Secure Distributed Control Methodologies with Built-in Defense in Distributed Networked Control Systems.

ZENG, WENTE. Secure Distributed Control Methodologies with Built-in Defense in Distributed Networked Control Systems. (Under the direction of Dr. Mo-Yuen Chow.) Distributed Networked Control Systems (D-NCS) are spatially distributed systems that integrate distributed sensors, actuators, and computing processors over a communication network for a vast amount of applications, such as electrical power systems and transportation systems. While most D-NCS have been safe in the past, they are increasingly more vulnerable to malicious cyber attacks and malwares with the rapid advancements and uses with networking, embedded systems, wireless communication technologies, and novel control strategies. In particular, more and more distributed control algorithms are being used in D-NCS because of their flexibility, robustness, computation, and communication features. These algorithms, however, increase the vulnerability of D-NCS to malicious cyber attacks. Thus, there is an urgent growing need to protect control algorithms from malicious cyber attacks in D-NCS. This thesis considers the fundamental task of reaching an agreement (i.e., consensus) among a group of agents via secure distributed computations in D-NCS and discusses the problem of designing secure distributed control methodologies that are capable of performing secure distributed computations in the presence of misbehaving agents. First, we develop the mathematical models of D-NCS and misbehaving agents in the network, and we explore the vulnerabilities of conventional linear consensus algorithms. Second, we propose a reputationbased secure distributed control algorithm with built-in defense mechanism for leaderfollower consensus network. It includes four phases (detection, mitigation, identification, and update) into the control process in a distributed manner and is able to achieve an accurate consensus computation in the presence of misbehaving agents in D-NCS. Third, we extend the proposed algorithm to the leaderless consensus network by introducing and adding two recovery schemes (rollback recovery and excitation recovery) into the current secure distributed control framework to guarantee the accurate convergence of the well-behaving agents in D-NCS. At each phase, every agent only uses local and one-hop neighbors’ information to identify and isolate the misbehaving agents, and even compensate their effect to the system. Fourth, we develop a trade-off model and corresponding quantitative metrics to address the performance and security trade-off problem of D-NCS. A paradigm of multiagent trade-off optimization based on the Coevolutionary Genetic Algorithm (CGA) is proposed to optimize the trade-off between system real-time performance and security levels. Finally, in order to analyze the performance of our theoretical design on a real-world problem, we examine and validate the effectiveness of the proposed techniques in several illustrative case studies through both simulations and experiments. © Copyright 2013 Wente Zeng All Rights Reserved Secure Distributed Control Methodologies with Built-in Defense in Distributed Networked Control Systems

[1]  Ayan Banerjee,et al.  Ensuring Safety, Security, and Sustainability of Mission-Critical Cyber–Physical Systems , 2012, Proceedings of the IEEE.

[2]  Shu-Cherng Fang,et al.  Game Theoretic Analysis of a Distribution System with Customer Market Search , 2005, Ann. Oper. Res..

[3]  Kai Hwang,et al.  PowerTrust: A Robust and Scalable Reputation System for Trusted Peer-to-Peer Computing , 2007, IEEE Transactions on Parallel and Distributed Systems.

[4]  Asuman E. Ozdaglar,et al.  Spread of (Mis)Information in Social Networks , 2009, Games Econ. Behav..

[5]  Mo-Yuen Chow,et al.  A trade-off model for performance and security in secured Networked Control Systems , 2011, 2011 IEEE International Symposium on Industrial Electronics.

[6]  Tomasz Arciszewski,et al.  Co-evolution of terrorist and security scenarios for water distribution systems , 2008, Adv. Eng. Softw..

[7]  André Teixeira,et al.  Networked control systems under cyber attacks with applications to power networks , 2010, Proceedings of the 2010 American Control Conference.

[8]  Ralph Langner,et al.  Stuxnet: Dissecting a Cyberwarfare Weapon , 2011, IEEE Security & Privacy.

[9]  Danny Dolev,et al.  The Byzantine Generals Strike Again , 1981, J. Algorithms.

[10]  M. Egerstedt,et al.  Motion probes for fault detection and recovery in networked control systems , 2008, 2008 American Control Conference.

[11]  Dr. Clifford Neuman Challenges in Security for Cyber-Physical Systems , 2009 .

[12]  K. Wong,et al.  Analyzing oligopolistic electricity market using coevolutionary computation , 2006, IEEE Transactions on Power Systems.

[13]  Jie Lin,et al.  Coordination of groups of mobile autonomous agents using nearest neighbor rules , 2003, IEEE Trans. Autom. Control..

[14]  Ruggero Carli,et al.  Distributed estimation via iterative projections with application to power network monitoring , 2011, Autom..

[15]  Özgür Gürbüz,et al.  Wireless Model-Based Predictive Networked Control System Over Cooperative Wireless Network , 2011, IEEE Transactions on Industrial Informatics.

[16]  M. Amin,et al.  Security challenges for the electricity infrastructure , 2002 .

[17]  Scott A. Brandt,et al.  Draco: Efficient Resource Management for Resource-Constrained Control Tasks , 2009, IEEE Transactions on Computers.

[18]  Meng Ji,et al.  Connectedness preserving distributed coordination control over dynamic graphs , 2005, Proceedings of the 2005, American Control Conference, 2005..

[19]  Randal W. Beard,et al.  Consensus seeking in multiagent systems under dynamically changing interaction topologies , 2005, IEEE Transactions on Automatic Control.

[20]  Wenye Wang,et al.  Information security with real-time operation: performance assessment for next generation wireless distributed networked-control-systems , 2007, IECON 2007 - 33rd Annual Conference of the IEEE Industrial Electronics Society.

[21]  Fan Wu,et al.  A Collusion-Resistant Routing Scheme for Noncooperative Wireless Ad Hoc Networks , 2010, IEEE/ACM Transactions on Networking.

[22]  Mo-Yuen Chow,et al.  Realization and validation of Delay Tolerant Behavior Control based Adaptive Bandwidth Allocation for networked control system , 2010, 2010 IEEE International Symposium on Industrial Electronics.

[23]  Mehran Mesbahi,et al.  On maximizing the second smallest eigenvalue of a state-dependent graph Laplacian , 2006, IEEE Transactions on Automatic Control.

[24]  Alfredo Pironti,et al.  Formal Vulnerability Analysis of a Security System for Remote Fieldbus Access , 2011, IEEE Transactions on Industrial Informatics.

[25]  Wencong Su,et al.  Performance evaluation of a PHEV parking station using Particle Swarm Optimization , 2011, 2011 IEEE Power and Energy Society General Meeting.

[26]  Weiming Shen,et al.  Nrc Publications Archive (nparc) Archives Des Publications Du Cnrc (nparc) Distributed Device Networks with Security Constraints Distributed Device Networks with Security Constraints* Distributed Device Networks with Security Constraints , 2022 .

[27]  Dongyan Xu,et al.  Robust computation of aggregates in wireless sensor networks: distributed randomized algorithms and analysis , 2005, IPSN 2005. Fourth International Symposium on Information Processing in Sensor Networks, 2005..

[28]  Mo-Yuen Chow,et al.  Modeling and Optimizing the Performance-Security Tradeoff on D-NCS Using the Coevolutionary Paradigm , 2013, IEEE Transactions on Industrial Informatics.

[29]  Lewis Tseng,et al.  Iterative approximate byzantine consensus in arbitrary directed graphs , 2012, PODC '12.

[30]  Mo-Yuen Chow,et al.  Performance assessment and compensation for secure networked control systems , 2008, 2008 34th Annual Conference of IEEE Industrial Electronics.

[31]  Vijay Kumar,et al.  Robust Control for Mobility and Wireless Communication in Cyber–Physical Systems With Application to Robot Teams , 2012, Proceedings of the IEEE.

[32]  Mo-Yuen Chow,et al.  EDA-Based Speed Control of a Networked DC Motor System With Time Delays and Packet Losses , 2009, IEEE Transactions on Industrial Electronics.

[33]  S. Shankar Sastry,et al.  Secure Control: Towards Survivable Cyber-Physical Systems , 2008, 2008 The 28th International Conference on Distributed Computing Systems Workshops.

[34]  Kay Chen Tan,et al.  A Competitive-Cooperative Coevolutionary Paradigm for Dynamic Multiobjective Optimization , 2009, IEEE Transactions on Evolutionary Computation.

[35]  Miguel Castro,et al.  Practical byzantine fault tolerance and proactive recovery , 2002, TOCS.

[36]  R. Olfati-Saber,et al.  Distributed Fault Diagnosis using Sensor Networks and Consensus-based Filters , 2006, Proceedings of the 45th IEEE Conference on Decision and Control.

[37]  Antonio Bicchi,et al.  Distributed intrusion detection for secure consensus computations , 2007, 2007 46th IEEE Conference on Decision and Control.

[38]  Göran N Ericsson,et al.  Cyber Security and Power System Communication—Essential Parts of a Smart Grid Infrastructure , 2010, IEEE Transactions on Power Delivery.

[39]  Richard M. Karp,et al.  Randomized rumor spreading , 2000, Proceedings 41st Annual Symposium on Foundations of Computer Science.

[40]  Hideki Hashimoto,et al.  Path tracking control of mobile robots using a quadratic curve , 1996, Proceedings of Conference on Intelligent Vehicles.

[41]  J. Maxwell I. On governors , 1868, Proceedings of the Royal Society of London.

[42]  Ning Lu,et al.  Smart-grid security issues , 2010, IEEE Security & Privacy.

[43]  Johannes Gehrke,et al.  Gossip-based computation of aggregate information , 2003, 44th Annual IEEE Symposium on Foundations of Computer Science, 2003. Proceedings..

[44]  Reza Olfati-Saber,et al.  Consensus and Cooperation in Networked Multi-Agent Systems , 2007, Proceedings of the IEEE.

[45]  Pierre-Alexandre Bliman,et al.  Average consensus problems in networks of agents with delayed communications , 2005, Proceedings of the 44th IEEE Conference on Decision and Control.

[46]  Kay Chen Tan,et al.  A competitive and cooperative co-evolutionary approach to multi-objective particle swarm optimization algorithm design , 2010, Eur. J. Oper. Res..

[47]  Leslie Lamport,et al.  The Byzantine Generals Problem , 1982, TOPL.

[48]  Stephen S. Yau,et al.  An Adaptive Tradeoff Model for Service Performance and Security in Service-Based Systems , 2009, 2009 IEEE International Conference on Web Services.

[49]  F. Bullo,et al.  On Synchronous Robotic Networks—Part II: Time Complexity of Rendezvous and Deployment Algorithms , 2007, IEEE Transactions on Automatic Control.

[50]  Wolfgang Granzer,et al.  Security in Building Automation Systems , 2010, IEEE Transactions on Industrial Electronics.

[51]  Peng Yang,et al.  Distributed estimation and control of swarm formation statistics , 2006, 2006 American Control Conference.

[52]  Rajarathnam Chandramouli,et al.  Opportunistic Encryption: A Trade-Off between Security and Throughput in Wireless Networks , 2007, IEEE Transactions on Dependable and Secure Computing.

[53]  Heejo Lee,et al.  This article has been accepted for inclusion in a future issue of this journal. Content is final as presented, with the exception of pagination. INVITED PAPER Cyber–Physical Security of a Smart Grid Infrastructure , 2022 .

[54]  Reza Olfati-Saber,et al.  Flocking for multi-agent dynamic systems: algorithms and theory , 2006, IEEE Transactions on Automatic Control.

[55]  S. Shankar Sastry,et al.  Research Challenges for the Security of Control Systems , 2008, HotSec.

[56]  S.K.S. Gupta,et al.  A Modeling Framework for Evaluating Effectiveness of Smart-Infrastructure Crises Management Systems , 2008, 2008 IEEE Conference on Technologies for Homeland Security.

[57]  Lucia Lo Bello,et al.  Multichannel Superframe Scheduling for IEEE 802.15.4 Industrial Wireless Sensor Networks , 2012, IEEE Transactions on Industrial Informatics.

[58]  F. Careri,et al.  Strategic bidding in a day-ahead market by coevolutionary genetic algorithms , 2010, IEEE PES General Meeting.

[59]  F. Bullo,et al.  On Synchronous Robotic Networks—Part I: Models, Tasks, and Complexity , 2005, IEEE Transactions on Automatic Control.

[60]  Venugopal V. Veeravalli,et al.  Decentralized detection in sensor networks , 2003, IEEE Trans. Signal Process..

[61]  Stephen P. Boyd,et al.  Fast linear iterations for distributed averaging , 2003, 42nd IEEE International Conference on Decision and Control (IEEE Cat. No.03CH37475).

[62]  Mo-Yuen Chow,et al.  A digital testbed for a PHEV/PEV enabled parking lot in a Smart Grid environment , 2012, 2012 IEEE PES Innovative Smart Grid Technologies (ISGT).

[63]  Antonio Bicchi,et al.  Consensus Computation in Unreliable Networks: A System Theoretic Approach , 2010, IEEE Transactions on Automatic Control.

[64]  Soummya Kar,et al.  Topology for Distributed Inference on Graphs , 2006, IEEE Transactions on Signal Processing.

[65]  Chi-Ho Tsang,et al.  Multi-agent intrusion detection system in industrial network using ant colony clustering approach and unsupervised feature extraction , 2005, 2005 IEEE International Conference on Industrial Technology.

[66]  Kiseon Kim,et al.  A Prototype for Hardware-in-the-Loop Simulation of a Distributed Control Architecture , 2008, IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews).

[67]  Mo-Yuen Chow,et al.  Networked Control System: Overview and Research Trends , 2010, IEEE Transactions on Industrial Electronics.

[68]  Stephen P. Boyd,et al.  Randomized gossip algorithms , 2006, IEEE Transactions on Information Theory.

[69]  Mo-Yuen Chow,et al.  Optimal Tradeoff Between Performance and Security in Networked Control Systems Based on Coevolutionary Algorithms , 2012, IEEE Transactions on Industrial Electronics.

[70]  Mehran Mesbahi,et al.  On state-dependent dynamic graphs and their controllability properties , 2004, 2004 43rd IEEE Conference on Decision and Control (CDC) (IEEE Cat. No.04CH37601).

[71]  Paul Resnick,et al.  The value of reputation on eBay: A controlled experiment , 2002 .

[72]  R.M. Murray,et al.  Asynchronous Distributed Averaging on Communication Networks , 2007, IEEE/ACM Transactions on Networking.

[73]  Azzedine Boukerche,et al.  A Cross-Layer Approach-Based Gnutella for Collaborative Virtual Environments over Mobile Ad Hoc Networks , 2010, IEEE Transactions on Parallel and Distributed Systems.

[74]  Vijay Kumar,et al.  Leader-to-formation stability , 2004, IEEE Transactions on Robotics and Automation.

[75]  Richard M. Murray,et al.  Consensus problems in networks of agents with switching topology and time-delays , 2004, IEEE Transactions on Automatic Control.

[76]  Peng Ning,et al.  Secure distributed control in unreliable D-NCS , 2012, 2012 IEEE International Symposium on Industrial Electronics.

[77]  Siddharth Sridhar,et al.  Cyber–Physical System Security for the Electric Power Grid , 2012, Proceedings of the IEEE.

[78]  Mo-Yuen Chow,et al.  Optimal Stabilizing Gain Selection for Networked Control Systems With Time Delays and Packet Losses , 2009, IEEE Transactions on Control Systems Technology.

[79]  Audun Jøsang,et al.  AIS Electronic Library (AISeL) , 2017 .

[80]  Mark E. J. Newman,et al.  The Structure and Function of Complex Networks , 2003, SIAM Rev..

[81]  Meikang Qiu,et al.  Static Security Optimization for Real-Time Systems , 2009, IEEE Transactions on Industrial Informatics.

[82]  Peng Ning,et al.  Reasoning about complementary intrusion evidence , 2004, 20th Annual Computer Security Applications Conference.

[83]  Mo-Yuen Chow,et al.  Performance Evaluation of an EDA-Based Large-Scale Plug-In Hybrid Electric Vehicle Charging Algorithm , 2012, IEEE Transactions on Smart Grid.

[84]  E.J. Byres,et al.  Industrial cybersecurity for power system and SCADA networks , 2005, Record of Conference Papers Industry Applications Society 52nd Annual Petroleum and Chemical Industry Conference.

[85]  Mo-Yuen Chow,et al.  CGA based performance-security trade-off optimization in a networked DC motor system , 2012, 2012 IEEE International Symposium on Industrial Electronics.

[86]  Randal W. Beard,et al.  Distributed Consensus in Multi-vehicle Cooperative Control - Theory and Applications , 2007, Communications and Control Engineering.

[87]  Mo-Yuen Chow,et al.  A Survey on the Electrification of Transportation in a Smart Grid Environment , 2012, IEEE Transactions on Industrial Informatics.

[88]  Mark Newman,et al.  Networks: An Introduction , 2010 .

[89]  Wenye Wang,et al.  Performance Assessment of Data and Time-Sensitive Wireless Distributed Networked-Control-Systems in Presence of Information Security , 2007, MILCOM 2007 - IEEE Military Communications Conference.

[90]  Richard M. Murray,et al.  Approximate distributed Kalman filtering in sensor networks with quantifiable performance , 2005, IPSN 2005. Fourth International Symposium on Information Processing in Sensor Networks, 2005..

[91]  Manfredi Maggiore,et al.  Necessary and sufficient graphical conditions for formation control of unicycles , 2005, IEEE Transactions on Automatic Control.

[92]  Shreyas Sundaram,et al.  Reputation-based networked control with data-corrupting channels , 2011, HSCC '11.

[93]  Mitchell A. Potter,et al.  EVOLVING NEURAL NETWORKS WITH COLLABORATIVE SPECIES , 2006 .

[94]  Rudolf Paul Wiegand,et al.  An analysis of cooperative coevolutionary algorithms , 2004 .

[95]  Jean-Yves Le Boudec,et al.  Performance analysis of the CONFIDANT protocol , 2002, MobiHoc '02.

[96]  Kenneth A. De Jong,et al.  Cooperative Coevolution: An Architecture for Evolving Coadapted Subcomponents , 2000, Evolutionary Computation.

[97]  George J. Pappas,et al.  Controlling Connectivity of Dynamic Graphs , 2005, Proceedings of the 44th IEEE Conference on Decision and Control.

[98]  M. Cao,et al.  A Lower Bound on Convergence of a Distributed Network Consensus Algorithm , 2005, Proceedings of the 44th IEEE Conference on Decision and Control.

[99]  M. Alighanbari,et al.  Decentralized Task Assignment for Unmanned Aerial Vehicles , 2005, Proceedings of the 44th IEEE Conference on Decision and Control.

[100]  Lang Tong,et al.  Malicious Data Attacks on the Smart Grid , 2011, IEEE Transactions on Smart Grid.

[101]  Stephen P. Boyd,et al.  Gossip algorithms: design, analysis and applications , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[102]  Radia J. Perlman,et al.  Network security - private communication in a public world , 2002, Prentice Hall series in computer networking and distributed systems.

[103]  Peng Ning,et al.  False data injection attacks against state estimation in electric power grids , 2009, CCS.

[104]  Thomas P. von Hoff,et al.  Security for Industrial Communication Systems , 2005, Proceedings of the IEEE.

[105]  José M. F. Moura,et al.  Distributed detection over time varying networks: Large deviations analysis , 2010, 2010 48th Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[106]  William B. Dunbar,et al.  Cooperative control of multi-vehicle systems using cost graphs and optimization , 2003, Proceedings of the 2003 American Control Conference, 2003..

[107]  Ali H. Sayed,et al.  Diffusion LMS-based distributed detection over adaptive networks , 2009, 2009 Conference Record of the Forty-Third Asilomar Conference on Signals, Systems and Computers.

[108]  E.M. Atkins,et al.  A survey of consensus problems in multi-agent coordination , 2005, Proceedings of the 2005, American Control Conference, 2005..

[109]  Shreyas Sundaram,et al.  Distributed Function Calculation via Linear Iterative Strategies in the Presence of Malicious Agents , 2011, IEEE Transactions on Automatic Control.

[110]  Mo-Yuen Chow,et al.  Predictive control of multiple UGVs in a NCS with adaptive bandwidth allocation , 2009, 2009 35th Annual Conference of IEEE Industrial Electronics.

[111]  Kay Chen Tan,et al.  A distributed Cooperative coevolutionary algorithm for multiobjective optimization , 2006, IEEE Transactions on Evolutionary Computation.

[112]  Francisco Maciá Pérez,et al.  Network Intrusion Detection System Embedded on a Smart Sensor , 2011, IEEE Transactions on Industrial Electronics.