An official website of the United States government
Abstract Cyberattacks on control systems in the chemical process industries cause concern regarding how they can impact finances, safety, and production levels of companies. A key practical challenge for cyberattack detection and handling using process information is that process behavior evolves over time. Conceivably, changes in process dynamics might cause some detection strategies to flag a change in the dynamics as an attack due to the new data appearing abnormal compared to data from before the dynamics changed. In this work, we utilize several case studies to probe the question of what might be the impacts, benefits, and limitations of cyberattack detection and handling policies when the process dynamics change over time. The goal of this work is to characterize, through simulation studies, characteristics, which might be desirable and undesirable in cyberattack detection and handling procedures when process evolution is inevitable. We demonstrate challenges with cyberattack detection when process dynamics change and subsequently, discuss two concepts for handling attacks—one which utilizes a two‐tier detection strategy in which model reidentification is triggered when it is not clear whether an attack or a change in the process dynamics has occurred, and one in which control signals are injected at intervals by the actuators. We utilize simulations to elucidate characteristics of these strategies and demonstrate that verifiability of attack‐handling methods is key to their implementation (i.e.,ad hoctuning has potential to leave vulnerabilities which an attacker might locate and exploit).
more »
« less
Lyapunov-Based Economic Model Predictive Control for Detecting and Handling Actuator and Simultaneous Sensor/Actuator Cyberattacks on Process Control Systems
The controllers for a cyber-physical system may be impacted by sensor measurement cyberattacks, actuator signal cyberattacks, or both types of attacks. Prior work in our group has developed a theory for handling cyberattacks on process sensors. However, sensor and actuator cyberattacks have a different character from one another. Specifically, sensor measurement attacks prevent proper inputs from being applied to the process by manipulating the measurements that the controller receives, so that the control law plays a role in the impact of a given sensor measurement cyberattack on a process. In contrast, actuator signal attacks prevent proper inputs from being applied to a process by bypassing the control law to cause the actuators to apply undesirable control actions. Despite these differences, this manuscript shows that we can extend and combine strategies for handling sensor cyberattacks from our prior work to handle attacks on actuators and to handle cases where sensor and actuator attacks occur at the same time. These strategies for cyberattack-handling and detection are based on the Lyapunov-based economic model predictive control (LEMPC) and nonlinear systems theory. We first review our prior work on sensor measurement cyberattacks, providing several new insights regarding the methods. We then discuss how those methods can be extended to handle attacks on actuator signals and then how the strategies for handling sensor and actuator attacks individually can be combined to produce a strategy that is able to guarantee safety when attacks are not detected, even if both types of attacks are occurring at once. We also demonstrate that the other combinations of the sensor and actuator attack-handling strategies cannot achieve this same effect. Subsequently, we provide a mathematical characterization of the “discoverability” of cyberattacks that enables us to consider the various strategies for cyberattack detection presented in a more general context. We conclude by presenting a reactor example that showcases the aspects of designing LEMPC.
more »
« less
- PAR ID:
- 10358939
- Date Published:
- Journal Name:
- Frontiers in Chemical Engineering
- Volume:
- 4
- ISSN:
- 2673-2718
- Format(s):
- Medium: X
- Sponsoring Org:
- National Science Foundation
More Like this
-
-
Summary This article presents a nonlinear closed‐loop active flow control (AFC) method, which achieves asymptotic regulation of a fluid flow velocity field in the presence of actuator uncertainty and sensor measurement limitations. To achieve the result, a reduced‐order model of the flow dynamics is derived, which utilizes proper orthogonal decomposition (POD) to express the Navier‐Stokes equations as a set of nonlinear ordinary differential equations. The reduced‐order model formally incorporates the actuation effects of synthetic jet actuators (SJA). Challenges inherent in the resulting POD‐based reduced‐order model include (1) the states are not directly measurable, (2) the measurement equation is in a nonstandard mathematical form, and (3) the SJA model contains parametric uncertainty. To address these challenges, a sliding mode observer (SMO) is designed to estimate the unmeasurable states in the reduced‐order model of the actuated flow field dynamics. A salient feature of the proposed SMO is that it formally compensates for the parametric uncertainty inherent in the SJA model. The SMO is rigorously proven to achieve local finite‐time estimation of the unmeasurable state in the presence of the parametric uncertainty in the SJA. The state estimates are then utilized in a nonlinear control law, which regulates the flow field velocity to a desired state. A Lyapunov‐based stability analysis is provided to prove local asymptotic regulation of the flow field velocity. To illustrate the performance of the proposed estimation and AFC method, comparative numerical simulation results are provided, which demonstrate the improved performance that is achieved by incorporating the uncertainty compensator.more » « less
-
This work focuses on the problem of enhancing cyberattack detection capabilities in process control systems subject to multiplicative cyberattacks. First, the relationship between closed-loop stability and attack detectability with respect to a class of residual-based detection schemes is rigorously analyzed. The results are used to identify a set of controller parameters (called "attack-sensitive" controller parameters) under which an attack can destabilize the closed-loop system. The selection of attack-sensitive controller parameters can enhance the ability to detect attacks, but can also degrade the performance of the attack-free closed-loop system. To balance this trade-off, a novel active attack detection methodology employing controller parameter switching between the nominal controller parameters (chosen on the basis of standard control design criteria) and the attack-sensitive controller parameters, is developed. The proposed methodology is applied to a chemical process example to demonstrate its ability to detect multiplicative sensor-controller communication link attacks.more » « less
-
Several problems in modeling and control of stochastically-driven dynamical systems can be cast as regularized semi-definite programs. We examine two such representative problems and show that they can be formulated in a similar manner. The first, in statistical modeling, seeks to reconcile observed statistics by suitably and minimally perturbing prior dynamics. The second seeks to optimally select a subset of available sensors and actuators for control purposes. To address modeling and control of large-scale systems we develop a unified algorithmic framework using proximal methods. Our customized algorithms exploit problem structure and allow handling statistical modeling, as well as sensor and actuator selection, for substantially larger scales than what is amenable to current general-purpose solvers. We establish linear convergence of the proximal gradient algorithm, draw contrast between the proposed proximal algorithms and alternating direction method of multipliers, and provide examples that illustrate the merits and effectiveness of our framework.more » « less
-
The work provides a general model of communication attacks on a networked infinite dimensional system. The system employs a network of inexpensive control units consisting of actuators, sensors and control processors. In an effort to replace a reduced number of expensive high-end actuating and sensing devices implementing an observer-based feedback, the alternate is to use multiple inexpensive actuators/sensors with static output feedback. In order to emulate the performance of the high-end devices, the controllers for the multiple actuator/sensors implement controllers which render the system networked. In doing so, they become prone to communication attacks either as accidental or deliberate actions on the connectivity of the control nodes. A single attack function is proposed which models all types of communication attacks and an adaptive detection scheme is proposed in order to (i) detect the presence of an attack, (ii) diagnose the attack and (iii) accommodate the attack via an appropriate control reconfiguration. The reconfiguration employs the adaptive estimates of the controller gains and restructure the controller adaptively in order to minimize the detrimental effects of the attack on closed-loop performance. Numerical studies on a 1D diffusion PDE employing networked actuator/sensor pairs are included in order to further convey the special architecture of detection and accommodation of networked systems under communication attacks.more » « less
- Free Publicly Accessible Full Text
-
Accepted Manuscript1.0
- Journal Article:
- https://doi.org/10.3389/fceng.2022.810129
