Biblio

Cybersecurity for complex systems operating in cyber-physical environment is becoming more and more critical because of the increasing cyber threats and systems' vulnerabilities. Security by design is quite an important method to ensure the systems' normal operations and services supply. For the aim of coping with cyber-attack affections properly, this paper studies the resilient security control issue for time-varying delay systems in cyber-physical environment with state estimation and moving defense approach. Time-varying delay factor induced by communication and network transmission, or data acquisition and processing, or certain cyber-attacks, is considered. To settle the cyber-attacks from the perspective of system control, a dynamic system model considering attacks is presented, and the corresponding switched control model with time-varying delay against attacks is formulated. Then the state estimator for system states is designed to overcome the problem that certain states cannot be measured directly. Estimated states serve as the input of the resilient security controller. Sufficient conditions of the stability of the observer and control system are derived out with the Lyapunov stability analysis method jointly. A moving defense strategy based on anomaly detection and random switching is presented, in which an optimization problem for calculating the proper switching probability of each candidate actuator-controller pair is given. Simulation experimental results are shown to illustrate the effectiveness of the presented scheme.

This paper is concered with the nonlinear cyber physical system (CPS) with uncertain parameters under false data injection (FDI) attacks. The interval type-2 (IT2) fuzzy model is utilized to approximate the nonlinear system, then the nonlinear system can be represented as a convex combination of linear systems. To detect the FDI attacks, a novel robust fuzzy extended state observer with H∞ preformance is proposed, where the fuzzy rules are utilized to the observer to estimate the FDI attacks. Utilizing the observation of the FDI attacks, a security control scheme is proposed in this paper, in which a compensator is designed to offset the FDI attacks. Simulation examples are given to illustrate the effecitveness of the proposed security scheme.

Ant Colony Optimization is applied to design a suitable and shortest route between the starting node point and the end node point in the Wireless Sensor Network (WSN). In general ant colony algorithm plays a good role in path planning process that can also applied in improving the network security. Therefore to protect the network from the malicious nodes an ACO based Dynamic Key Management (ACO-DKM) scheme is proposed. The routes are diagnosed through ACO method also the actual coverage distance and pheromone updating strategy is updated simultaneously that prevents the node from continuous monitoring. Simulation analysis gives the efficiency of the proposed scheme.

While vehicle-to-everything communication technology enables information sharing and cooperative control for vehicles, it also poses a significant threat to the vehicles' driving security owing to cyber-attacks. In particular, Sybil malicious attacks hidden in the vehicle broadcast information flow are challenging to detect, thereby becoming an urgent issue requiring attention. Several researchers have considered this problem and proposed different detection schemes. However, the detection performance of existing schemes based on plausibility checks and neighboring observers is affected by the traffic and attacker densities. In this study, we propose a malicious attack detection scheme based on traffic-flow information fusion, which enables the detection of Sybil attacks without neighboring observer nodes. Our solution is based on the basic safety message, which is broadcast by vehicles periodically. It first constructs the basic features of traffic flow to reflect the traffic state, subsequently fuses it with the road detector information to add the road fusion features, and then classifies them using machine learning algorithms to identify malicious attacks. The experimental results demonstrate that our scheme achieves the detection of Sybil attacks with an accuracy greater than 90 % at different traffic and attacker densities. Our solutions provide security for achieving a usable vehicle communication network.

The development of new types of technology actualizes the issues of ensuring their information security. The aim of the work is to increase the security of the collective decision-making process in swarm robotic systems from negative impacts by identifying malicious robots. It is proposed to use confidence in choosing an alternative when reaching a consensus as a criterion for identifying malicious robots - a malicious robot, having a special behavior strategy, does not fully take into account the signs of the external environment and information from other robots, which means that such a robot will change its mind with characteristic features for each malicious strategy, and its degree of confidence will be different from the usual voting robot. The modeling performed and the obtained experimental data on three types of malicious behavioral strategies demonstrate the possibility of using the degree of confidence to identify malicious robots. The advantages of the approach are taking into account a large number of alternatives and universality, which lies in the fact that the method is based on the mechanisms of collective decision-making, which proceed in the same way on various hardware platforms of swarm robotic systems. The proposed method can serve as a basis for the development of more complex security mechanisms in swarm robotic systems.

Unmanned autonomous vehicles (UAVs) have been receiving high interest lately due to their wide range of potential deployment options that can touch all aspects of our life and economy, such as transportation, delivery, healthcare, surveillance. However, UAVs have also introduced many new vulnerabilities and attack surfaces that can be exploited by cyberattacks. Due to their complexity, autonomous operations, and being relatively new technologies, cyberattacks can be persistent, complex, and can propagate rapidly to severely impact the main UAV functions such as mission management, support, processing operations, maneuver operations, situation awareness. Furthermore, such cyberattacks can also propagate among other UAVs or even their control stations and may even endanger human life. Hence, we need self-protection techniques with an autonomic management approach. In this paper we present our approach to implement self-protection of UAVs (SP-UAV) such that they can continue their critical functions despite cyberattacks targeting UAV operations or services. We present our design approach and implementation using a unified management interface based on three ports: Configuration, observer, and control ports. We have implemented the SP-UAV using C and demonstrated using different attack scenarios how we can apply autonomic responses without human involvement to tolerate cyberattacks against the UAV operations.

This study addresses the coordination issue of multi-agent systems under complicated actuator faults and cyber attacks. Distributed fault-tolerant design is developed with the estimated and output neighboring information in decentralized estimation observer. Criteria of reaching the exponential coordination of multi-agent systems with cyber attacks is obtained with average dwelling time and chattering bound method. Simulations validate the efficiency of the anti-attack fault-tolerant design.

This paper develops a glocal (global-local) attack detection framework to detect stealthy cyber-physical attacks, namely covert attack and zero-dynamics attack, against a class of multi-agent control systems seeking average consensus. The detection structure consists of a global (central) observer and local observers for the multi-agent system partitioned into clusters. The proposed structure addresses the scalability of the approach and the privacy preservation of the multi-agent system’s state information. The former is addressed by using decentralized local observers, and the latter is achieved by imposing unobservability conditions at the global level. Also, the communication graph model is subject to topology switching, triggered by local observers, allowing for the detection of stealthy attacks by the global observer. Theoretical conditions are derived for detectability of the stealthy attacks using the proposed detection framework. Finally, a numerical simulation is provided to validate the theoretical findings.

The concepts of information flow security and refinement are known to have had a troubled relationship ever since the seminal work of McLean. In this work we study refinements that support changes in data representation and semantics, including the addition of state variables that may induce new observational power or side channels. We propose a new epistemic approach to ignorance-preserving refinement where an abstract model is used as a specification of a system's permitted information flows, that may include the declassification of secret information. The core idea is to require that refinement steps must not induce observer knowledge that is not already available in the abstract model. Our study is set in the context of a class of shared variable multiagent models similar to interpreted systems in epistemic logic. We demonstrate the expressiveness of our framework through a series of small examples and compare our approach to existing, stricter notions of information-flow secure refinement based on bisimulations and noninterference preservation. Interestingly, noninterference preservation is not supported “out of the box” in our setting, because refinement steps may introduce new secrets that are independent of secrets already present at abstract level. To support verification, we first introduce a “cube-shaped” unwinding condition related to conditions recently studied in the context of value-dependent noninterference, kernel verification, and secure compilation. A fundamental problem with ignorance-preserving refinement, caused by the support for general data and observation refinement, is that sequential composability is lost. We propose a solution based on relational pre-and postconditions and illustrate its use together with unwinding on the oblivious RAM construction of Chung and Pass.

Facial expression recognition has long been established as a subject of continuous research in various fields. In this study, feature extraction was conducted by calculating the distance between facial landmarks in an image. The extracted features of the relationship between each landmark and analysis were used to classify five facial expressions. We increased the data and label reliability based on our labeling work with multiple observers. Additionally, faces were recognized from the original data, and landmark coordinates were extracted and used as features. A genetic algorithm was used to select features that were relatively more helpful for classification. We performed facial recognition classification and analysis using the method proposed in this study, which showed the validity and effectiveness of the proposed method.

Garg, Goldwasser and Vasudevan (Eurocrypt 2020) invented the notion of deletion-compliance to formally model the “right to be forgotten’, a concept that confers individuals more control over their digital data. A requirement of deletion-compliance is strong privacy for the deletion requesters since no outside observer must be able to tell if deleted data was ever present in the first place. Naturally, many real world systems where information can flow across users are automatically ruled out.The main thesis of this paper is that deletion-compliance is a standalone notion, distinct from privacy. We present an alternative definition that meaningfully captures deletion-compliance without any privacy implications. This allows broader class of data collectors to demonstrate compliance to deletion requests and to be paired with various notions of privacy. Our new definition has several appealing properties:•It is implied by the stronger definition of Garg et al. under natural conditions, and is equivalent when we add a strong privacy requirement.•It is naturally composable with minimal assumptions.•Its requirements are met by data structure implementations that do not reveal the order of operations, a concept known as history-independence.Along the way, we discuss the many challenges that remain in providing a universal definition of compliance to the “right to be forgotten.”

A recent source of concern for the security of neural networks is the emergence of clean-label dataset poisoning attacks, wherein correctly labeled poison samples are injected into the training dataset. While these poison samples look legitimate to the human observer, they contain malicious characteristics that trigger a targeted misclassification during inference. We propose a scalable and transferable clean-label poisoning attack against transfer learning, which creates poison images with their center close to the target image in the feature space. Our attack, Bullseye Polytope, improves the attack success rate of the current state-of-the-art by 26.75% in end-to-end transfer learning, while increasing attack speed by a factor of 12. We further extend Bullseye Polytope to a more practical attack model by including multiple images of the same object (e.g., from different angles) when crafting the poison samples. We demonstrate that this extension improves attack transferability by over 16% to unseen images (of the same object) without using extra poison samples.

To improve the security and reliability of the system in case of sensor failure, a fault diagnosis algorithm based on neural network is proposed to locate the fault quickly and reconstruct the control system in this paper. Firstly, the typical airborne sensors are introduced and their common failure modes are analyzed. Then, a new method of complex feature extraction using wavelet packet is put forward to extract the fault characteristics of UAV sensors. Finally, the observer method based on BP neural network is adopted to train and acquire data offline, and to detect and process single or multiple sensor faults online. Matlab simulation results show that the algorithm has good diagnostic accuracy and strong generalization ability, which also has certain practicability in engineering.

In a centralized Networked Control System (NCS), all agents share local data with a central processing unit that generates control commands for agents. The use of a communication network between the agents gives NCSs a distinct advantage in efficiency, design cost, and simplicity. However, this benefit comes at the expense of vulnerability to a range of cyber-physical attacks. Recently, novel defense mechanisms to counteract false data injection (FDI) attacks on NCSs have been developed for agents with linear dynamics but have not been thoroughly investigated for NCSs with nonlinear dynamics. This paper proposes an FDI attack mitigation strategy for NCSs composed of agents with nonlinear dynamics under disturbances and measurement noises. The proposed algorithm uses both learning and model-based approaches to estimate agents'states for FDI attack mitigation. A neural network is used to model uncertain dynamics and estimate the effect of FDI attacks. The controller and estimator are designed based on Lyapunov stability analysis. A simulation of robots with Euler-Lagrange dynamics is considered to demonstrate the developed controller's performance to respond to FDI attacks in real-time.

The output feedback problem of finite-time command filtering for nonlinear systems with random disturbance is addressed in this paper. This is the first time that command filtering and output feedback are integrated so that a nonlinear system with random disturbance converge rapidly in finite time. The uncertain functions and unmeasured states are estimated by the fuzzy logic system (FLS) and nonlinear state observer, respectively. Based on the adaptive framework, command filtering technology is applied to mitigate the problem of ``term explosion'' inherent in traditional methods, and error compensation mechanism is considered to improve the control performance of the system. The developed output feedback controller ensures the boundedness of all signals in the stochastic system within a finite time, and the convergence residual can converge to a small region. The validity of this scheme is well verified in a numerical example.

This paper is concerned with the problem of adaptive finite-time prescribed performance control for a category of uncertain nonlinear systems subject to fuzzy dead-zone input. Via combining the technologies of command filter and backstepping control, the ``singularity'' and the ``explosion of complexity'' issues within controller design procedure are avoided. Moreover, by designing a state observer and utilizing the center-of-gravity theorem, the unmeasured states of system are estimated and the fuzzy issue result from fuzzy dead-zone input is disposed, respectively. Meanwhile, a finite-time fuzzy controller is constructed via combining with finite-time stability criterion, which guarantees all the signals in closed-loop system are convergent and the trajectory of tracking error also strictly evolves within a predefined range in finite time. At last, some simulation results confirm the viability of presented theoretical results.

The resilient output feedback control of linear networked control (NCS) system with uncertain dynamics in the presence of Gaussian noise is presented under the denial of service (DoS) attacks on communication networks. The DoS attacks on the sensor-to-controller (S-C) and controller- to-actuator (C-A) networks induce random packet losses. The NCS is viewed as a jump linear system, where the linear NCS matrices are a function of induced losses that are considered unknown. A set of novel correlation detectors is introduced to detect packet drops in the network channels using the property of Gaussian noise. By using an augmented system representation, the output feedback Q-learning based control scheme is designed for the jump linear NCS with uncertain dynamics to cope with the changing values of the mean packet losses. Simulation results are included to support the theoretical claims.

Connected vehicles as a promising concept of Intelligent Transportation System (ITS), are a potential solution to address some of the existing challenges of emission, traffic congestion as well as fuel consumption. To achieve these goals, connectivity among vehicles through the wireless communication network is essential. However, vehicular communication networks endure from reliability and security issues. Cyber-attacks with purposes of disrupting the performance of the connected vehicles, lead to catastrophic collision and traffic congestion. In this study, we consider a platoon of connected vehicles equipped with Cooperative Adaptive Cruise Control (CACC) which are subjected to a specific type of cyber-attack namely "False Data Injection" attack. We developed a novel method to model the attack with ghost vehicles injected into the connected vehicles network to disrupt the performance of the whole system. To aid the analysis, we use a Partial Differential Equation (PDE) model. Furthermore, we present a PDE model-based diagnostics scheme capable of detecting the false data injection attack and isolating the injection point of the attack in the platoon system. The proposed scheme is designed based on a PDE observer with measured velocity and acceleration feedback. Lyapunov stability theory has been utilized to verify the analytically convergence of the observer under no attack scenario. Eventually, the effectiveness of the proposed algorithm is evaluated with simulation study.

Cyber-physical systems (CPS) maintain operation, reliability, and safety performance using state estimation and control methods. Internet connectivity and Internet of Things (IoT) devices are integrated with CPS, such as in smart grids. This integration of Operational Technology (OT) and Information Technology (IT) brings with it challenges for state estimation and exposure to cyber-threats. This research establishes a state estimation baseline, details the integration of IT, evaluates the vulnerabilities, and develops an approach for detecting and responding to cyber-attack data injections. Where other approaches focus on integration of IT cyber-controls, this research focuses on development of classification tools using data currently available in state estimation methods to quantitatively determine the presence of cyber-attack data. The tools may increase computational requirements but provide methods which can be integrated with existing state estimation methods and provide for future research in state estimation based cyber-attack incident response. A robust cyber-resilient CPS includes the ability to detect and classify a cyber-attack, determine the true system state, and respond to the cyber-attack. The purpose of this paper is to establish a means for a cyber aware state estimator given the existence of sub-erroneous outlier detection, cyber-attack data weighting, cyber-attack data classification, and state estimation cyber detection.

In this paper, we present the concept of boosting the resiliency of optimization-based observers for cyber-physical systems (CPS) using auxiliary sources of information. Due to the tight coupling of physics, communication and computation, a malicious agent can exploit multiple inherent vulnerabilities in order to inject stealthy signals into the measurement process. The problem setting considers the scenario in which an attacker strategically corrupts portions of the data in order to force wrong state estimates which could have catastrophic consequences. The goal of the proposed observer is to compute the true states in-spite of the adversarial corruption. In the formulation, we use a measurement prior distribution generated by the auxiliary model to refine the feasible region of a traditional compressive sensing-based regression problem. A constrained optimization-based observer is developed using l1-minimization scheme. Numerical experiments show that the solution of the resulting problem recovers the true states of the system. The developed algorithm is evaluated through a numerical simulation example of the IEEE 14-bus system.

This paper investigated the sliding mode load frequency control (LFC) for an multi-area power system (MPS) under deception attacks (DA). A Luenberger observer is designed to obtain the state estimate of MPS. By using the Lyapunov-Krasovskii method, a sliding mode surface (SMS) is designed to ensure the stability. Then the accessibility analysis ensures that the trajectory of the MPS can reach the specified SMS. Finally, the serviceability of the method is explained by providing a case study.

In this paper, we formulate a combinatorial optimization problem that aims to maximize the accuracy of a lower bound estimate of the probability of security of a multi-robot system (MRS), while minimizing the computational complexity involved in its calculation. Security of an MRS is defined using the well-known control theoretic notion of left invertiblility, and the probability of security of an MRS can be calculated using binary decision diagrams (BDDs). The complexity of a BDD depends on the number of disjoint path sets considered during its construction. Taking into account all possible disjoint paths results in an exact probability of security, however, selecting an optimal subset of disjoint paths leads to a good estimate of the probability while significantly reducing computation. To deal with the dynamic nature of MRSs, we introduce two methods: (1) multi-point optimization, a technique that requires some a priori knowledge of the topology of the MRS over time, and (2) online optimization, a technique that does not require a priori knowledge, but must construct BDDs while the MRS is operating. Finally, our approach is validated on an MRS performing a rendezvous objective while exchanging information according to a noisy state agreement process.

Data dropouts in communication network can have a significant impact on wide-area oscillation damping control of a smart power grid with large-scale deployment of distributed and networked phasor measurement units and wind energy resources. Remote feedback signals sent through communication channels encounter data dropout, which is represented by the Gilbert-Elliott model. An observer-driven reduced copy (ORC) approach is presented, which uses the knowledge of the nominal system dynamics during data dropouts to improve the damping performance where conventional feedback would suffer. An expression for the expectation of the bound on the error norm between the actual and the estimated states relating uncertainties in the cyber system due to data dropout and physical system due to change in operating conditions is also derived. The key contribution comes from the analytical derivation of the impact of coupling between the cyber and the physical layer on ORC performance. Monte Carlo simulation is performed to calculate the dispersion of the error bound. Nonlinear time-domain simulations demonstrate that the ORC produces significantly better performance compared to conventional feedback under higher data drop situations.

With rapid development of deep integration of computation, control, and communication, Cyber-Physical Systems (CPSs) play an important role in industrial processes. Combined with the technology of fog computing, CPSs can outsource their complicated computation to the fog layer, which in turn, may bring security threats with regard to data privacy. To protect data privacy in a control framework, this paper investigate observer-based secure control problem towards fog computing aided CPSs (FCA-CPSs) by utilizing data perturbation method. Firstly, security inputs are designed to encrypt the transmitted states to realize specific confidentiality level. Then, sufficient conditions are established to ensure the stability of considered FCA-CPSs. Finally, a numerical example is provided to illustrate the effectiveness of the secure estimation scheme.

Various aspects of security and privacy in many application domains can be assessed based on proper analysis of successive measurements that are collected on a given system. This work is devoted to such issues in the context of timed stochastic Petri net models. We assume that certain events and part of the marking trajectories are observable to adversaries who aim to determine when the system is performing secret operations, such as time intervals during which the system is executing certain critical sequences of events (as captured, for instance, in language-based opacity formulations). The combined use of the k-step trajectory-observer and the Markov model of the stochastic Petri net leads to probabilistic indicators helpful for evaluating language-based opacity of the given system, related timing aspects, and possible strategies to improve them.