Resilient control in the presence of DoS attack: Switched system approach

This paper studies the switched resilient control of the Cyber-Physical Systems (CPSs) under Denial-of-Service (DoS) attack. We interpret the term ‘resilience’ as the ability to be both robust to the external disturbances in the physical layer, and defending against DoS attacks in the cyber layer. A hybrid-theoretical framework is proposed which is comprised of a physical control subsystem, a cyber security subsystem, and an interface which integrates the control design with the security configuration. Within this framework, the controller will switch in accordance with the competing result of the cyber attacker and defender. Our approach highlights the interaction between the physical control layer and cyber security layer and achieves the goal of coupled design. Some algorithms are provided to obtain the so-called joint defense strategies. Finally, the proposed method is applied to the voltage regulation of the Uninterrupted Power System (UPS).

[1]  John Y. Hung,et al.  Denial of service attacks on network-based control systems: impact and mitigation , 2005, IEEE Transactions on Industrial Informatics.

[2]  Xavier Litrico,et al.  Cyber Security of Water SCADA Systems—Part I: Analysis and Experimentation of Stealthy Deception Attacks , 2013, IEEE Transactions on Control Systems Technology.

[3]  S. Shankar Sastry,et al.  Understanding the physical and economic consequences of attacks on control systems , 2009, Int. J. Crit. Infrastructure Prot..

[4]  Minghui Zhu,et al.  Stackelberg-game analysis of correlated attacks in cyber-physical systems , 2011, Proceedings of the 2011 American Control Conference.

[5]  Tansu Alpcan,et al.  Network Security , 2010 .

[6]  Marvin K. Nakayama,et al.  A Markovian Dependability Model with Cascading Failures , 2009, IEEE Transactions on Computers.

[7]  Quanyan Zhu,et al.  Resilient control of cyber-physical systems against Denial-of-Service attacks , 2013, 2013 6th International Symposium on Resilient Control Systems (ISRCS).

[8]  Csaba Szepesvári,et al.  A Unified Analysis of Value-Function-Based Reinforcement-Learning Algorithms , 1999, Neural Computation.

[9]  A. Morse,et al.  Basic problems in stability and design of switched systems , 1999 .

[10]  David Geer Security of critical control systems sparks concern , 2006, Computer.

[11]  Guang-Hong Yang,et al.  Fault Detection for T–S Fuzzy Systems With Unknown Membership Functions , 2014, IEEE Transactions on Fuzzy Systems.

[12]  Guang-Hong Yang,et al.  Switching-Type H∞ Filter Design for T - S Fuzzy Systems With Unknown or Partially Unknown Membership Functions , 2013, IEEE Transactions on Fuzzy Systems.

[13]  Sonia Martínez,et al.  On the Performance Analysis of Resilient Networked Control Systems Under Replay Attacks , 2013, IEEE Transactions on Automatic Control.

[14]  Guang-Hong Yang,et al.  Robust adaptive fault-tolerant control for uncertain linear systems with actuator failures , 2012 .

[15]  Saurabh Amin,et al.  In quest of benchmarking security risks to cyber-physical systems , 2013, IEEE Network.

[16]  Johan Löfberg,et al.  YALMIP : a toolbox for modeling and optimization in MATLAB , 2004 .

[17]  L. Shapley,et al.  Stochastic Games* , 1953, Proceedings of the National Academy of Sciences.

[18]  Moshe Zakai,et al.  On the Ultimate Boundedness of Moments Associated with Solutions of Stochastic Differential Equations , 1967 .

[19]  Bruno Sinopoli,et al.  Secure control against replay attacks , 2009, 2009 47th Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[20]  Michael P. Wellman,et al.  Nash Q-Learning for General-Sum Stochastic Games , 2003, J. Mach. Learn. Res..

[21]  Fuwen Yang,et al.  H∞ control for networked systems with random communication delays , 2006, IEEE Trans. Autom. Control..

[22]  Xiapu Luo,et al.  Modeling the Vulnerability of Feedback-Control Based Internet Services to Low-Rate DoS Attacks , 2014, IEEE Transactions on Information Forensics and Security.

[23]  Michael D. Lemmon,et al.  Resilient event triggered systems with limited communication , 2012, 2012 IEEE 51st IEEE Conference on Decision and Control (CDC).

[24]  Chris Cannings,et al.  Stochastic Games and Related Topics , 1991 .

[25]  Quanyan Zhu,et al.  Robust and resilient control design for cyber-physical systems with an application to power systems , 2011, IEEE Conference on Decision and Control and European Control Conference.

[26]  Jonathan Matusitz,et al.  Cyberterrorism: Its Effects on Health-Related Infrastructures , 2008, J. Digit. Forensic Pract..

[27]  T. E. S. Raghavan,et al.  Stochastic games and related topics : in honor of Professor L.S. Shapley , 1991 .

[28]  Quanyan Zhu,et al.  A hierarchical security architecture for cyber-physical systems , 2011, 2011 4th International Symposium on Resilient Control Systems.

[29]  Pin-Han Ho,et al.  Janus: A dual-purpose analytical model for understanding, characterizing and countermining multi-stage collusive attacks in enterprise networks , 2009, J. Netw. Comput. Appl..

[30]  David I. Gertman,et al.  Resilient control systems: Next generation design research , 2009, 2009 2nd Conference on Human System Interactions.

[31]  Xavier Litrico,et al.  Cyber Security of Water SCADA Systems—Part II: Attack Detection Using Enhanced Hydrodynamic Models , 2013, IEEE Transactions on Control Systems Technology.

[32]  E. Boukas,et al.  Exponential H∞ filtering for uncertain discrete‐time switched linear systems with average dwell time: A µ‐dependent approach , 2008 .

[33]  Quanyan Zhu,et al.  Dynamic policy-based IDS configuration , 2009, Proceedings of the 48h IEEE Conference on Decision and Control (CDC) held jointly with 2009 28th Chinese Control Conference.

[34]  George Kesidis,et al.  Denial-of-service attack-detection techniques , 2006, IEEE Internet Computing.

[35]  Yuanqing Xia,et al.  Analysis and Synthesis of Delta Operator Systems , 2012 .

[36]  Vinay M. Igure,et al.  Security issues in SCADA networks , 2006, Comput. Secur..