[en] The paper presents a new approach for control security. Specifically, cyber-attacks on the controller are investigated by means of optimization techniques in order to determine the worst-case scenario. Then, a novel attack detector based on limit checking is introduced. The particularity of this detector is that no specific controller knowledge is necessary. Hence, the vulnerability of the detector can be reduced since no reconfiguration is required (limited accessibility). Finally, the paper shows that the effect of the attacks on the system can be significantly mitigated by applying proper optimal control laws.
Research center :
Interdisciplinary Centre for Security, Reliability and Trust
Disciplines :
Electrical & electronics engineering
Author, co-author :
Rosich, Albert ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
Voos, Holger ; University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Engineering Research Unit ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
Li, Yumei; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
Darouach, Mohamed; University of Lorraine
Language :
English
Title :
A model predictive approach for cyber-attack detection and mitigation in control systems
Publication date :
13 December 2013
Event name :
52nd IEEE Conference on Decision and Control
Event place :
Florence, Italy
Event date :
2013
Audience :
International
Main work title :
52nd IEEE Conference on Decision and Control CDC 2013, Florence, Italy, Dec. 2013
N. Falliere, Murchu, and E. Chien, "W32.stuxnet dossier, " Symantec Security Response online report, Symantec, Tech. Rep., February 2011.
J. Slay and M. Miller, Lessons Learned from the Maroochy Water Breach, ser. IFIP International Federation for Information Processing. Springer US, 2007, vol. 253, pp. 73-82.
E. Byres and J. Lowe, "The myths and facts behind cyber security risk for industrial control systems, " in In ISA Process Control Conference, 2003.
A. A. Cardenas, S. Amin, and S. Sastry, "Research challenges for the security of control systems, " in Proceedings of the 3rd conference on Hot topics in security, ser. HOTSEC'08. Berkeley, CA, USA: USENIX Association, 2008, pp. 1-6.
A. A. Cardenas, S. Amin, and S. Sastry, "Secure control: Towards survivable cyber-physical systems, " in First International Workshop on Cyber-Physical Systems, June 2008, pp. 495-500.
S. Amin, A. A. Cardenas, and S. S. Sastry, "Safe and secure networked control systems under denial-of-service attacks, " in Proceedings of the 12th International Conference on Hybrid Systems: Computation and Control, ser. HSCC '09. Berlin, Heidelberg: Springer-Verlag, 2009, pp. 31-45.
Z.-H. Pang and G.-P. Liu, "Design and implementation of secure networked predictive control systems under deception attacks, " Control Systems Technology, IEEE Transactions on, vol. 20, no. 5, pp. 1334- 1342, September 2012.
A. Teixeira, D. Perez, H. Sandberg, and K. H. Johansson, "Attack models and scenarios for networked control systems, " in Proceedings of the 1st international conference on High Confidence Networked Systems, ser. HiCoNS '12. New York, NY, USA: ACM, 2012, pp. 55-64.
I. Shames, A. M. Teixeira, H. Sandberg, and K. H. Johansson, "Distributed fault detection for interconnected second-order systems, " Automatica, vol. 47, no. 12, pp. 2757 - 2764, 2011.
Y. Mo and B. Sinopoli, "False data injection attacks in control systems, " in First Workshop on Secure Control Systems, Cyber Physical Systems Week 2010, April 2010.
J. Gertler, Fault Detection and Diagnosis in Engineering Systems. New York: Marcel Dekker, Inc., 1998.
M. Blanke, M. Kinnaert, J. Lunze, and M. Staroswiecki, Diagnosis and Fault-Tolerant Control, 2nd ed. Springer, 2006.
S. X. Ding, Model-based Fault Diagnosis Techniques: Design Schemes, Algorithms, and Tools, 1st ed. Springer Publishing Company, Incorporated, 2008.
R. Isermann, Fault-Diagnosis Systems: An Introduction from Fault Detection to Fault Tolerance. Springer, 2006.
J. M. Maciejowski, Predictive control with constraints. Essex, England: Prentice Hall, 2002.
A. Bemporad, M. Morari, V. Dua, and E. Pistikopoulos, "The explicit solution of model predictive control via multiparametric quadratic programming, " in American Control Conference, 2000. Proceedings of the 2000, vol. 2, 200, pp. 872-876.