skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


Title: Controller Switching-Enabled Active Detection of Multiplicative Cyberattacks on Process Control Systems
This work focuses on the problem of enhancing cyberattack detection capabilities in process control systems subject to multiplicative cyberattacks. First, the relationship between closed-loop stability and attack detectability with respect to a class of residual-based detection schemes is rigorously analyzed. The results are used to identify a set of controller parameters (called "attack-sensitive" controller parameters) under which an attack can destabilize the closed-loop system. The selection of attack-sensitive controller parameters can enhance the ability to detect attacks, but can also degrade the performance of the attack-free closed-loop system. To balance this trade-off, a novel active attack detection methodology employing controller parameter switching between the nominal controller parameters (chosen on the basis of standard control design criteria) and the attack-sensitive controller parameters, is developed. The proposed methodology is applied to a chemical process example to demonstrate its ability to detect multiplicative sensor-controller communication link attacks.  more » « less
Award ID(s):
2137281
PAR ID:
10416875
Author(s) / Creator(s):
; ;
Date Published:
Journal Name:
American Control Conference
Page Range / eLocation ID:
2473 to 2478
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. ; ; (, 14th International Symposium on Process Systems Engineering)
    In this work, multiplicative cyberattacks targeting the sensor-controller communication link of a process control system are considered. The interdependence of detectability of an attack with respect to a general class of residual-based detection schemes and the control parameters is characterized. Exploiting this dependence, a controller screening methodology that may be used to incorporate cyberattack detectability into the standard controller design criteria is presented. Using a chemical process example, the application of the controller design screening to a nonlinear process is demonstrated. 
    more » « less
  2. (, IEEE Transactions on Industrial Cyber-Physical Systems)
    This paper demonstrates the fundamental vulnerability of networked linear control systems to perfectly undetectable false data injection attacks (FDIAs) based on affine transformations. The work formulates a generalized FDIA framework that coordinates multiplicative and additive data injections targeting both control commands and observables in networked systems. The paper derives mathematical conditions for executing affine transformation based perfectly undetectable attacks (ATPAs) on state-feedback and output-feedback control systems, with attack capabilities varying based on the attacker’s knowledge of plant dynamics and control gains. The paper examines several attack scenarios, including scaling and general affine transformations, and characterizes the range of system knowledge—from minimum to full—required for different attack types. The paper classifies ATPA into four types based on the feedback structure (state or output) and knowledge requirements: those that match plant dynamics without controller knowledge and those that match closed-loop dynamics by exploiting controller information. The paper examines several attack scenarios and shows how carefully ATPAs can create the illusion of normal system operation while the actual system behavior deviates significantly from intended trajectories. 
    more » « less
  3. (, 2020 American Control Conference (ACC))
    The work provides a general model of communication attacks on a networked infinite dimensional system. The system employs a network of inexpensive control units consisting of actuators, sensors and control processors. In an effort to replace a reduced number of expensive high-end actuating and sensing devices implementing an observer-based feedback, the alternate is to use multiple inexpensive actuators/sensors with static output feedback. In order to emulate the performance of the high-end devices, the controllers for the multiple actuator/sensors implement controllers which render the system networked. In doing so, they become prone to communication attacks either as accidental or deliberate actions on the connectivity of the control nodes. A single attack function is proposed which models all types of communication attacks and an adaptive detection scheme is proposed in order to (i) detect the presence of an attack, (ii) diagnose the attack and (iii) accommodate the attack via an appropriate control reconfiguration. The reconfiguration employs the adaptive estimates of the controller gains and restructure the controller adaptively in order to minimize the detrimental effects of the attack on closed-loop performance. Numerical studies on a 1D diffusion PDE employing networked actuator/sensor pairs are included in order to further convey the special architecture of detection and accommodation of networked systems under communication attacks. 
    more » « less
  4. ; ; ; (, IEEE)
    In this paper, we have proposed a resilient reinforcement learning method for discrete-time linear systems with unknown parameters, under denial-of-service (DoS) attacks. The proposed method is based on policy iteration that learns the optimal controller from input-state data amidst DoS attacks. We achieve an upper bound for the DoS duration to ensure closed-loop stability. The resilience of the closed-loop system, when subjected to DoS attacks with the learned controller and an internal model, has been thoroughly examined. The effectiveness of the proposed methodology is demonstrated on an inverted pendulum on a cart. 
    more » « less
  5. ; (, Intelligent Computing. SAI 2023. Lecture Notes in Networks and Systems)
    There are a variety of ways, such as reflashing of targeted electronic control units (ECUs) to hijacking the control of a fleet of wheeled mobile robots, through which adversaries can execute attacks on the actuators of mobile robots and autonomous vehicles. Independent of the source of cyber-physical infiltration, assessing the physical capabilities of an adversary who has made it to the last stage and is directly controlling the cyber-physical system actuators is of crucial importance. This paper investigates the potentials of an adversary who can directly manipulate the traction dynamics of wheeled mobile robots and autonomous vehicles but has a very limited knowledge of the physical parameters of the traction dynamics. It is shown that the adversary can exploit a new class of closed-loop attack policies that can be executed against the traction dynamics leading to wheel lock conditions. In comparison with a previously proposed wheel lock closed-loop attack policy, the attack policy in this paper relies on less computations and knowledge of the traction dynamics. Furthermore, the proposed attack policy generates smooth actuator input signals and is thus harder to detect. Simulation results using various tire-ground interaction conditions demonstrate the effectiveness of the proposed wheel lock attack policy. 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email