skip to main content


The NSF Public Access Repository (NSF-PAR) system and access will be unavailable from 11:00 PM ET on Thursday, June 13 until 2:00 AM ET on Friday, June 14 due to maintenance. We apologize for the inconvenience.

Title: Lyapunov-Based Economic Model Predictive Control for Detecting and Handling Actuator and Simultaneous Sensor/Actuator Cyberattacks on Process Control Systems
The controllers for a cyber-physical system may be impacted by sensor measurement cyberattacks, actuator signal cyberattacks, or both types of attacks. Prior work in our group has developed a theory for handling cyberattacks on process sensors. However, sensor and actuator cyberattacks have a different character from one another. Specifically, sensor measurement attacks prevent proper inputs from being applied to the process by manipulating the measurements that the controller receives, so that the control law plays a role in the impact of a given sensor measurement cyberattack on a process. In contrast, actuator signal attacks prevent proper inputs from being applied to a process by bypassing the control law to cause the actuators to apply undesirable control actions. Despite these differences, this manuscript shows that we can extend and combine strategies for handling sensor cyberattacks from our prior work to handle attacks on actuators and to handle cases where sensor and actuator attacks occur at the same time. These strategies for cyberattack-handling and detection are based on the Lyapunov-based economic model predictive control (LEMPC) and nonlinear systems theory. We first review our prior work on sensor measurement cyberattacks, providing several new insights regarding the methods. We then discuss how those methods can be extended to handle attacks on actuator signals and then how the strategies for handling sensor and actuator attacks individually can be combined to produce a strategy that is able to guarantee safety when attacks are not detected, even if both types of attacks are occurring at once. We also demonstrate that the other combinations of the sensor and actuator attack-handling strategies cannot achieve this same effect. Subsequently, we provide a mathematical characterization of the “discoverability” of cyberattacks that enables us to consider the various strategies for cyberattack detection presented in a more general context. We conclude by presenting a reactor example that showcases the aspects of designing LEMPC.  more » « less
Award ID(s):
1932026 1839675
Author(s) / Creator(s):
; ; ;
Date Published:
Journal Name:
Frontiers in Chemical Engineering
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. Abstract

    Cyberattacks on control systems in the chemical process industries cause concern regarding how they can impact finances, safety, and production levels of companies. A key practical challenge for cyberattack detection and handling using process information is that process behavior evolves over time. Conceivably, changes in process dynamics might cause some detection strategies to flag a change in the dynamics as an attack due to the new data appearing abnormal compared to data from before the dynamics changed. In this work, we utilize several case studies to probe the question of what might be the impacts, benefits, and limitations of cyberattack detection and handling policies when the process dynamics change over time. The goal of this work is to characterize, through simulation studies, characteristics, which might be desirable and undesirable in cyberattack detection and handling procedures when process evolution is inevitable. We demonstrate challenges with cyberattack detection when process dynamics change and subsequently, discuss two concepts for handling attacks—one which utilizes a two‐tier detection strategy in which model reidentification is triggered when it is not clear whether an attack or a change in the process dynamics has occurred, and one in which control signals are injected at intervals by the actuators. We utilize simulations to elucidate characteristics of these strategies and demonstrate that verifiability of attack‐handling methods is key to their implementation (i.e.,ad hoctuning has potential to leave vulnerabilities which an attacker might locate and exploit).

    more » « less
  2. Summary

    This article presents a nonlinear closed‐loop active flow control (AFC) method, which achieves asymptotic regulation of a fluid flow velocity field in the presence of actuator uncertainty and sensor measurement limitations. To achieve the result, a reduced‐order model of the flow dynamics is derived, which utilizes proper orthogonal decomposition (POD) to express the Navier‐Stokes equations as a set of nonlinear ordinary differential equations. The reduced‐order model formally incorporates the actuation effects of synthetic jet actuators (SJA). Challenges inherent in the resulting POD‐based reduced‐order model include (1) the states are not directly measurable, (2) the measurement equation is in a nonstandard mathematical form, and (3) the SJA model contains parametric uncertainty. To address these challenges, a sliding mode observer (SMO) is designed to estimate the unmeasurable states in the reduced‐order model of the actuated flow field dynamics. A salient feature of the proposed SMO is that it formally compensates for the parametric uncertainty inherent in the SJA model. The SMO is rigorously proven to achieve local finite‐time estimation of the unmeasurable state in the presence of the parametric uncertainty in the SJA. The state estimates are then utilized in a nonlinear control law, which regulates the flow field velocity to a desired state. A Lyapunov‐based stability analysis is provided to prove local asymptotic regulation of the flow field velocity. To illustrate the performance of the proposed estimation and AFC method, comparative numerical simulation results are provided, which demonstrate the improved performance that is achieved by incorporating the uncertainty compensator.

    more » « less
  3. The work provides a general model of communication attacks on a networked infinite dimensional system. The system employs a network of inexpensive control units consisting of actuators, sensors and control processors. In an effort to replace a reduced number of expensive high-end actuating and sensing devices implementing an observer-based feedback, the alternate is to use multiple inexpensive actuators/sensors with static output feedback. In order to emulate the performance of the high-end devices, the controllers for the multiple actuator/sensors implement controllers which render the system networked. In doing so, they become prone to communication attacks either as accidental or deliberate actions on the connectivity of the control nodes. A single attack function is proposed which models all types of communication attacks and an adaptive detection scheme is proposed in order to (i) detect the presence of an attack, (ii) diagnose the attack and (iii) accommodate the attack via an appropriate control reconfiguration. The reconfiguration employs the adaptive estimates of the controller gains and restructure the controller adaptively in order to minimize the detrimental effects of the attack on closed-loop performance. Numerical studies on a 1D diffusion PDE employing networked actuator/sensor pairs are included in order to further convey the special architecture of detection and accommodation of networked systems under communication attacks. 
    more » « less
  4. This work focuses on the problem of enhancing cyberattack detection capabilities in process control systems subject to multiplicative cyberattacks. First, the relationship between closed-loop stability and attack detectability with respect to a class of residual-based detection schemes is rigorously analyzed. The results are used to identify a set of controller parameters (called "attack-sensitive" controller parameters) under which an attack can destabilize the closed-loop system. The selection of attack-sensitive controller parameters can enhance the ability to detect attacks, but can also degrade the performance of the attack-free closed-loop system. To balance this trade-off, a novel active attack detection methodology employing controller parameter switching between the nominal controller parameters (chosen on the basis of standard control design criteria) and the attack-sensitive controller parameters, is developed. The proposed methodology is applied to a chemical process example to demonstrate its ability to detect multiplicative sensor-controller communication link attacks. 
    more » « less
  5. null (Ed.)
    Dielectric elastomer (DE) materials, a category of electroactive polymers, can be used to design actuators that are flexible, resilient, lightweight, and durable. However, due to the uncertainties in its actuation dynamics, DE actuators always rely on feedback control to perform accurate and safe operations. In this paper, a tubular dielectric elastomer actuator (DEA) with self-sensing capability is developed. It does not require external devices to measure displacement for feedback control. The displacement of the actuator is controlled using a proportional-integral controller with the capacitance measured at high probing frequency as the self-sensing mechanism component of the actuator. By superimposing actuation and probing voltage and applying them to the DE tube, the actuation voltage activates the movement of the DE tube and the probing voltage is used for self-sensing. Fast Fourier Transform (FFT) is then used to filter a given frequency of the probing current and voltage and then calculate the capacitance from the probing current and voltage during each time window. With the relationship between capacitance and displacement of the DE tube, the displacement output is estimated online and self-sensing without an external sensor is achieved. The self-sensing signal is then used as a feedback signal in a closed-loop design to follow a reference signal for tracking. The experimental results validate the self-sensing of the DE actuator in feedback control. 
    more » « less