any sign directly to component failure. To protect user security and privacy is a fundamental concern of any kind of system; either it’s a simple web application or supplicated professional system. Digital Multifactor authentication is one of the best ways to make secure authentication. It covers many different areas of a Cyber-connected world, including online payments, communications, access right management, etc. Most of the time, Multifactor authentication is little complex as it requires extra step from users. This paper will discuss the evolution from single authentication to Multi-Factor Authentication (MFA) starting from Single-Factor Authentication (SFA) and through Two-Factor Authentication (2FA). This paper seeks to analyze and evaluate the most prominent authentication techniques based on accuracy, cost, and feasibility of implementation. We also suggest several authentication schemes which incorporate with Multifactor authentication for CPS.

In this paper, we deal with the resilient consensus problem in networked control systems in which a group of agents are interacting with each other. A min-max-based resilient consensus algorithm has been proposed to help normal agents reach an agreement upon their state values in the presence of misbehaving ones. It is shown that the use of the developed algorithm will result in less computational load and fast convergence. Both synchronous and asynchronous update schemes for the network have been studied. Finally, the effectiveness of the proposed algorithm has been evaluated through numerical examples.

In this paper, we investigate a networked control problem in the presence of Denial-of-Service (DoS) attacks, which prevent transmissions over the communication network. The communication between the process and controller is also subject to bit rate constraints. For mitigating the influences of DoS attacks and bit rate constraints, we develop a variable bit rate (VBR) encoding-decoding protocol and quantized controller to stabilize the control system. We show that the system’s resilience against DoS under VBR is preserved comparing with those under constant bit rate (CBR) quantized control, with fewer bits transmitted especially when the attack levels are low. The proposed VBR quantized control framework in this paper is general enough such that the results of CBR quantized control under DoS and moreover the results of minimum bit rate in the absence of DoS can be recovered.

In a centralized Networked Control System (NCS), all agents share local data with a central processing unit that generates control commands for agents. The use of a communication network between the agents gives NCSs a distinct advantage in efficiency, design cost, and simplicity. However, this benefit comes at the expense of vulnerability to a range of cyber-physical attacks. Recently, novel defense mechanisms to counteract false data injection (FDI) attacks on NCSs have been developed for agents with linear dynamics but have not been thoroughly investigated for NCSs with nonlinear dynamics. This paper proposes an FDI attack mitigation strategy for NCSs composed of agents with nonlinear dynamics under disturbances and measurement noises. The proposed algorithm uses both learning and model-based approaches to estimate agents'states for FDI attack mitigation. A neural network is used to model uncertain dynamics and estimate the effect of FDI attacks. The controller and estimator are designed based on Lyapunov stability analysis. A simulation of robots with Euler-Lagrange dynamics is considered to demonstrate the developed controller's performance to respond to FDI attacks in real-time.

The model-free adaptive security tracking control (MFASTC) problem of nonlinear networked control systems is explored in this paper with DoS attacks and delays consideration. In order to alleviate the impact of DoS attack and RTT delays on NCSs performance, an attack compensation mechanism and a networked predictive-based delay compensation mechanism are designed, respectively. The data-based designed method need not the dynamic and structure of the system, The MFASTC algorithm is proposed to ensure the output tracking error being bounded in the mean-square sense. Finally, an example is given to illustrate the effectiveness of the new algorithm by a comparison.

This paper investigates the event-triggered control (ETC) problem for stochastic networked control systems (NCSs) with exogenous disturbances and Denial-of-Service (DoS) attacks. The ETC strategy is proposed to reduce the utilization of network resource while defending the DoS attacks. Based on the introduced ETC strategy, sufficient conditions, which rely on the frequency and duration properties of DoS attacks, are obtained to achieve the stochastic input-to-state stability and Zeno-freeness of the ETC stochastic NCSs. An example of air vehicle system is given to explain the effectiveness of proposed ETC strategy.

Cyber-Physical Systems (CPS) use computational resources to control physical processes and provide critical services. For this reason, an attack in these systems may have dangerous consequences in the physical world. Hence, cyber- resilience is a fundamental property to ensure the safety of the people, the environment and the controlled physical processes. In this paper, we present metrics to quantify the cyber-resilience level based on the design, structure, stability, and performance under the attack of a given CPS. The metrics provide reference points to evaluate whether the system is better prepared or not to face the adversaries. This way, it is possible to quantify the ability to recover from an adversary using its mathematical model based on actuators saturation. Finally, we validate our approach using a numeric simulation on the Tennessee Eastman control challenge problem.

The security problem of networked control systems (NCSs) suffering denial of service(DoS) attacks with incomplete information is investigated in this paper. Data transmission among different components in NCSs may be blocked due to DoS attacks. We use the concept of security level to describe the degree of security of different components in an NCS. Intrusion detection system (IDS) is used to monitor the invalid data generated by DoS attacks. At each time slot, the defender considers which component to monitor while the attacker considers which place for invasion. A one-shot game between attacker and defender is built and both the complete information case and the incomplete information case are considered. Furthermore, a repeated game model with updating beliefs is also established based on the Bayes' rule. Finally, a numerical example is provided to illustrate the effectiveness of the proposed method.

In this paper, we formulate a combinatorial optimization problem that aims to maximize the accuracy of a lower bound estimate of the probability of security of a multi-robot system (MRS), while minimizing the computational complexity involved in its calculation. Security of an MRS is defined using the well-known control theoretic notion of left invertiblility, and the probability of security of an MRS can be calculated using binary decision diagrams (BDDs). The complexity of a BDD depends on the number of disjoint path sets considered during its construction. Taking into account all possible disjoint paths results in an exact probability of security, however, selecting an optimal subset of disjoint paths leads to a good estimate of the probability while significantly reducing computation. To deal with the dynamic nature of MRSs, we introduce two methods: (1) multi-point optimization, a technique that requires some a priori knowledge of the topology of the MRS over time, and (2) online optimization, a technique that does not require a priori knowledge, but must construct BDDs while the MRS is operating. Finally, our approach is validated on an MRS performing a rendezvous objective while exchanging information according to a noisy state agreement process.

Modern computing networks that enable distributed computing are comprised of a wide range of heterogeneous devices with different levels of resources, which are interconnected by different networking technologies and communication protocols. This integration, together with the state of the art technologies, has brought into play new uncertainties, associated with physical world and the cyber space. In heterogeneous networked control systems environments, awareness and resilience are two important properties that these systems should bear and comply with. In this work the problem of resilience enhancement in heterogeneous networked control systems is addressed based on a distributed middleware, which is propped up on a hierarchical multi-agent framework, where each of the constituent agents is devoted to a specific task. The proposed architecture takes into account physical and cyber vulnerabilities and ensures state and context awareness, and a minimum level of acceptable operational performance, in response to physical and cyber disturbances. Experiments on a IPv6-based test-bed proved the relevance and benefits offered by the proposed architecture.

Advances on the integration of wireless sensor and actuator networks, as a whole, have contribute to the greater reconfigurability of systems and lower installation costs with application to supervision of networked control systems. This integration, however, increases some vulnerabilities associated with the physical world and also with the cyber and security world. This trend makes the wireless nodes one of the most vulnerable component of these kind of systems, which can have a major impact on the overall performance of the networked control system. This paper presents an architecture relying on a hierarchical multi-agent system for resilience enhancement, with focus on wireless sensor and actuator networks. The proposed framework was evaluated on an IPv6 test-bed comprising several distributed devices, where performance and communication links health are analyzed. The relevance of the proposed approach is demonstrated by results collected from the test-bed.

With the proposal of the national industrial 4.0 strategy, the integration of industrial control network and Internet technology is getting higher and higher. At the same time, the closeness of industrial control networks has been broken to a certain extent, making the problem of industrial control network security increasingly serious. S7 protocol is a private protocol of Siemens Company in Germany, which is widely used in the communication process of industrial control network. In this paper, an industrial control intrusion detection model based on S7 protocol is proposed. Traditional protocol parsing technology cannot resolve private industrial control protocols, so, this model uses deep analysis algorithm to realize the analysis of S7 data packets. At the same time, in order to overcome the complexity and portability of static white list configuration, this model dynamically builds a white list through white list self-learning algorithm. Finally, a composite intrusion detection method combining white list detection and abnormal behavior detection is used to detect anomalies. The experiment proves that the method can effectively detect the abnormal S7 protocol packet in the industrial control network.

Cyber-Physical Systems (CPS) are playing important roles in the critical infrastructure now. A prominent family of CPSs are networked control systems in which the control and feedback signals are carried over computer networks like the Internet. Communication over insecure networks make system vulnerable to cyber attacks. In this article, we design an intrusion detection and compensation framework based on system/plant identification to fight covert attacks. We collect error statistics of the output estimation during the learning phase of system operation and after that, monitor the system behavior to see if it significantly deviates from the expected outputs. A compensating controller is further designed to intervene and replace the classic controller once the attack is detected. The proposed model is tested on a DC motor as the plant and is put against a deception signal amplification attack over the forward link. Simulation results show that the detection algorithm well detects the intrusion and the compensator is also successful in alleviating the attack effects.

This paper studies the sensor placement problem in a networked control system for improving its security against cyber-physical attacks. The problem is formulated as a zero-sum game between an attacker and a detector. The attacker's decision is to select f nodes of the network to attack whereas the detector's decision is to place f sensors to detect the presence of the attack signals. In our formulation, the attacker minimizes its visibility, defined as the system L2 gain from the attack signals to the deployed sensors' outputs, and the detector maximizes the visibility of the attack signals. The equilibrium strategy of the game determines the optimal locations of the sensors. The existence of Nash equilibrium for the attacker-detector game is studied when the underlying connectivity graph is a directed or an undirected tree. When the game does not admit a Nash equilibrium, it is shown that the Stackelberg equilibrium of the game, with the detector as the game leader, can be computed efficiently. Our results show that, under the optimal sensor placement strategy, an undirected topology provides a higher security level for a networked control system compared with its corresponding directed topology.

With wide application of networked control systems(N CSs), NCSs security have encountered severe challenges. In this paper, we propose a robust event-triggered controller design method under replay attacks, and the control signal on the plant is updated only when the event-triggering condition is satisfied. We develop a general random replay attack model rather than predetermined specific patterns for the occurrences of replay attacks, which allows to obtain random states to replay. We show that the proposed event-triggered control (ETC) scheme, if well designed, can tolerate some consecutive replay attacks, without affecting the corresponding closed-loop system stability and performance. A numerical examples is finally given to illustrate the effectiveness of our method.

The rapid development of the Cloud Computing Technologies (CCTs) has amended the conventional design of resource-constrained Network Control System (NCS) to the powerful and flexible design of Cloud-Based Networked Control System (CB-NCS) by relocating the processing part to the cloud server. This arrangement has produced many internets based exquisite applications. However, this new arrangement has also raised many network security challenges for the cloud-based control system related to cyber-physical part of the system. In the absence of robust verification methodology, an attacker can launch the modification attack in order to destabilize or take control of NCS. It is desirable that there shall be a solution authentication methodology used to verify whether the incoming solutions are coming from the cloud or not. This paper proposes a methodology used for the verification of the receiving solution to the local control system from the cloud using Karush-Kuhn-Tucker (KKT) conditions, which is then applied to actuator after verification and thus ensure the stability in case of modification attack.

In this paper, security of networked control system (NCS) under denial of service (DoS) attack is considered. Different from the existing literatures from the perspective of control systems, this paper considers a novel method of dynamic allocation of network bandwidth for NCS under DoS attack. Firstly, time-constrained DoS attack and its impact on the communication channel of NCS are introduced. Secondly, details for the proposed dynamic bandwidth allocation structure are presented along with an implementation, which is a bandwidth allocation strategy based on error between current state and equilibrium state and available bandwidth. Finally, a numerical example is given to demonstrate the effectiveness of the proposed bandwidth allocation approach.

Networked Control Systems (NCS) are widely used in Industry 4.0 to obtain better management and operational capabilities, as well as to reduce costs. However, despite the benefits provided by NCSs, the integration of communication networks with physical plants can also expose these systems to cyber threats. This work proposes a link monitoring strategy to identify linear time-invariant transfer functions performed by a Man-in-the-Middle during controlled data injection attacks in NCSs. The results demonstrate that the proposed identification scheme provides adequate accuracy when estimating the attack function, and does not interfere in the plant behavior when the system is not under attack.

This paper focuses on the issue of designing L2 state feedback controller for networked control systems subject to unknown periodic denial-of-service (DoS) jamming attacks. Primarily, a resilient event-triggering mechanism is introduced to counteract the influence of DoS jamming attacks. Secondly, a switching system model of NCSs is set up. Then, the criteria of the exponential stability analysis is obtained by the piecewise Lyapunov functional approach based on the model. Thirdly, a co-design approach of the trigger parameters and L2 controller is developed. Lastly, a practical system is used for proving the efficiency of the proposed approach.

Cybersecurity in control systems has been actively discussed in recent years. In particular, networked control systems (NCSs) over the Internet are exposed to various types of cyberattacks such as false data injection attacks. This paper proposes a detection and mitigation method of the false data injection attacks in interactive NCSs, i.e., bilateral teleoperation systems. A bilateral teleoperation system exchanges position and force information through the Internet between the master and slave robots. The proposed method utilizes two redundant communication channels for both the master-to-slave and slave-to-master paths. The attacks are detected by a tamper detection observer (TDO) on each of the master and slave sides. The TDO compares the position responses of actual robots and robot models. A path selector on each side chooses the appropriate position and force responses from the responses received through the two communication channels, based on the outputs of the TDO. The proposed method is validated by simulations with attack models.

In this paper, we address the stability problem of a noiseless linear time invariant control system over parallel Gaussian channels with feedback. It is shown that the eigenvalues-rate condition which has been proved as a necessary condition, is also sufficient for stability over parallel Gaussian channels. In fact, it is proved that for stabilizing a control system over the parallel Gaussian channels, it suffices that the Shannon channel capacity obtained by the water filling technique is greater than the sum of the logarithm of the unstable eigenvalues magnitude. In order to prove this sufficient condition, we propose a new nonlinear joint source channel coding for parallel Gaussian channels by which the initial state is transmitted through communication steps. This coding scheme with a linear control policy results in the stability of the system under the eigenvalues-rate condition. Hence, the proposed encoder, decoder and controller are efficient for this problem.

Networked control systems improve the efficiency of cyber-physical plants both functionally, by the availability of data generated even in far-flung locations, and operationally, by the adoption of standard protocols. A side-effect, however, is that now the safety and stability of a local process and, in turn, of the entire plant are more vulnerable to malicious agents. Leveraging the communication infrastructure, the authors here present the design of networked control systems with built-in resilience. Specifically, the paper addresses attacks known as false data injections that originate within compromised sensors. In the proposed framework for closed-loop control, the feedback signal is constructed by weighted consensus of estimates of the process state gathered from other interconnected processes. Observers are introduced to generate the state estimates from the local data. Side-channel monitors are attached to each primary sensor in order to assess proper code execution. These monitors provide estimates of the trust assigned to each observer output and, more importantly, independent of it; these estimates serve as weights in the consensus algorithm. The authors tested the concept on a multi-sensor networked physical experiment with six primary sensors. The weighted consensus was demonstrated to yield a feedback signal within specified accuracy even if four of the six primary sensors were injecting false data.

In the present paper, the problem of networked control system (NCS) cyber security is considered. The geometric approach is used to evaluate the security and vulnerability level of the controlled system. The proposed results are about the so-called false data injection attacks and show how imperfectly known disturbances can be used to perform undetectable, or at least stealthy, attacks that can make the NCS vulnerable to attacks from malicious outsiders. A numerical example is given to illustrate the approach.

The authors have proposed the Fallback Control System (FCS) as a countermeasure after cyber-attacks happen in Industrial Control Systems (ICSs). For increased robustness against cyber-attacks, introducing multiple countermeasures is desirable. Then, an appropriate collaboration is essential. This paper introduces two FCSs in ICS: field network signal is driven FCS and analog signal driven FCS. This paper also implements a collaborative FCS by a collaboration function of the two FCSs. The collaboration function is that the analog signal driven FCS estimates the state of the other FCS. The collaborative FCS decides the countermeasure based on the result of the estimation after cyber-attacks happen. Finally, we show practical experiment results to analyze the effectiveness of the proposed method.