Cyber attacks with bounded sensor reading edits for partially-observed discrete event systems

The problem of cyber attacks with bounded sensor reading edits for partially-observed discrete event systems is considered. An operator observes a plant through an observation mask that does not allow him to detect the occurrence of certain events (silent events). The observation is corrupted by an attacker who can insert and erase some sensor readings. The operator observes the system evolution in order to validate if a state in a given set of unsafe states is reached. The attacker corrupts the observation with the aim of preventing the operator to verify when an interesting state has been reached. Furthermore, the attacker wants to remain stealthy, namely he wants the operator does not realize that someone is corrupting his observation. An automaton, called attack structure is proposed, which supports the attacker in defining an effective attack. In more detail, first, the unbounded attack structure is obtained by doing the concurrent composition of two state observers, the attacker observer and the operator observer. Then, the n-bounded attack structure, for a given integer value of n, is obtained by doing the concurrent composition of the unbounded attack structure and an n-bounded attack automaton. Finally, the n-bounded attack structure can be made supremal and stealthy by appropriately trimming the previous attack structure. A stealthy attacker can elaborate his strategy looking at the supremal stealthy attack substructure and may result in different degrees of effectiveness: strong, weak or vain. The proposed approach can be dually used to verify if such an attack could be effective for the given system, thus to establish if the system is safe under attack.

[1]  A. Tarski A LATTICE-THEORETICAL FIXPOINT THEOREM AND ITS APPLICATIONS , 1955 .

[2]  Christos G. Cassandras,et al.  Introduction to Discrete Event Systems , 1999, The Kluwer International Series on Discrete Event Dynamic Systems.

[3]  D. Thorsley,et al.  Intrusion Detection in Controlled Discrete Event Systems , 2006, Proceedings of the 45th IEEE Conference on Decision and Control.

[4]  Marcos V. Moreira,et al.  Security Against Network Attacks in Supervisory Control Systems , 2017 .

[5]  Alessandro Giua,et al.  Generalized mutual exclusion contraints on nets with uncontrollable transitions , 1992, [Proceedings] 1992 IEEE International Conference on Systems, Man, and Cybernetics.

[6]  Yiding Ji,et al.  Opacity Enforcement by Insertion Functions under Energy Constraints , 2018 .

[7]  Alessandro Giua,et al.  Observability of place/transition nets , 2002, IEEE Trans. Autom. Control..

[8]  Panos J. Antsaklis,et al.  Petri net supervisors for DES with uncontrollable and unobservable transitions , 2000, IEEE Trans. Autom. Control..

[9]  Santosh Biswas,et al.  Application of stochastic discrete event system framework for detection of induced low rate TCP attack. , 2015, ISA transactions.

[10]  Stéphane Lafortune,et al.  Discrete Event Systems: Modeling, Observation, and Control , 2019, Annu. Rev. Control. Robotics Auton. Syst..

[11]  Jana Kosecka,et al.  Control of Discrete Event Systems , 1992 .

[12]  Alessandro Giua,et al.  Supervisory enforcement of current-state opacity with uncomparable observations , 2016, 2016 13th International Workshop on Discrete Event Systems (WODES).

[13]  Paulo Tabuada,et al.  Secure Estimation and Control for Cyber-Physical Systems Under Adversarial Attacks , 2012, IEEE Transactions on Automatic Control.

[14]  Qi Zhang,et al.  Stealthy Attacks for Partially-Observed Discrete Event Systems , 2018, 2018 IEEE 23rd International Conference on Emerging Technologies and Factory Automation (ETFA).

[15]  Shigemasa Takai,et al.  Synthesis of Similarity Enforcing Supervisors for Nondeterministic Discrete Event Systems , 2018, IEEE Transactions on Automatic Control.

[16]  Florian Dörfler,et al.  Attack Detection and Identification in Cyber-Physical Systems -- Part II: Centralized and Distributed Monitor Design , 2012, ArXiv.

[17]  Behzad Bordbar,et al.  On-Line Monitoring of Large Petri Net Models Under Partial Observation , 2008, Discret. Event Dyn. Syst..

[18]  Stéphane Lafortune,et al.  Stealthy deception attacks for cyber-physical systems , 2017, 2017 IEEE 56th Annual Conference on Decision and Control (CDC).

[19]  Ping Zhang,et al.  Modeling and detection of cyber attacks on discrete event systems , 2018 .

[20]  Marcos V. Moreira,et al.  Detectable and Undetectable Network Attack Security of Cyber-physical Systems , 2018 .

[21]  Stéphane Lafortune,et al.  Detection and Mitigation of Classes of Attacks in Supervisory Control Systems , 2018, Autom..

[22]  Ping Zhang,et al.  Detection of covert attacks and zero dynamics attacks in cyber-physical systems , 2016, 2016 American Control Conference (ACC).

[23]  Raja Sengupta,et al.  Diagnosability of discrete-event systems , 1995, IEEE Trans. Autom. Control..

[24]  Rong Su,et al.  Supervisor Synthesis to Thwart Cyber Attack with Bounded Sensor Reading Alterations , 2016, Autom..

[25]  Santosh Biswas,et al.  Discrete event system framework for fault diagnosis with measurement inconsistency: case study of rogue DHCP attack , 2019, IEEE/CAA Journal of Automatica Sinica.

[26]  Walter Murray Wonham,et al.  On observability of discrete-event systems , 1988, Inf. Sci..

[27]  Karl Henrik Johansson,et al.  A secure control framework for resource-limited adversaries , 2012, Autom..

[28]  Christoforos N. Hadjicostis,et al.  Algebraic approaches for fault identification in discrete-event systems , 2005, IEEE Transactions on Automatic Control.

[29]  Alessandro Giua,et al.  Fault detection for discrete event systems using Petri nets with unobservable transitions , 2005, Proceedings of the 44th IEEE Conference on Decision and Control.

[30]  Stéphane Lafortune,et al.  Polynomial-time verification of diagnosability of partially observed discrete-event systems , 2002, IEEE Trans. Autom. Control..

[31]  Vijay K. Garg,et al.  Predicates and predicate transformers for supervisory control of discrete event dynamical systems , 1993, IEEE Trans. Autom. Control..